Open chetanshivaji opened 3 days ago
Thanks for reporting! Yes, this is needs some work. I was curious if this was fixed on current master of the engine, and if PR would have fixed it;
But it looks like, while the error is slightly different 27.3 and "master" (looks like it now includes a NotFound
prefix; possibly originating from containerd error-defs), the issue is still the same;
docker pull --platform=linux/s390x nginx:latest
latest: Pulling from library/nginx
a95d04829aec: Download complete
42b2ec246294: Download complete
95fe27c895a8: Download complete
6982f08f280c: Download complete
b2fff712f8b4: Download complete
1cdb42c01f48: Download complete
f9cf33a9c2ac: Download complete
Digest: sha256:04ba374043ccd2fc5c593885c0eacddebabd5ca375f9323666f28dfd5a9710e3
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
docker image ls --tree
WARNING: This is an experimental feature. The output may change and shouldn't be depended on.
IMAGE ID DISK USAGE CONTENT SIZE IN USE
nginx:latest 04ba374043cc 246MB 65.3MB
├─ linux/s390x 0fa1ac852fea 246MB 65.3MB
├─ linux/amd64 88a0a069d5e9 0B 0B
├─ linux/arm/v5 6289301f3b91 0B 0B
├─ linux/arm/v7 d719acf8bcaf 0B 0B
├─ linux/arm64/v8 9f661996f4d1 0B 0B
├─ linux/386 67e126c43a8d 0B 0B
├─ linux/mips64le 83277e45a916 0B 0B
└─ linux/ppc64le 964b97f05849 0B 0B
docker save -o nginx.tar nginx:latest
Error response from daemon: unable to create manifests file: NotFound: content digest sha256:9f661996f4d1cea788f329b8145660a1124a5a94eec8cea1dba0d564423ad171: not found
daemon logs (current master) look like;
DEBU[2024-09-24T18:49:43.377261423Z] Calling HEAD /_ping spanID=c4ad8816f0c9fe7c traceID=d6ece5243ab000edd0dee3f6857257da
DEBU[2024-09-24T18:49:43.378616590Z] Calling GET /v1.48/images/get?names=nginx%3Alatest spanID=0d7b5e44f6d43c8a traceID=d9a86fa6439b281f1f9320fbb2ffdcf8
DEBU[2024-09-24T18:49:43.385920632Z] export requested img="{docker.io/library/nginx:latest map[] {application/vnd.oci.image.index.v1+json sha256:04ba374043ccd2fc5c593885c0eacddebabd5ca375f9323666f28dfd5a9710e3 10272 [] map[] [] <nil> } 2024-09-24 18:46:01.821534085 +0000 UTC 2024-09-24 18:46:01.821534085 +0000 UTC}" name="nginx:latest" resolveErr="<nil>" spanID=0d7b5e44f6d43c8a specificDigestResolved=false traceID=d9a86fa6439b281f1f9320fbb2ffdcf8
DEBU[2024-09-24T18:49:43.401433173Z] export image name="docker.io/library/nginx:latest" spanID=0d7b5e44f6d43c8a target="{application/vnd.oci.image.index.v1+json sha256:04ba374043ccd2fc5c593885c0eacddebabd5ca375f9323666f28dfd5a9710e3 10272 [] map[] [] <nil> }" traceID=d9a86fa6439b281f1f9320fbb2ffdcf8
The --platform
flag (from https://github.com/docker/cli/pull/5331) helps in this case, but either the error message should be better (i.e., "we have the image, but not in the default platform"), or it should export only the available one;
docker save -o nginx.tar --platform=linux/s390x nginx:latest
ls -la nginx.tar
-rw------- 1 root root 65330176 Sep 24 18:47 nginx.tar
Also tried to find what the sha256:9f661996f4d1cea788f329b8145660a1124a5a94eec8cea1dba0d564423ad171
digest refers to, and it looks indeed the default (arm64) image;
docker buildx imagetools inspect nginx:latest
...
...
Name: docker.io/library/nginx:latest@sha256:9f661996f4d1cea788f329b8145660a1124a5a94eec8cea1dba0d564423ad171
MediaType: application/vnd.oci.image.manifest.v1+json
Platform: linux/arm64/v8
Annotations:
org.opencontainers.image.url: https://hub.docker.com/_/nginx
org.opencontainers.image.version: 1.27.1
com.docker.official-images.bashbrew.arch: arm64v8
org.opencontainers.image.base.digest: sha256:ace984fea4de21d4ad6d0047c3c6ab7ade9fcd9dee3e44c5fe6349d7dd063d86
org.opencontainers.image.base.name: debian:bookworm-slim
org.opencontainers.image.created: 2024-09-05T12:38:34Z
org.opencontainers.image.revision: e78cf70ce7b73a0c9ea734c9cf8aaaa283c1cc5a
org.opencontainers.image.source: https://github.com/nginxinc/docker-nginx.git#e78cf70ce7b73a0c9ea734c9cf8aaaa283c1cc5a:mainline/debian
Full output;
Thanks for the details @thaJeztah.
This seems to be an issue with image pulls with --platform mismatching to host arch.
docker inspect 04ba374043cc|grep -ani arch
74: "Architecture": "386",
docker images --no-trunc
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest sha256:04ba374043ccd2fc5c593885c0eacddebabd5ca375f9323666f28dfd5a9710e3 5 weeks ago 252MB
docker save -o nginx386arch.tar sha256:04ba374043ccd2fc5c593885c0eacddebabd5ca375f9323666f28dfd5a9710e3
Error response from daemon: unable to create manifests file: content digest sha256:88a0a069d5e9865fcaaf8c1e53ba6bf3d8d987b0fdc5e0135fec8ce8567d673e: not found
@chetanshivaji yes, correct; the issue is that the image pulled does not match the default platform. When running docker save
, the initial part "succeeds" (multi-arch image exists), but it then tries to save the default (native) platform, and that is missing.
So at least the error-message should be more clear, but we should also look if the request is non-ambiguous (i.e., image exists, and there's only a single platform locally -> in that case we could save the image, regardless if it's the default platform).
Description
docker save fails for image pulled using --platform=linux/arm64 on amd64 host.
I pulled image as,
docker pull --platform=linux/arm64 nginx:latest
2.
Not able to do docker save because of above error
3. Extra info, Although, docker save works with arm64 arch image if image is pulled using mainfest digest as below,
Reproduce
Same as above description.
Expected behavior
No response
docker version
docker info
Additional Info
No response