-
Notifications
You must be signed in to change notification settings - Fork 257
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
containers: work around protobuf package issues #1038
Conversation
Work around errors related to protobuf package locations on centos. This is triggered by our squid jobs failing with errors like: ``` 22.40 Problem: protobuf-3.14.0-13.el9.i686 from appstream does not belong to a distupgrade repository 22.40 - package protobuf-compiler-3.14.0-13.el9.x86_64 from @System requires protobuf = 3.14.0-13.el9, but none of the providers can be installed 22.40 - cannot install both protobuf-3.14.0-14.el9.x86_64 from appstream and protobuf-3.14.0-13.el9.x86_64 from @System 22.40 - cannot install both protobuf-3.14.0-14.el9.x86_64 from appstream and protobuf-3.14.0-13.el9.x86_64 from appstream 22.40 - cannot install the best update candidate for package protobuf-3.14.0-13.el9.x86_64 22.40 - problem with installed package protobuf-compiler-3.14.0-13.el9.x86_64 22.40 (try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages) ------ ``` Signed-off-by: John Mulligan <[email protected]>
ca24949
to
42c7c75
Compare
@anoopcs9 - I added a workaround for the squid protobof changes. I had to tweak things a little to get it working on the centos8 images we still have (octopus, pacific, quincy) in the CI. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm hopeful that we get a new squid
image with updated packages so that this workaround won't last much longer.
In general it is not a best practice to blindly update packages as a whole while building another from a base container image. Historically this step was required due to the introduction of version specific installation[1] of packages i.e, we extract the package version that comes with the base container image and try to install the matching development libraries which might be unavailable close to a new release happening in upstream. In order to overcome this short gap we came up with the idea of `yum update`[2] to fetch whatever is the latest and then extract the version for further installation of development libraries. This seemed to work until we discovered a different issue where updated versions for particular dependencies are pushed to standard repositories causing problems[3] during `yum update`. Ceph repositories(and packages) are now more robust and DNF is capable of handling such situations to figure out the new/updated versions for packages even if a match is not found with the already installed package versions. Ideally it can never be the case that matching packages for each version are missing from a particular repository directory(only the links to the directories is supposed to change). Thus in our best interest we avoid running `yum update`. [1] ceph#331 [2] ceph#510 [3] ceph#1038 Signed-off-by: Anoop C S <[email protected]>
In general it is not a best practice to blindly update packages as a whole while building another from a base container image. Historically this step was required due to the introduction of version specific installation[1] of packages i.e, we extract the package version that comes with the base container image and try to install the matching development libraries which might be unavailable close to a new release happening in upstream. In order to overcome this short gap we came up with the idea of `yum update`[2] to fetch whatever is the latest and then extract the version for further installation of development libraries. This seemed to work until we discovered a different issue where updated versions for particular dependencies are pushed to standard repositories causing problems[3] during `yum update`. Ceph repositories(and packages) are now more robust and DNF is capable of handling such situations to figure out the new/updated versions for packages even if a match is not found with the already installed package versions. Ideally it can never be the case that matching packages for each version are missing from a particular repository directory(only the links to the directories is supposed to change). Thus in our best interest we avoid running `yum update`. [1] ceph#331 [2] ceph#510 [3] ceph#1038 Signed-off-by: Anoop C S <[email protected]>
In general it is not a best practice to blindly update packages as a whole while building another from a base container image. Historically this step was required due to the introduction of version specific installation[1] of packages i.e, we extract the package version that comes with the base container image and try to install the matching development libraries which might be unavailable close to a new release happening in upstream. In order to overcome this short gap we came up with the idea of `yum update`[2] to fetch whatever is the latest and then extract the version for further installation of development libraries. This seemed to work until we discovered a different issue where updated versions for particular dependencies are pushed to standard repositories causing problems[3] during `yum update`. Ceph repositories(and packages) are now more robust and DNF is capable of handling such situations to figure out the new/updated versions for packages even if a match is not found with the already installed package versions. Ideally it can never be the case that matching packages for each version are missing from a particular repository directory(only the links to the directories is supposed to change). Thus in our best interest we avoid running `yum update`. [1] ceph#331 [2] ceph#510 [3] ceph#1038 Signed-off-by: Anoop C S <[email protected]>
In general it is not desirable to blindly update packages as a whole while building another from a base container image. Historically this step was required due to the introduction of version specific installation[1] of packages i.e, we extract the package version that comes with the base container image and try to install the matching development libraries which might be unavailable close to a new release happening in upstream. In order to overcome this short gap we came up with the idea of `yum update`[2] to fetch whatever is the latest and then extract the version for further installation of development libraries. This seemed to work until we discovered a different issue where updated versions for particular dependencies are pushed to standard repositories causing problems[3] during `yum update`. Ceph repositories(and packages) are now more robust and DNF is capable of handling such situations to figure out the new/updated versions for packages even if a match is not found with the already installed package versions. Ideally it can never be the case that matching packages for each version are missing from a particular repository directory(only the links to the directories is supposed to change). Thus in our best interest we avoid running `yum update`. [1] ceph#331 [2] ceph#510 [3] ceph#1038 Signed-off-by: Anoop C S <[email protected]>
In general it is not desirable to blindly update packages as a whole while building another from a base container image. Historically this step was required due to the introduction of version specific installation[1] of packages i.e, we extract the package version that comes with the base container image and try to install the matching development libraries which might be unavailable close to a new release happening in upstream. In order to overcome this short gap we came up with the idea of `yum update`[2] to fetch whatever is the latest and then extract the version for further installation of development libraries. This seemed to work until we discovered a different issue where updated versions for particular dependencies are pushed to standard repositories causing problems[3] during `yum update`. Ceph repositories(and packages) are now more robust and DNF is capable of handling such situations to figure out the new/updated versions for packages even if a match is not found with the already installed package versions. Ideally it can never be the case that matching packages for each version are missing from a particular repository directory(only the links to the directories is supposed to change). Thus in our best interest we avoid running `yum update`. [1] ceph#331 [2] ceph#510 [3] ceph#1038 Signed-off-by: Anoop C S <[email protected]>
In general it is not desirable to blindly update packages as a whole while building another from a base container image. Historically this step was required due to the introduction of version specific installation[1] of packages i.e, we extract the package version that comes with the base container image and try to install the matching development libraries which might be unavailable close to a new release happening in upstream. In order to overcome this short gap we came up with the idea of `yum update`[2] to fetch whatever is the latest and then extract the version for further installation of development libraries. This seemed to work until we discovered a different issue where updated versions for particular dependencies are pushed to standard repositories causing problems[3] during `yum update`. Ceph repositories(and packages) are now more robust and DNF is capable of handling such situations to figure out the new/updated versions for packages even if a match is not found with the already installed package versions. Ideally it can never be the case that matching packages for each version are missing from a particular repository directory(only the links to the directories is supposed to change). Thus in our best interest we avoid running `yum update`. [1] ceph#331 [2] ceph#510 [3] ceph#1038 Signed-off-by: Anoop C S <[email protected]>
In general it is not desirable to blindly update packages as a whole while building another from a base container image. Historically this step was required due to the introduction of version specific installation[1] of packages i.e, we extract the package version that comes with the base container image and try to install the matching development libraries which might be unavailable close to a new release happening in upstream. In order to overcome this short gap we came up with the idea of `yum update`[2] to fetch whatever is the latest and then extract the version for further installation of development libraries. This seemed to work until we discovered a different issue where updated versions for particular dependencies are pushed to standard repositories causing problems[3] during `yum update`. Ceph repositories(and packages) are now more robust and DNF is capable of handling such situations to figure out the new/updated versions for packages even if a match is not found with the already installed package versions. Ideally it can never be the case that matching packages for each version are missing from a particular repository directory(only the links to the directories is supposed to change). Thus in our best interest we avoid running `yum update`. [1] #331 [2] #510 [3] #1038 Signed-off-by: Anoop C S <[email protected]>
Work around errors related to protobuf package locations on centos. This is triggered by our squid jobs failing with errors like:
I tested this change on both squid and reef locally and both built the ci image successfully.