Description of problem: I cannot install from or update yum inside Docker. RUN yum install make automake gcc gcc-c++ kernel-devel tar wget ---> Running in 04cdfe47b7ac One of the configured repositories failed (Fedora 21 - x86_64), and yum doesn't have enough cached data to continue. At this point the only safe thing yum can do is fail. There are a few ways to work "fix" this: 1. Contact the upstream for the repository and get them to fix the problem. 2. Reconfigure the baseurl/etc. for the repository, to point to a working upstream. This is most often useful if you are using a newer distribution release than is supported by the repository (and the packages for the previous distribution release still work). 3. Disable the repository, so yum won't use it by default. Yum will then just ignore the repository until you permanently enable it again or use --enablerepo for temporary usage: yum-config-manager --disable fedora 4. Configure the failing repository to be skipped, if it is unavailable. Note that yum will try to contact the repo. when it runs most commands, so will have to try and fail each time (and thus. yum will be be much slower). If it is a very temporary problem though, this is often a nice compromise: yum-config-manager --save --setopt=fedora.skip_if_unavailable=true Cannot retrieve metalink for repository: fedora/21/x86_64. Please verify its path and try again Version-Release number of selected component (if applicable): Docker 1.4.1 Fedora:latest How reproducible: Seems rare, but I can find others with the issue (e.g. https://registry.hub.docker.com/_/fedora/ see comment from crackcomm) Steps to Reproduce: 1. Take any examples https://github.com/fedora-cloud/Fedora-Dockerfiles 2. docker build an example 3. Wait for yum update / install Actual results: Yum errors and exits. Expected results: Yum update / install
Do you see this problem on fedora:rawhide or fedora:20 as well? re: fedora:latest, it'd have been great to know if you're able to ping an IP address successfully from a fedora:latest container, but looks like ping isn't available by default in fedora:latest and even upon installation I see /usr/bin/ping: Operation not permitted. This is something that we/I need to sort out with rel-eng. So instead, please try this on rawhide instead: $ sudo docker run -it fedora:rawhide bash $ ping 8.8.8.8 ..and let me know how that goes. also, could you post your /etc/resolv.conf from the host, fedora:latest and fedora:rawhide.
Reopening. (me too) Seems like an SSL problem when connecting to mirrors.fedoraproject.org I'm trying fedora:rawhide from Ubuntu (14.04) host: $ docker run -it fedora:rawhide bash bash-4.3# yum update One of the configured repositories failed (Fedora - Rawhide - Developmental packages for the next Fedora release), and yum doesn't have enough cached data to continue. At this point the only safe thing yum can do is fail. There are a few ways to work "fix" this: 1. Contact the upstream for the repository and get them to fix the problem. 2. Reconfigure the baseurl/etc. for the repository, to point to a working upstream. This is most often useful if you are using a newer distribution release than is supported by the repository (and the packages for the previous distribution release still work). 3. Disable the repository, so yum won't use it by default. Yum will then just ignore the repository until you permanently enable it again or use --enablerepo for temporary usage: yum-config-manager --disable rawhide 4. Configure the failing repository to be skipped, if it is unavailable. Note that yum will try to contact the repo. when it runs most commands, so will have to try and fail each time (and thus. yum will be be much slower). If it is a very temporary problem though, this is often a nice compromise: yum-config-manager --save --setopt=rawhide.skip_if_unavailable=true Cannot retrieve metalink for repository: rawhide/x86_64. Please verify its path and try again bash-4.3# cat /etc/resolv.conf nameserver 8.8.8.8 nameserver 8.8.4.4 search jck bash-4.3# ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=53 time=11.0 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=53 time=10.1 ms ^C --- 8.8.8.8 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 10.140/10.571/11.002/0.431 ms bash-4.3# curl 'https://mirrors.fedoraproject.org/metalink?repo=fedora-debug-rawhide&arch=x86_64' curl: (35) SSL received a record that exceeded the maximum permissible length. bash-4.3# curl -v 'https://mirrors.fedoraproject.org/metalink?repo=fedora-debug-rawhide&arch=x86_64' * Hostname was NOT found in DNS cache * Trying 140.211.169.196... * Connected to mirrors.fedoraproject.org (140.211.169.196) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS error -12263 (SSL_ERROR_RX_RECORD_TOO_LONG) * SSL received a record that exceeded the maximum permissible length. * Closing connection 0 curl: (35) SSL received a record that exceeded the maximum permissible length.
I don't see this as being a docker package issue, but an issue with the Fedora Container or the Mirror site.
I'm seeing this as well (fully updated F21 VM). It seems to be a interaction between the docker build process and some bad data on the mirrors. As an experiment I tried to build the same Dockerfile on a fully update Centos 7 VM and saw the following errors: Step 2 : RUN yum -y update && yum clean all ---> Running in 09b44b3a5c6e http://fedora.mirrors.ovh.net/linux/updates/21/x86_64/repodata/repomd.xml: [Errno -1] repomd.xml does not match metalink for updates Trying other mirror. Resolving Dependencies --> Running transaction check ...snipped for brevity... Downloading packages: Delta RPMs disabled because /usr/bin/applydeltarpm not installed. http://ftp.heanet.ie/pub/fedora/linux/updates/21/x86_64/p/python-2.7.8-9.fc21.x86_64.rpm: [Errno 14] HTTP Error 404 - Not Found Trying other mirror. -------------------------------------------------------------------------------- Total 183 kB/s | 65 MB 06:02 Running transaction check ...snipped for brevity... Complete! Cleaning repos: fedora updates Cleaning up everything ---> a766dc1ef52c Removing intermediate container 09b44b3a5c6e Successfully built a766dc1ef52c As you can see the build eventually succeeded, though it took a very long time.
Again, this is not a docker issue.
Try this: systemctl restart firewalld && systemctl restart docker
You can solve it running "yum clean all" before the "yum update" I my case i add it on a Dockerfile FROM fedora:21 RUN yum clean all && yum update -y && yum upgrade -y