Docker – Yum update fails -Centos 7 – dockerbuild

centos7dockerdocker-composeyum

I have frequently built docker container using centos 7 as base image. But now I am getting error when I run,

RUN yum update add \
    bash \
    && rm -rfv /var/cache/apk/*

ERROR:
Loaded plugins: fastestmirror, ovl

One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:

  1. Contact the upstream for the repository and get them to fix the problem.

  2. Reconfigure the baseurl/etc. for the repository, to point to a working
    upstream. This is most often useful if you are using a newer
    distribution release than is supported by the repository (and the
    packages for the previous distribution release still work).

  3. Run the command with the repository temporarily disabled
    yum --disablerepo=<repoid> ...

  4. Disable the repository permanently, so yum won't use it by default. Yum
    will then just ignore the repository until you permanently enable it
    again or use --enablerepo for temporary usage:

    yum-config-manager --disable <repoid>

    or

    `subscription-manager repos --disable=<repoid>`

  5. Configure the failing repository to be skipped, if it is unavailable.
    Note that yum will try to contact the repo. when it runs most commands,
    so will have to try and fail each time (and thus. yum will be be much
    slower). If it is a very temporary problem though, this is often a nice
    compromise:

    yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true

Cannot find a valid baseurl for repo: base/7/x86_64 Could not retrieve
mirrorlist
http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=container
error was 14: curl#6 – "Could not resolve host: mirrorlist.centos.org;
Name or service not known" The command '/bin/sh -c yum update add
bash && rm -rfv /var/cache/apk/*' returned a non-zero code: 1

I also saw few resolutions to use "dhclient" but this error happens when i do docker-compose build.

Best Answer

I ran into this problem attempting to run the same Dockerfile, which fetched several software packages using yum, on two different platforms; one macOS, the other an Ubuntu 16.04-based Linux OS (elementaryOS Loki), both using the official packages from docker.com.

My theory is that the Linux package is just more restrictive out of the box, security-wise, than the macOS one. Maybe this is configurable with some kind of /etc/something config file, but I don't have the expertise with Docker to say for sure. EDIT: See my comment below.

What I can say is there was no additional configuration required for me on macOS (10.11 El Capitan); just docker build . worked fine, and yum processes from the Dockerfile were able to reach all the remote repositories.

In the Ubuntu-derived Linux distro, however, it was necessary to use

docker build --network host .

followed by

docker run -it --network host <image> <command>

when I wanted to run a process inside that image which required internet access.

This may be the case for other Debian-derived systems as well.

There are, of course, security considerations which need to be taken into account when allowing a long-running Docker container to communicate through the host network adapter, unrestricted, and one would do well to review the appropriate documentation in that regard.

Related Topic