Search code examples
imagecontainerscoreospodman

Why is Podman trying to pull an image that already exists after loading from file?

I am working in an air-gapped environment running Fedora CoreOS which comes packaged with Podman. I have several container images I have been working on transporting into the air-gapped environment. In order to do this I have followed these steps:

  1. I acquired the images on a machine with internet access. Some of the images were pulled into Podman from my Docker registry using podman pull docker-daemon:docker.io/my-example-image:latest while some were pulled directly from the online repositories using podman pull.
  2. I saved the images to a tar file using (for example) podman save docker.io/my-example-image:latest -o my-example-image.tar
  3. I transported the tar files to the air-gapped environment on physical media and loaded them using podman load -i my-example-image.tar

When I check the images using podman images they all appear in the images list. However, if I try to run a container from one of these images, using sudo podman run docker.io/my-example-image I get a long error message:

Trying to pull docker.io/my-example-image
Get "https://registry-1.docker.io/v2/": dial tcp: lookup registry-1.docker.io on [::1}:53: read udp [::1]:50762 ->
  [::1]:53: read: connection refused
Error: unable to pull docker.io/my-example-image: Error initializing source docker://my-example-image:latest:
  error pinging docker registry registry-1.docker.io: Get "https://registry-1.docker.io/v2/": dial tcp: lookup
  registry-1.docker.io on [::1]:53: read udp [::1]50762 -> [::1]:53: read: connection refused

I get a similar message for images that were acquired from other repositories like quay.io

It seems to me that the error is caused by the machine's inability to establish a connection with a registry, which makes sense to me considering that the environment is air-gapped. But I am not sure why podman is even trying to pull these images when they already exist in the environment as confirmed by podman images

I have tried using various ways of referencing the image within the podman run command including

sudo podman run docker.io/my-example-image:latest sudo podman run my-example-image sudo podman run my-example-image:latest

I have tried searching for a solution to this problem to no avail and would very much appreciate any guidance on this.

Solution

  • Each user has its own container storage.

    The user root uses the directory /var/lib/containers/

    Normal users use the directory ~/.local/share/containers/

    The command podman load -i my-example-image.tar will use the directory ~/.local/share/containers/

    The command sudo podman run docker.io/my-example-image will use the directory /var/lib/containers

    If you would like to share a read-only container storage between users, check out the setting additionalimagestores in the file storage.conf

    [storage.options]
additionalimagestores = [ "/var/lib/mycontainers",]

    Reference: https://www.redhat.com/sysadmin/image-stores-podman