先来说明下,podman是红帽公司在Redhat8中推出的Docker替代产品。最近由于项目需要,帮别人安装podman,并且需要完成基本的配置,保证podman可以使用起来。结果,podman很快就安装好了,可是当我们要pull镜像的时候,却被一个用户命名空间的错误“there might not be enough IDs available in the namespace"困扰了一周。
以下是我遇到的错误:
[javadm@instance-2 ~]$ docker pull ubuntuERRO[0000] cannot find mappings for user javadm: No subuid ranges found for user "javadm" in etc/subuidERRO[0000] cannot find mappings for user javadm: No subuid ranges found for user "javadm" in etc/subuidTrying to pull registry.access.redhat.com/ubuntu...name unknown: Repo not foundTrying to pull registry.fedoraproject.org/ubuntu...manifest unknown: manifest unknownTrying to pull registry.centos.org/ubuntu...manifest unknown: manifest unknownTrying to pull docker.io/library/ubuntu...Getting image source signaturesCopying blob 6154df8ff988 doneCopying blob d51af753c3d3 doneCopying blob fee5db0ff82f doneCopying blob fc878cd0a91c doneCopying config 1d622ef86b doneWriting manifest to image destinationStoring signaturesError processing tar file(exit status 1): there might not be enough IDs available in the namespace (requested 0:42 for etc/gshadow): lchown etc/gshadow: invalid argumentError: error pulling image "ubuntu": unable to pull ubuntu: 4 errors occurred:* Error initializing source docker://registry.access.redhat.com/ubuntu:latest: Error reading manifest latest in registry.access.redhat.com/ubuntu: name unknown: Repo not found* Error initializing source docker://registry.fedoraproject.org/ubuntu:latest: Error reading manifest latest in registry.fedoraproject.org/ubuntu: manifest unknown: manifest unknown* Error initializing source docker://registry.centos.org/ubuntu:latest: Error reading manifest latest in registry.centos.org/ubuntu: manifest unknown: manifest unknown* Error committing the finished image: error adding layer with blob "sha256:d51af753c3d3a984351448ec0f85ddafc580680fd6dfce9f4b09fdb367ee1e3e": Error processing tar file(exit status 1): there might not be enough IDs available in the namespace (requested 0:42 for /etc/gshadow): lchown /etc/gshadow: invalid argument
经过各种折腾,终于找个了根本原因,引用下我自己的博文
https://blog.csdn.net/byygyy/article/details/105740029
其实,只要根据实际情况,设置好命名空间就对了,关键是过程很曲折。
[javadm@localhost ~]$ echo javadm:410000000:500000000 >> /etc/subuid[javadm@localhost ~]$ echo javadm:410000000:500000000 >> /etc/subgid[javadm@localhost ~]$ podman system migrate[javadm@localhost ~]$ podman info
解决后,看下我们如何拉取镜像并运行他。
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker pull nginxTrying to pull registry.access.redhat.com/nginx...unsupported: This repo requires terms acceptance and is only available on registry.redhat.ioTrying to pull registry.fedoraproject.org/nginx...manifest unknown: manifest unknownTrying to pull registry.centos.org/nginx...manifest unknown: manifest unknownTrying to pull docker.io/library/nginx...Getting image source signaturesCopying blob 54fec2fa59d0 doneCopying blob 4ede6f09aefe doneCopying blob f9dc69acb465 doneCopying config 602e111c06 doneWriting manifest to image destinationStoring signatures602e111c06b6934013578ad80554a074049c59441d9bcd963cb4a7feccede7a5[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker run --name nginx-test -p 8080:80 -d nginxd9ec65e4768ed05a7cc99a5a06c2f54ac45d355c346c54adda397ee38ab04883[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESd9ec65e4768e docker.io/library/nginx:latest nginx -g daemon o... 6 seconds ago Up 6 seconds ago 0.0.0.0:8080->80/tcp nginx-test[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ netstat -an|grep 8080tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN
文章转载自运维时刻,如果涉嫌侵权,请发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。
