Today, while pulling the latest Nextcloud container image from the docker.io repository I noticed that it is failing. Looking at the read: connection reset by peer error I assume it could be primarily due to network failure; maybe poor quality of the connection.

Note that Mauritius is far from “everywhere” else and connectivity issues are nothing new.

ish@coffee-bar:~> podman pull docker.io/library/nextcloud
Trying to pull docker.io/library/nextcloud...
Getting image source signatures
Copying blob e0276193a084 done  
Copying blob eb2d00c10344 done  
Copying blob 3a60f364b0c5 done  
Copying blob e0d3d1244592 done  
Copying blob f54006e0dc29 done  
Copying blob 8559a31e96f4 done  
Copying blob b22875b95a2a done  
Copying blob f65316e96b10 done  
Copying blob 3e309988c00b done  
Copying blob 0c78caf16ec3 [======================================] 13.1MiB / 13.2MiB
Copying blob 4fc30aae7ee5 done  
Copying blob 37b016cacdc6 done  
Copying blob fd56bf3cc539 done  
Copying blob e3cd35f544b5 done  
Copying blob 467fea8f6f80 done  
Copying blob 0dc7444f9282 done  
Copying blob 547ae6684264 done  
Copying blob 3139b6de5be7 done  
Copying blob 00e77223b529 done  
Copying blob 2b37e3b3a856 done  
  read tcp 192.168.100.6:33536->104.18.124.25:443: read: connection reset by peer
Error: error pulling image "docker.io/library/nextcloud": unable to pull docker.io/library/nextcloud: unable to pull image: Error writing blob: error storing blob to file "/var/tmp/storage720474498/10": read tcp 192.168.100.6:33536->104.18.124.25:443: read: connection reset by peer

Podman does not retry to copy the image in case of failures.

A few days ago there was a suggestion to implement a similar feature in Podman that is present in Buildah, which provides the image copy retry functionality.

For the curious, the implementation can be seen here.

Container images that are pulled by Buildah are stored in the local repository which can also by accessed by Podman, so that’s an advantage. I tried pulling the Nextcloud container image using Buildah and it completed successfully.

ish@coffee-bar:~> buildah pull nextcloud
Getting image source signatures
Copying blob e0d3d1244592 done  
Copying blob 8559a31e96f4 done  
Copying blob eb2d00c10344 done  
Copying blob 3a60f364b0c5 done  
Copying blob f54006e0dc29 done  
Copying blob e0276193a084 done  
Copying blob f65316e96b10 done  
Copying blob b22875b95a2a done  
Copying blob 3e309988c00b done  
Copying blob 0c78caf16ec3 done  
Copying blob 4fc30aae7ee5 done  
Copying blob 37b016cacdc6 done  
Copying blob e3cd35f544b5 done  
Copying blob fd56bf3cc539 done  
Copying blob 467fea8f6f80 done  
Copying blob 0dc7444f9282 done  
Copying blob 547ae6684264 done  
Copying blob 2b37e3b3a856 done  
Copying blob 00e77223b529 done  
Copying blob 3139b6de5be7 done  
Copying config 327476ebe3 done  
Writing manifest to image destination
Storing signatures
327476ebe3280c7b570d8463edd136956eab120959976b643cb7dbfaa73f98c1

Now, the downloaded container image is also accessible by Podman.

ish@coffee-bar:~> podman images
REPOSITORY                     TAG      IMAGE ID       CREATED        SIZE
docker.io/libreoffice/online   latest   0586fecfa3c1   28 hours ago   2.84 GB
docker.io/library/nextcloud    latest   327476ebe328   3 days ago     774 MB

To conclude, while we are waiting that a retryCopyImage function is available in Podman, we can use Buildah to pull container images that are troublesome due to network issues.

Estu Fardani is a helpful & jovial fellow whom I met at the openSUSE Asia Summit last year in Bali, Indonesia. Recently, for the openSUSE Virtual Summit, Estu did a short presentation on Podman. His presentation video is available on YouTube and slides deck available on Google Slides.

While I am not a fan of alias docker=podman I believe Estu added that part in his slide below to make the Podman transition a bit smoother for users already familiar with Docker commands.

Note that the latest release of openSUSE Leap, i.e version 15.2, comes with support for Podman through the libcontainers-common package.

Previously, if one needed to experiment with Podman and/or deploy in production then openSUSE Tumbleweed, Kubic or MicroOS were the supported choices. Now, one may deploy Podman containers on their existing Leap infrastructure (after upgrading to the latest version 15.2).