Download support of images with multi-arch manifest #35772
Conversation
|
This PR doesn't affect the behavior of current implementation, but it adds 'fat manifest' support thus we can download those multi-arch ones. As a easy way to test it, we can change the 4 docker images on amd64 to the counterparts in #35773 , the download will still succeed. |
tianon
left a comment
tianon
left a comment
There was a problem hiding this comment.
Approach seems generally OK to me, just a few comments on the implementation.
contrib/download-frozen-image-v2.sh
Outdated
There was a problem hiding this comment.
Any arch detection based on uname makes me queasy (I too often build 32bit userspace on a 64bit kernel, for example), so I'd prefer if we used go env GOARCH or dpkg --print-architecture or something userspace-based for this sort of detection. One benefit of using go env GOARCH would be that it should return the expected values out-of-the-box, and only arm will be slightly complicated.
There was a problem hiding this comment.
Absolutely 👍 "$(go env GOARCH)"
contrib/download-frozen-image-v2.sh
Outdated
There was a problem hiding this comment.
Please use local for all variables introduced/local to this function, as in fetch_blob.
contrib/download-frozen-image-v2.sh
Outdated
There was a problem hiding this comment.
Let's stick to a single variable naming format -- the rest of this file uses camelCase.
contrib/download-frozen-image-v2.sh
Outdated
There was a problem hiding this comment.
$m_arch here should be quoted too
contrib/download-frozen-image-v2.sh
Outdated
There was a problem hiding this comment.
Shouldn't this break so that we don't continue parsing entries? (I believe Docker's current implementation uses the first entry which matches)
There was a problem hiding this comment.
Yes, should break the loop if find the first matched entry.
contrib/download-frozen-image-v2.sh
Outdated
There was a problem hiding this comment.
$found should be quoted here too, and if we initialize it to the empty string instead of 0, this could instead simply be [ -z "$found" ]
hack/make/.detect-daemon-osarch
Outdated
There was a problem hiding this comment.
Is this here simply to skip TEST_IMAGE_NAMESPACE? It seems like it'd be more appropriate to put an if in the * block here, wouldn't it? Don't we still need to set it to something, or is the empty value handled OK elsewhere?
There was a problem hiding this comment.
The reason to skip TEST_IMAGE_NAMESPACE here is we've already switched to the multi-arch images on AArch64, so we don't need a name space like aarch64/ any more order to pass the test-integration. I think we will not need TEST_IMAGE_NAMESPACE if we switch all the legacy images to multi-arch ones in the future. But now let's it be and I add a if in the * block to handle AArch64 specific.
contrib/download-frozen-image-v2.sh
Outdated
There was a problem hiding this comment.
Yes, should break the loop if find the first matched entry.
Currently we only support 'application/vnd.docker.distribution.manifest.v2+json' manifest images download, with more multi-arch images used, we need to support download images with 'application/vnd.docker.distribution.manifest.list.v2+json' format(aka "fat manifest"), else we will fail to download those multi-arch ones. This PR adds 'application/vnd.docker.distribution.manifest.list.v2+json' manifest support, thus we can download both multi-arch and legacy images. Signed-off-by: Dennis Chen <[email protected]>
arm64b
force-pushed
the
multi-arch-manifest-support
branch
from
164a48a to
0af5db5
Compare
|
Thanks @tianon for the careful review! Sincerely I want to give you a "赞"(a.k.a 👍 ) 😂😂 |
|
restarting janky; https://jenkins.dockerproject.org/job/Docker-PRs/47116/console |
|
hmm, this is so nice 😂 I really don't want to see the 'red-cross' :) Thanks @thaJeztah ! |
|
ping @tianon @dnephin @estesp @coolljt0725 , Hi guys, I know this is a holiday season(I am on vacation too now), but I still want to get connect to some of yous about this PR. I just kick of a new issue #35841 which is depended on this PR. I hope can get some feedback/comments from you guys and see how we can move forward for the next step. |
|
Can confirm that this fixes build issues on aarch64 |
tianon
left a comment
tianon
left a comment
There was a problem hiding this comment.
Looks great to me generally, just one more point of clarification. I'm happy with it! 👍
| TEST_IMAGE_NAMESPACE="$PACKAGE_ARCH" | ||
| if [ "$PACKAGE_ARCH" != "aarch64" ]; then | ||
| TEST_IMAGE_NAMESPACE="$PACKAGE_ARCH" | ||
| fi |
There was a problem hiding this comment.
The idea here is that eventually we can remove this per-arch block entirely, right? (and possibly even use the same Dockerfile verbatim across arches?)
(Forgot to add this comment to my "review" hahaha 😇)
There was a problem hiding this comment.
Right. With multi-arch images used across all the platforms supported, IMO it does make sense to unify the Dockerfile across arches, consequently TEST_IMAGE_NAMESPACE here should be removed in the future in that case(suppose I am not missing something for this reply😂)
|
looks like @tianon's question was answered, so let's merge 👍 |
7 participants
Currently we only support 'application/vnd.docker.distribution.manifest.v2+json'
manifest images download, with more multi-arch images used, we need to support
download images with 'application/vnd.docker.distribution.manifest.list.v2+json'
format(aka "fat manifest"), else we will fail to download those multi-arch images.
This PR adds 'application/vnd.docker.distribution.manifest.list.v2+json' manifest
support, thus we can download both multi-arch and legacy images.
Fix: #35841
Signed-off-by: Dennis Chen [email protected]
- What I did
Add 'application/vnd.docker.distribution.manifest.list.v2+json' manifest images download support.
- How I did it
Get the first level manifest, if it's a 'fat manifest', then get the 2nd level manifest which can match the run time arch.
- How to verify it
After apply the patch,
make binary&make test-integrationupon both legacy and multi-arch docker images, on both arm64 and amd64 platforms.- Description for the changelog
- A picture of a cute animal (not mandatory but encouraged)
