Artifactory:“docker service create”不适用于0字节的图像

时间:2017-06-09 13:38:04

标签: docker artifactory docker-swarm-mode

即使Docker Hub中的压缩图像大小为0B,

docker service create ...也能正常工作。另一方面,当我使用Artifactory作为私有注册表时,它会因No such image错误而失败。 Docker守护程序的调试日志说manifest verification failed for digest ...

例如,portainer的最新标签和主要版本标签(1.13.1,1.13.2等)的压缩大小为0 B:https://hub.docker.com/r/portainer/portainer/tags/

以下命令有效:

docker service create \
  --name portainer \
  --publish 9000:9000 \
  --constraint 'node.role == manager' \
  --mount type=bind,src=//var/run/docker.sock,dst=/var/run/docker.sock \
  portainer/portainer \
  -H unix:///var/run/docker.sock

但是以下命令不起作用:

docker service create \
  --name portainer \
  --publish 9000:9000 \
  --constraint 'node.role == manager' \
  --mount type=bind,src=//var/run/docker.sock,dst=/var/run/docker.sock \
  artifactory.mycompany.com/portainer/portainer \
  -H unix:///var/run/docker.sock

服务状态:

[myuser@rose1]$ docker service ps --no-trunc  portainer
ID                          NAME                IMAGE                                                                                                                NODE                DESIRED STATE       CURRENT STATE             ERROR                                                                                                                                 PORTS
gzk05p5x89w9pcvenuyio8pu8   portainer.1         artifactory.mycompany.com/portainer/portainer:latest@sha256:5393dc7fc9e93f8ca8b034941a2c6af0ae176c89c92728d4ff0e110d0558cd40   rose1             Ready               Rejected 2 seconds ago    "No such image: artifactory.mycompany.com/portainer/portainer:latest@sha256:5393dc7fc9e93f8ca8b034941a2c6af0ae176c89c92728d4ff0e110d0558cd40"
fcovqtudbv3zmgo4von01y5wv    \_ portainer.1     artifactory.mycompany.com/portainer/portainer:latest@sha256:5393dc7fc9e93f8ca8b034941a2c6af0ae176c89c92728d4ff0e110d0558cd40   rose1             Shutdown            Rejected 7 seconds ago    "No such image: artifactory.mycompany.com/portainer/portainer:latest@sha256:5393dc7fc9e93f8ca8b034941a2c6af0ae176c89c92728d4ff0e110d0558cd40"
jfy8lr2prypcx72dryse5vmwx    \_ portainer.1     artifactory.mycompany.com/portainer/portainer:latest@sha256:5393dc7fc9e93f8ca8b034941a2c6af0ae176c89c92728d4ff0e110d0558cd40   rose1             Shutdown            Rejected 12 seconds ago   "No such image: artifactory.mycompany.com/portainer/portainer:latest@sha256:5393dc7fc9e93f8ca8b034941a2c6af0ae176c89c92728d4ff0e110d0558cd40"
3ovw7pwgr6srhvqocrqayiuqx    \_ portainer.1     artifactory.mycompany.com/portainer/portainer:latest@sha256:5393dc7fc9e93f8ca8b034941a2c6af0ae176c89c92728d4ff0e110d0558cd40   rose1             Shutdown            Rejected 12 seconds ago   "No such image: artifactory.mycompany.com/portainer/portainer:latest@sha256:5393dc7fc9e93f8ca8b034941a2c6af0ae176c89c92728d4ff0e110d0558cd40"

Docker守护程序的调试日志:

...
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.137611299+03:00" level=debug msg="Trying to pull artifactory.mycompany.com/portainer/portainer from https://artifactory.mycompany.com v2"
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.169441596+03:00" level=debug msg="task status updated" method="(*Dispatcher).processUpdates" module=dispatcher node.id=xdn6m020ugsnbfqfk2
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.169573572+03:00" level=debug msg="task status updated" method="(*Dispatcher).processUpdates" module=dispatcher node.id=xdn6m020ugsnbfqfk2
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.175689648+03:00" level=debug msg="Pulling ref from V2 registry: artifactory.mycompany.com/portainer/portainer:latest@sha256:5393dc7fc9e93f8ca8b0349
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.175757143+03:00" level=error msg="manifest verification failed for digest sha256:5393dc7fc9e93f8ca8b034941a2c6af0ae176c89c92728d4ff0e110d
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.175783178+03:00" level=info msg="Attempting next endpoint for pull after error: manifest verification failed for digest sha256:5393dc7fc9
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.175800969+03:00" level=debug msg="Skipping v1 endpoint https://artifactory.mycompany.com because v2 registry was detected"
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.175878617+03:00" level=debug msg="pull in progress"
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.175909141+03:00" level=error msg="pulling image failed" error="manifest verification failed for digest sha256:5393dc7fc9e93f8ca8b034941a2
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.176596565+03:00" level=error msg="fatal task error" error="No such image: artifactory.mycompany.com/portainer/portainer:latest@sha256:5393dc7fc9e93
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.176643801+03:00" level=debug msg="state changed" module="node/agent/taskmanager" node.id=xdn6m020ugsnbfqfk2f5g74jx service.id=ve3ipsb1cx3
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.176882355+03:00" level=debug msg="(*Agent).UpdateTaskStatus" module="node/agent" node.id=xdn6m020ugsnbfqfk2f5g74jx task.id=3rzww5i46b8sv3
Jun 08 12:29:58 rose1 dockerd[14289]: time="2017-06-08T12:29:58.177387272+03:00" level=debug msg="task status reported" module="node/agent" node.id=xdn6m020ugsnbfqfk2f5g74jx
...

Artifactory日志:

...
2017-06-09 14:00:11,725 [http-nio-8081-exec-1] [INFO ] (o.a.a.d.r.v.r.v.DockerV2VirtualRepoHandler:105) - Fetching docker manifest for repo 'portainer/portainer' and tag 'latest'
2017-06-09 14:00:14,940 [http-nio-8081-exec-1] [INFO ] (o.a.r.HttpRepo      :420) - registry-1.docker.io downloading https://registry-1.docker.io/v2/portainer/portainer/manifests/latest 944 bytes
2017-06-09 14:00:14,948 [http-nio-8081-exec-1] [INFO ] (o.a.r.HttpRepo      :433) - registry-1.docker.io downloaded  https://registry-1.docker.io/v2/portainer/portainer/manifests/latest 944 bytes at 125.43 KB/sec
2017-06-09 14:00:15,194 [http-nio-8081-exec-5] [INFO ] (o.a.a.d.r.v.r.v.DockerV2VirtualRepoHandler:105) - Fetching docker manifest for repo 'portainer/portainer' and tag 'latest'
2017-06-09 14:00:15,529 [http-nio-8081-exec-7] [INFO ] (o.a.a.d.r.v.r.v.DockerV2VirtualRepoHandler:105) - Fetching docker manifest for repo 'portainer/portainer' and tag 'latest'
2017-06-09 14:00:20,526 [http-nio-8081-exec-8] [INFO ] (o.a.a.d.r.v.r.v.DockerV2VirtualRepoHandler:105) - Fetching docker manifest for repo 'portainer/portainer' and tag 'latest'
...

更新1:

docker pull ...正常运作:

docker pull artifactory.mycompany.com/portainer/portainer

docker run ...也可以正常运行:

docker run \ 
  -v /var/lib/docker.sock:/var/lib/docker.sock \
  -p 9000:9000 \
  artifactory.mycompany.com/portainer/portainer \
  -H unix:///var/run/docker.sock

只有群集模式存在问题。

更新2:

正如@Tony指出的那样,如果图像是一个多拱的清单(因此是0B大小),我就会遇到Artifactory的问题。例如,https://hub.docker.com/u/trollin下的所有图像都是多拱的,每个图像的每个标记看起来都是0字节。我可以用这些图像重现同样的问题。标签。以trollin/nginx为例。

以下命令工作:

1)

docker pull artifactory.mycompany/trollin/nginx

2)

docker run --name trollin_nginx \
  --publish 9991:80 \
  artifactory.mycompany/trollin/nginx

3)

docker service create \
  --name trollin_nginx \
  --publish 9991:80 \
  trollin/nginx

以下命令不起作用:

docker service create \
  --name trollin_nginx \
  --publish 9991:80 \
  artifactory.mycompany.com/trollin/nginx

0 个答案:

没有答案
相关问题
最新问题