I am attempting to build a Docker container on my local machine based on the amazonlinux:latest image, but running into a Curl error during the yum install steps in my Dockerfile:
#6 0.378 - Curl error (6): Couldn't resolve host name for https://cdn.amazonlinux.com/al2023/core/mirrors/2023.0.20230322/x86_64/mirror.list [getaddrinfo() thread failed to start]
#6 0.378 Error: Failed to download metadata for repo 'amazonlinux': Cannot prepare internal mirrorlist: Curl error (6): Couldn't resolve host name for https://cdn.amazonlinux.com/al2023/core/mirrors/2023.0.20230322/x86_64/mirror.list [getaddrinfo() thread failed to start]
The Dockerfile I'm using looks like this:
FROM amazonlinux:latest
# Create deploy directory
WORKDIR /deploy
# Install system dependencies
RUN yum -y install make gcc*
# Add NodeSource 10.x yum repository
RUN curl --silent --location https://rpm.nodesource.com/setup_14.x | bash -
# Install nodejs
RUN yum -y install nodejs
# Install serverless
RUN npm install -g serverless
# Copy source
COPY . .
# Install app dependencies
RUN cd /deploy/functions && npm i --production && cd /deploy
# Run deploy script
CMD ./deploy.sh ; sleep 2m
And my docker-compose.yml is:
version: "3"
services:
image-resize-on-the-fly:
build: .
volumes:
- ./secrets:/deploy/secrets
env_file:
- ./secrets/secrets.env
Other folks on my team are able to successfully run docker-compose up --build with these same files and have no issues. Similarly, I can run commands like docker run -it centos curl google.com with a successful response - but running docker run -it amazonlinux curl google.com fails with the same Curl error (6) as described above.
Adding --security-opt seccomp=unconfined flag to the amazonlinux line DOES come back with a successful response.
I attempted to use the unconfined setting as the default in ~/.docker/daemon.json by adding "seccomp-profile":"unconfined" per (https://docs.docker.com/engine/reference/commandline/dockerd/) but got back an error saying the unconfined profile couldn't be found.
At this point, I'm lost for what to try next. There's clearly some kind of network setup issue, but I'm not well versed enough in those matters to understand what else to look for.
I'm betting that you're running on a machine where Docker runs with "old" seccomp settings. See this thread for https://github.com/amazonlinux/amazon-linux-2023/issues/80#issuecomment-1017798237 discussion and options.