33

I got a problem while creating a docker image using docker build -t image_name .. When I execute it I get errors:

 => [internal] load build definition from Dockerfile                                                               0.1s
 => => transferring dockerfile: 32B                                                                                0.0s
 => [internal] load .dockerignore                                                                                  0.0s
 => => transferring context: 2B                                                                                    0.0s
 => ERROR [internal] load metadata for docker.io/library/java:8                                                    0.2s
------
 > [internal] load metadata for docker.io/library/java:8:
------
failed to solve with frontend dockerfile.v0: failed to create LLB definition: failed to authorize: rpc error: code = Unknown desc = failed to fetch anonymous token: Get https://auth.docker.io/token?scope=repository%3Alibrary%2Fjava%3Apull&service=registry.docker.io: net/http: TLS handshake timeout
John Kugelman
  • 349,597
  • 67
  • 533
  • 578
iyadhalaoui
  • 341
  • 1
  • 4
  • 5
  • 16
    As a workaround I've done `docker pull` for base image before `docker build`. – SerG Apr 05 '21 at 16:19
  • is the question still relevant? and if so, what OS are you using? how did you install docker? what pulling the image manually returns? – Noam Yizraeli Sep 03 '21 at 18:08
  • @SerG - Thanks! – dugas Jan 05 '22 at 21:53
  • Was getting a similar error in using docker-compose build with Mercury ( which serves Jupyter notebooks via Docker: https://github.com/mljar/mercury ). Solution in my case was to delete a bare-string multiline comment from the notebook. (Expected notebook format didn't allow a string at that spot.) TL;DR: This can also be due to bugs in the individual containers, rather than host DNS. – Sarah Messer Jun 13 '22 at 14:37
  • Thanks @SerG I wish I had landed on your comment 2 hours ago, somehow pulling the image again has allowed me to build... – Arnaud Bouchot Oct 24 '22 at 14:52

3 Answers3

19

This recently happened for me when running a build script for earthly/earthly.

OS: Arch Linux 5.14.8-arch1-1

Docker from official repository: Docker version 20.10.8, build 3967b7d28e

Solution (likely a Linux-only solution)

DNS was misconfigured for me. For some reason, docker pull golang:1.16-alpine3.14 worked fine but was failing when running the build script. This answer on r/docker helped.

Adding a DNS nameserver to my /etc/resolv.conf solved this issue for me:

cat /etc/resolv.conf
# Cloudflare
nameserver 1.1.1.1

Other Attempted Solutions

1. Disable Buildkit

From this answer to Docker build: failed to fetch oauth token for openjdk?, this did not solve the issue since I believe buildkit was required for the script I was running:

export DOCKER_BUILDKIT=0
export COMPOSE_DOCKER_CLI_BUILD=0

2. Manually pull image

3. Authenticating with Docker

The error looked like something that might happen when I was unauthenticated with hub.docker.com. After logging in with docker login --username <username> I still receieved the errors.

cam
  • 4,409
  • 2
  • 24
  • 34
  • 1
    On my machine, I have a `/etc/resolv.conf` but no `/etc/resolve.conf`, notice the extra `e`. Not sure if this file's name varies with distribution. – Patrik Iselind Oct 12 '21 at 07:01
  • 1
    @PatrikIselind You're right and I misspelled the filename. Edited to fix, thanks! https://man7.org/linux/man-pages/man5/resolv.conf.5.html – cam Oct 12 '21 at 16:32
  • 1
    manually pulling the image helped me. it was exactly timing out at 20 seconds every time – Kundan Mar 11 '22 at 14:18
  • @tentative you only edited it in one location. – MikeKulls Aug 11 '22 at 00:56
  • This solved the problem for me but I spent a couple of hours longer than I needed because of that extra e. For me it was an issue because the machine has 2 network cards. I tried editing your post myself but it said "edit queue is full". Edit -> Oh, you fixed it. Thanks – MikeKulls Aug 11 '22 at 01:53
  • 1
    Yeah, I forgot to login. Thanks for saving me couple of hours XD – Roman Khabibulin May 08 '23 at 15:26
1

If you use MacOS check if there are any kind of System Extensions which intercept the traffic - e.g. firewalls, vpn clients, security tools. run systemextensionsctl list in your terminal app:

1 extension(s)
--- com.apple.system_extension.network_extension
enabled active  teamID  bundleID (version)  name    [state]
*   *   78UFGP42EU  ch.tripmode.TripMode.FilterExtension (3.1.0/1304)   FilterExtension [activated enabled]

In my case the App TripMode was the reason for the problem. Uninstalling the tool and restarting the system fixed the problem.

Andreas Heissenberger
  • 728
  • 5
  • 8
0

Tagging on to answer regarding setting DNS in resolv.conf, but I don't have enough reputation to comment apparently. Some Linux applications read resolv.conf directly and do not use systemd-resolved (which is used by Arch by default). You can address this by replacing /etc/resolv.conf with a link to a systemd-resolved DNS stub file like ln -rsf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

It is covered in the DNS section of this documentation https://wiki.archlinux.org/title/Systemd-resolved

Urban Martin
  • 11
  • 1