Skip to content

containerd-integration: pulling (deprecated) v2, schema1 images fails #44521

@thaJeztah

Description

@thaJeztah

Description

Relates to:

We deprecated this format for the non-containerd codebase which requires quite some complexity to support it, it looks like docker with containerd integration enabled no longer supports pulling these images (application/vnd.docker.distribution.manifest.v1+prettyjws).

We should implement the conversion logic for regular docker pull as well (at least until we fully sunset support for it).

Reproduce

docker pull quay.io/goswagger/swagger:0.7.4
Error response from daemon: application/vnd.docker.distribution.manifest.v1+prettyjws not supported

Doing the same with docker 20.10 (or containerd integration disabled) works;

docker pull quay.io/goswagger/swagger:0.7.4
0.7.4: Pulling from goswagger/swagger
28c417e954d8: Pull complete
8abaad28289b: Pull complete
c0d3fbe7c6e2: Pull complete
baa638d2506a: Pull complete
4ceb95128ac9: Pull complete
2d0a16542275: Pull complete
00568dfa5f26: Pull complete
31dcaa898959: Pull complete
Digest: sha256:90b06cd876408e198a8315fcb9c3db0d8af094f42742b5a2be071246103e2963
Status: Downloaded newer image for quay.io/goswagger/swagger:0.7.4
quay.io/goswagger/swagger:0.7.4

As a workaround, I can use build (with BuildKit enabled) to build the image, as it uses containerd's converter;

if p.desc.MediaType == images.MediaTypeDockerSchema1Manifest {
schema1Converter = schema1.NewConverter(p.is.ContentStore, fetcher)
handlers = append(handlers, schema1Converter)

docker build -t swagger:0.7.4 -<<'EOF'
FROM quay.io/goswagger/swagger:0.7.4
EOF
[+] Building 8.9s (5/5) FINISHED
 => [internal] load .dockerignore                                                                                            0.0s
 => => transferring context: 2B                                                                                              0.0s
 => [internal] load build definition from Dockerfile                                                                         0.0s
 => => transferring dockerfile: 79B                                                                                          0.0s
 => [internal] load metadata for quay.io/goswagger/swagger:0.7.4                                                             0.8s
 => [1/1] FROM quay.io/goswagger/swagger:0.7.4@sha256:90b06cd876408e198a8315fcb9c3db0d8af094f42742b5a2be071246103e2963       0.1s
 => => resolve quay.io/goswagger/swagger:0.7.4@sha256:90b06cd876408e198a8315fcb9c3db0d8af094f42742b5a2be071246103e2963       6.2s
 => => sha256:4ceb95128ac938872543c60b1bea39574887aa3b381cfdbc429fac02570b9f6b                                               7.8s
 => => sha256:8abaad28289b634fc5e829f5c497a06246c24e62b0c92970ae0083e0f224c4cd                                               7.8s
 => => sha256:31dcaa89895977830adce90c136f148dee87abcfb7d81b7da4926533debd9411 4.19MB                                        7.8s
 => => sha256:28c417e954d8f9d2439d5b9c7ea3dcb2fd31690bf2d79b94333d889ea26689d2 2.10MB                                        7.8s
 => => sha256:00568dfa5f262933a860df1ddf2a54017a21aa1c76f5288e2cb9376ab9449ba9 22.02MB                                       7.8s
 => => sha256:c0d3fbe7c6e2be070692bcc7e2f8590fa923d351194a3346e2f16e0186e6be3a                                               7.8s
 => => sha256:2d0a16542275066a49c866794a211cddf367f05cba07964979d5ebc62278971c                                               7.7s
 => => sha256:baa638d2506a4f01b9088c37a5df002c00a4c0cd91dfdc9cf4e1509097de9a1c 68.16MB                                       7.7s
 => exporting to image                                                                                                       1.8s
 => => exporting layers                                                                                                      0.0s
 => => exporting manifest sha256:742e94ad9306af84e9de4de3a9dab701112c5bc143b6738296b9ccd8e8d282e5                            0.0s
 => => exporting config sha256:b547b54d443917417567c185829cf8da748f504a40ca837e15f553a096844b05                              0.0s
 => => naming to docker.io/library/swagger:0.7.4                                                                             0.0s
 => => unpacking to docker.io/library/swagger:0.7.4                                                                          1.8s

Expected behavior

The pull to run successfully

docker version

Client:
 Cloud integration: v1.0.29
 Version:           20.10.21
 API version:       1.41
 Go version:        go1.18.7
 Git commit:        baeda1f
 Built:             Tue Oct 25 18:01:18 2022
 OS/Arch:           darwin/arm64
 Context:           default
 Experimental:      true

Server: Docker Desktop 4.14.1 (91661)
 Engine:
  Version:          22.06.0-beta.0-407-g7a5cce156e.m
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.18.4
  Git commit:       7a5cce156e
  Built:            Thu Oct 13 08:09:41 2022
  OS/Arch:          linux/arm64
  Experimental:     true
 containerd:
  Version:          1.6.9
  GitCommit:        1c90a442489720eec95342e1789ee8a5e1b9536f
 runc:
  Version:          1.1.4
  GitCommit:        v1.1.4-0-g5fd4c4d
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

Client:
 Context:    default
 Debug Mode: false
 Plugins:
  base: Identify base image (Docker Inc., vn/a)
  buildx: Docker Buildx (Docker Inc., v0.9.1)
  compose: Docker Compose (Docker Inc., v2.12.2)
  dev: Docker Dev Environments (Docker Inc., v0.0.3)
  extension: Manages Docker extensions (Docker Inc., v0.2.13)
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc., 0.6.0)
  scan: Docker Scan (Docker Inc., v0.21.0)
  shell: Open a browser shell on the Docker Host. (thaJeztah, v0.0.1)

Server:
 Containers: 1
  Running: 1
  Paused: 0
  Stopped: 0
 Images: 18
 Server Version: 22.06.0-beta.0-407-g7a5cce156e.m
 Storage Driver: stargz
  driver-type: io.containerd.snapshotter.v1
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: active
  NodeID: bfpr7gj1w767qwq37qta7kqts
  Is Manager: true
  ClusterID: crv7mpxcck85em4ocnfci4esi
  Managers: 1
  Nodes: 1
  Default Address Pool: 10.0.0.0/8
  SubnetSize: 24
  Data Path Port: 4789
  Orchestration:
   Task History Retention Limit: 5
  Raft:
   Snapshot Interval: 10000
   Number of Old Snapshots to Retain: 0
   Heartbeat Tick: 1
   Election Tick: 10
  Dispatcher:
   Heartbeat Period: 5 seconds
  CA Configuration:
   Expiry Duration: 3 months
   Force Rotate: 0
  Autolock Managers: false
  Root Rotation In Progress: false
  Node Address: 192.168.65.3
  Manager Addresses:
   192.168.65.3:2377
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 1c90a442489720eec95342e1789ee8a5e1b9536f
 runc version: v1.1.4-0-g5fd4c4d
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 5.15.49-linuxkit
 Operating System: Docker Desktop
 OSType: linux
 Architecture: aarch64
 CPUs: 5
 Total Memory: 5.8GiB
 Name: docker-desktop
 ID: c8ca0b32-cd5f-4ad2-9a97-bc30ebe413d4
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 No Proxy: hubproxy.docker.internal
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: true
 Insecure Registries:
  hubproxy.docker.internal:5000
  127.0.0.0/8
 Live Restore Enabled: false

Additional Info

We should implement the conversion logic for regular docker pull as well (similar to how it's implemented for build) at least until we fully sunset support for it).

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/distributionImage Distributioncontainerd-integrationIssues and PRs related to containerd integrationkind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.

    Type

    Projects

    Status

    Done

    Status

    Done

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions