Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Image resource errors with "Can't close tar writer" ... "failed to read downloaded context ... status 403" #967

Open
AaronFriel opened this issue Jan 29, 2024 · 12 comments
Open

Image resource errors with "Can't close tar writer" ... "failed to read downloaded context ... status 403" #967

AaronFriel opened this issue Jan 29, 2024 · 12 comments
Labels
awaiting-upstream The issue cannot be resolved without action in another repository (may be owned by Pulumi). blocked The issue cannot be resolved without 3rd party action. kind/bug Some behavior is incorrect or out of spec size/S Estimated effort to complete (1-2 days).

Comments

@AaronFriel
Copy link
Contributor

What happened?

After enabling the "Containerd image store" (see docker/roadmap#371), I see errors during a Pulumi deployment like the following:

  pulumi:pulumi:Stack (pulumi-ai-...):
    ...
    time="2024-01-29T11:01:45-08:00" level=error msg="Can't add file [redacted] to tar: io: read/write on closed pipe"
    time="2024-01-29T11:01:45-08:00" level=error msg="Can't close tar writer: io: read/write on closed pipe"
    time="2024-01-29T11:01:45-08:00" level=error msg="Can't add file [redacted] to tar: io: read/write on closed pipe"
    time="2024-01-29T11:01:45-08:00" level=error msg="Can't close tar writer: io: read/write on closed pipe"

  docker:index:Image (lambda-image):
    error: error reading build output: failed to read downloaded context: failed to load cache key: invalid response status 403

Example

The examples should be sufficient to trigger this bug.

Output of pulumi about

Dependencies:
NAME             VERSION
@pulumi/aws      5.42.0
@pulumi/random   4.13.2
ts-node          10.9.1
@types/node      16.18.38
@pulumi/pulumi   3.74.0
@pulumi/docker   4.5.0
@pulumi/command  0.8.2

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
@AaronFriel AaronFriel added kind/bug Some behavior is incorrect or out of spec needs-triage Needs attention from the triage team labels Jan 29, 2024
@mjeffryes mjeffryes added area/buildx and removed needs-triage Needs attention from the triage team labels Jan 31, 2024
@bernadinm
Copy link

Confirmed. I ran into this issue as well.

@didlawowo
Copy link

got the same

@shmanny
Copy link

shmanny commented Apr 14, 2024

I believe I'm seeing the same. If I build the image locally without Pulumi, everything runs fine but if I build the image with Pulumi Docker then I get the same errors as above. Is there a way to downgrade something as a work around?

@AaronFriel
Copy link
Contributor Author

In Docker Desktop, can you try disabling the "containerd image store"?

@shmanny
Copy link

shmanny commented Apr 14, 2024

Apologies, it looks like containerd image store was already disabled in my environment so my issue must be unrelated.

@KrzysztofZawisla
Copy link

I have the same issue. It happens on MacOS and Windows. Switching the containerd image store option doesn't help either

@blampe
Copy link
Contributor

blampe commented Apr 26, 2024

@KrzysztofZawisla @shmanny @AaronFriel @didlawowo @bernadinm and anyone else affected, can you please provide the output of pulumi about as well as docker version? That will help narrow things down -- thanks!

@blampe blampe added awaiting-feedback Blocked on input from the author and removed area/buildx labels Apr 26, 2024
@yukimotochern
Copy link

$ pulumi about [21:59:19]
CLI
Version 3.115.2
Go Version go1.22.2
Go Compiler gc

Host
OS darwin
Version 14.4.1
Arch arm64

$ docker version [22:00:52]
Client:
Cloud integration: v1.0.35+desktop.13
Version: 26.1.1
API version: 1.45
Go version: go1.21.9
Git commit: 4cf5afa
Built: Tue Apr 30 11:44:56 2024
OS/Arch: darwin/arm64
Context: desktop-linux

Server: Docker Desktop 4.30.0 (149282)
Engine:
Version: 26.1.1
API version: 1.45 (minimum version 1.24)
Go version: go1.21.9
Git commit: ac2de55
Built: Tue Apr 30 11:48:04 2024
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: 1.6.31
GitCommit: e377cd56a71523140ca6ae87e30244719194a521
runc:
Version: 1.1.12
GitCommit: v1.1.12-0-g51d5e94
docker-init:
Version: 0.19.0
GitCommit: de40ad0

@mjeffryes mjeffryes added needs-triage Needs attention from the triage team and removed awaiting-feedback Blocked on input from the author labels May 20, 2024
@blampe blampe added the needs-repro Needs repro steps before it can be triaged or fixed label May 28, 2024
@blampe
Copy link
Contributor

blampe commented May 28, 2024
edited
Loading

This repros for me using the docker-container-registry/ts example and the containerd backend. There's some log parsing logic which I suspect isn't handling containerd messages correctly.

You may want to consider the new docker-build provider as a workaround.

@blampe blampe added size/S Estimated effort to complete (1-2 days). and removed needs-triage Needs attention from the triage team needs-repro Needs repro steps before it can be triaged or fixed labels May 28, 2024
@blampe blampe self-assigned this May 28, 2024
@blampe
Copy link
Contributor

blampe commented May 31, 2024

Unfortunately the legacy build APIs we use in this provider aren't compatible with containerd due to moby/moby#47717. Until that's resolved the recommendation is to disable the containerd snapshotter ( "features": { "containerd-snapshotter": false } in your engine config) or use the newer docker-build provider as previously mentioned.

For anyone who's disabled containerd and is still experiencing problems, please include the full error message you're seeing as well as the output of docker system info. As far as I can tell this "failed to load cache key" error is unique to containerd, so I suspect something else is going on.

@blampe blampe added awaiting-upstream The issue cannot be resolved without action in another repository (may be owned by Pulumi). blocked The issue cannot be resolved without 3rd party action. labels May 31, 2024
@blampe blampe removed their assignment May 31, 2024
@bogdannazarenko
Copy link

Disabling "Use containerd for pulling and storing images" fixed for me

@pavelbinar
Copy link

@blampe Switched to docker-build - all good, thanks 👍🏻

@blampe blampe mentioned this issue Aug 9, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
awaiting-upstream The issue cannot be resolved without action in another repository (may be owned by Pulumi). blocked The issue cannot be resolved without 3rd party action. kind/bug Some behavior is incorrect or out of spec size/S Estimated effort to complete (1-2 days).
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@AaronFriel @blampe @pavelbinar @mjeffryes @bernadinm @didlawowo @bogdannazarenko @shmanny @yukimotochern @KrzysztofZawisla