-
Notifications
You must be signed in to change notification settings - Fork 18.9k
Description
Description
Relates to:
We deprecated this format for the non-containerd codebase which requires quite some complexity to support it, it looks like docker with containerd integration enabled no longer supports pulling these images (application/vnd.docker.distribution.manifest.v1+prettyjws).
We should implement the conversion logic for regular docker pull as well (at least until we fully sunset support for it).
Reproduce
docker pull quay.io/goswagger/swagger:0.7.4
Error response from daemon: application/vnd.docker.distribution.manifest.v1+prettyjws not supportedDoing the same with docker 20.10 (or containerd integration disabled) works;
docker pull quay.io/goswagger/swagger:0.7.4
0.7.4: Pulling from goswagger/swagger
28c417e954d8: Pull complete
8abaad28289b: Pull complete
c0d3fbe7c6e2: Pull complete
baa638d2506a: Pull complete
4ceb95128ac9: Pull complete
2d0a16542275: Pull complete
00568dfa5f26: Pull complete
31dcaa898959: Pull complete
Digest: sha256:90b06cd876408e198a8315fcb9c3db0d8af094f42742b5a2be071246103e2963
Status: Downloaded newer image for quay.io/goswagger/swagger:0.7.4
quay.io/goswagger/swagger:0.7.4As a workaround, I can use build (with BuildKit enabled) to build the image, as it uses containerd's converter;
moby/builder/builder-next/adapters/containerimage/pull.go
Lines 435 to 437 in 85b80ce
| if p.desc.MediaType == images.MediaTypeDockerSchema1Manifest { | |
| schema1Converter = schema1.NewConverter(p.is.ContentStore, fetcher) | |
| handlers = append(handlers, schema1Converter) |
docker build -t swagger:0.7.4 -<<'EOF'
FROM quay.io/goswagger/swagger:0.7.4
EOF[+] Building 8.9s (5/5) FINISHED
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 79B 0.0s
=> [internal] load metadata for quay.io/goswagger/swagger:0.7.4 0.8s
=> [1/1] FROM quay.io/goswagger/swagger:0.7.4@sha256:90b06cd876408e198a8315fcb9c3db0d8af094f42742b5a2be071246103e2963 0.1s
=> => resolve quay.io/goswagger/swagger:0.7.4@sha256:90b06cd876408e198a8315fcb9c3db0d8af094f42742b5a2be071246103e2963 6.2s
=> => sha256:4ceb95128ac938872543c60b1bea39574887aa3b381cfdbc429fac02570b9f6b 7.8s
=> => sha256:8abaad28289b634fc5e829f5c497a06246c24e62b0c92970ae0083e0f224c4cd 7.8s
=> => sha256:31dcaa89895977830adce90c136f148dee87abcfb7d81b7da4926533debd9411 4.19MB 7.8s
=> => sha256:28c417e954d8f9d2439d5b9c7ea3dcb2fd31690bf2d79b94333d889ea26689d2 2.10MB 7.8s
=> => sha256:00568dfa5f262933a860df1ddf2a54017a21aa1c76f5288e2cb9376ab9449ba9 22.02MB 7.8s
=> => sha256:c0d3fbe7c6e2be070692bcc7e2f8590fa923d351194a3346e2f16e0186e6be3a 7.8s
=> => sha256:2d0a16542275066a49c866794a211cddf367f05cba07964979d5ebc62278971c 7.7s
=> => sha256:baa638d2506a4f01b9088c37a5df002c00a4c0cd91dfdc9cf4e1509097de9a1c 68.16MB 7.7s
=> exporting to image 1.8s
=> => exporting layers 0.0s
=> => exporting manifest sha256:742e94ad9306af84e9de4de3a9dab701112c5bc143b6738296b9ccd8e8d282e5 0.0s
=> => exporting config sha256:b547b54d443917417567c185829cf8da748f504a40ca837e15f553a096844b05 0.0s
=> => naming to docker.io/library/swagger:0.7.4 0.0s
=> => unpacking to docker.io/library/swagger:0.7.4 1.8sExpected behavior
The pull to run successfully
docker version
Client:
Cloud integration: v1.0.29
Version: 20.10.21
API version: 1.41
Go version: go1.18.7
Git commit: baeda1f
Built: Tue Oct 25 18:01:18 2022
OS/Arch: darwin/arm64
Context: default
Experimental: true
Server: Docker Desktop 4.14.1 (91661)
Engine:
Version: 22.06.0-beta.0-407-g7a5cce156e.m
API version: 1.43 (minimum version 1.12)
Go version: go1.18.4
Git commit: 7a5cce156e
Built: Thu Oct 13 08:09:41 2022
OS/Arch: linux/arm64
Experimental: true
containerd:
Version: 1.6.9
GitCommit: 1c90a442489720eec95342e1789ee8a5e1b9536f
runc:
Version: 1.1.4
GitCommit: v1.1.4-0-g5fd4c4d
docker-init:
Version: 0.19.0
GitCommit: de40ad0docker info
Client:
Context: default
Debug Mode: false
Plugins:
base: Identify base image (Docker Inc., vn/a)
buildx: Docker Buildx (Docker Inc., v0.9.1)
compose: Docker Compose (Docker Inc., v2.12.2)
dev: Docker Dev Environments (Docker Inc., v0.0.3)
extension: Manages Docker extensions (Docker Inc., v0.2.13)
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc., 0.6.0)
scan: Docker Scan (Docker Inc., v0.21.0)
shell: Open a browser shell on the Docker Host. (thaJeztah, v0.0.1)
Server:
Containers: 1
Running: 1
Paused: 0
Stopped: 0
Images: 18
Server Version: 22.06.0-beta.0-407-g7a5cce156e.m
Storage Driver: stargz
driver-type: io.containerd.snapshotter.v1
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: active
NodeID: bfpr7gj1w767qwq37qta7kqts
Is Manager: true
ClusterID: crv7mpxcck85em4ocnfci4esi
Managers: 1
Nodes: 1
Default Address Pool: 10.0.0.0/8
SubnetSize: 24
Data Path Port: 4789
Orchestration:
Task History Retention Limit: 5
Raft:
Snapshot Interval: 10000
Number of Old Snapshots to Retain: 0
Heartbeat Tick: 1
Election Tick: 10
Dispatcher:
Heartbeat Period: 5 seconds
CA Configuration:
Expiry Duration: 3 months
Force Rotate: 0
Autolock Managers: false
Root Rotation In Progress: false
Node Address: 192.168.65.3
Manager Addresses:
192.168.65.3:2377
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 1c90a442489720eec95342e1789ee8a5e1b9536f
runc version: v1.1.4-0-g5fd4c4d
init version: de40ad0
Security Options:
seccomp
Profile: builtin
cgroupns
Kernel Version: 5.15.49-linuxkit
Operating System: Docker Desktop
OSType: linux
Architecture: aarch64
CPUs: 5
Total Memory: 5.8GiB
Name: docker-desktop
ID: c8ca0b32-cd5f-4ad2-9a97-bc30ebe413d4
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Registry: https://index.docker.io/v1/
Labels:
Experimental: true
Insecure Registries:
hubproxy.docker.internal:5000
127.0.0.0/8
Live Restore Enabled: falseAdditional Info
We should implement the conversion logic for regular docker pull as well (similar to how it's implemented for build) at least until we fully sunset support for it).
Metadata
Metadata
Assignees
Labels
Type
Projects
Status
Status