Open thaJeztah opened 1 year ago
In containerd's platform strings, linux/arm
implies linux/arm/v7
(Edit: source: https://github.com/containerd/containerd/blob/8c5baf4ebb5a53911f6f8e54f931482794e01e12/platforms/database.go#L108-L109), and the three IDs you're seeing are not three images, but three objects for the one image (manifest list, image manifest, image config):
e18f0a777aef
: Content-Type: application/vnd.docker.distribution.manifest.list.v2+json
(sha256:e18f0a777aefabe047a671ab3ec3eed05414477c951ab1a6f352a06974245fe7
)f130bd2d67e6
: Content-Type: application/vnd.docker.distribution.manifest.v2+json
(sha256:f130bd2d67e6e9280ac6d0a6c83857bfaf70234e8ef4236876eccfbd30973b1c
)1ec996c686eb
: Content-Type: application/vnd.docker.container.image.v1+json
(sha256:1ec996c686eb87d8f091080ec29dd1862b39b5822ddfd8f9a1e2c9288fad89fe
)I'm actually a little surprised we don't see a fourth ID for the layer blob itself (sha256:9b157615502ddff86482f7fe2fa7a074db74a62fce12b4e8507827ac8f08d0ce
). :thinking:
Oh! I completely missed your message here, @tianon 😂 was just discussing this with @vvoland, and it looks like the pulls that are shown may indeed be the manifests, not the image as a whole. So this may be due to the changes made to match containerd's matching (which recurses manifests prior to matching?)
time docker pull --platform=linux/arm hello-world
Using default tag: latest
e18f0a777aef: Download complete
f130bd2d67e6: Download complete
1ec996c686eb: Download complete
9b157615502d: Download complete
docker.io/library/hello-world:latest
________________________________________________________
Executed in 6.41 secs fish external
usr time 60.29 millis 0.12 millis 60.17 millis
sys time 36.71 millis 2.15 millis 34.56 millis
time docker pull --platform=linux/arm/v7 hello-world
Using default tag: latest
e18f0a777aef: Download complete
f130bd2d67e6: Download complete
1ec996c686eb: Download complete
9b157615502d: Download complete
docker.io/library/hello-world:latest
________________________________________________________
Executed in 4.19 secs fish external
usr time 55.65 millis 0.14 millis 55.51 millis
sys time 44.06 millis 2.42 millis 41.65 millis
On 20.10 (no containerd integration, but different environment, so networking is different)
time docker pull --platform=linux/arm hello-world
Using default tag: latest
latest: Pulling from library/hello-world
9b157615502d: Pull complete
Digest: sha256:e18f0a777aefabe047a671ab3ec3eed05414477c951ab1a6f352a06974245fe7
Status: Downloaded newer image for hello-world:latest
docker.io/library/hello-world:latest
real 0m2.813s
user 0m0.018s
sys 0m0.011s
time docker pull --platform=linux/arm/v7 hello-world
Using default tag: latest
latest: Pulling from library/hello-world
9b157615502d: Pull complete
Digest: sha256:e18f0a777aefabe047a671ab3ec3eed05414477c951ab1a6f352a06974245fe7
Status: Downloaded newer image for hello-world:latest
docker.io/library/hello-world:latest
real 0m2.507s
user 0m0.013s
sys 0m0.020s
Description
I noticed this when trying to compare https://github.com/moby/moby/pull/44390 with the current behaviour, but then noticed that the containerd-integration acts different than before the integration.
Reproduce
When running a
docker pull
with a partial ARM platform (no variant specified), containerd integration pull all (32-bit) arm variants:As can be seen above, it's pulling 3 images (effectively treating
linux/arm
aslinux/arm/*
(wildcard); the digests in the output above match the variouslinux/arm
variants;However, after the pull completes, no image is stored:
Without containerd integration (docker 20.10 and the PR branch from https://github.com/moby/moby/pull/44390) only a single variant is pulled ("best match");
But, interestingly, it doesn't use
v8
, but usesv7
(I guess this may be intentional because the platform specified wasarm
, notarm64
, and forarm64
, the full platform islinux/arm64/v8
;Expected behavior
A single arch to be pulled (best match) and the image to be present in
docker image ls
.docker version
docker info
Additional Info
No response