Skip to content

Instantly share code, notes, and snippets.

@kiorky

kiorky/.gitignore

Last active March 21, 2017 18:02
Show Gist options
  • Save kiorky/e2d75127f0be90a7a4982081f66b6271 to your computer and use it in GitHub Desktop.
Save kiorky/e2d75127f0be90a7a4982081f66b6271 to your computer and use it in GitHub Desktop.
Download ZIP
debug docker-squash
Raw
.gitignore
*.tar
docker/
dtest/
s/
Raw
README.md

Problem with docker squash not showing ancestors.

  • Version reports

    docker --version
Docker version 17.03.0-ce, build 3a232c8
    python --version
Python 2.7.12
    lsb_release -d
Description:    Ubuntu 16.04.1 LTS
    docker-squash @05cd17fe639183e2986fa89b3ddb62bcf903cf2b (1.0.4)

  • I have a problem where docker squash produced images do not show correctly their ancestors with vizualition tools like nate/dockviz with docker >= 1.12.

  • Indeed, they show up in the tree as having no ancestor despite the rootfs.layers properties.

  • I was at first trying to determine if the produced image was still usable or if the loaded content from docker squash was leading to a corrupted image.

  • Considering:

    • cat Dockerfile 
      FROM alpine
RUN touch fooa
RUN touch foob
    • cat Dockerfile2 
      FROM test1
RUN touch 1a
RUN touch 1b

  • Then make a pdb inside docker-squash to have room to save the produced tarball for inspection and extract it somewhere for inspection

    venv/bin/docker-squash -v -t test3 -f test1 $(docker inspect test2 -f '{{.Id}}')
(pdb) tar_file
'/somewhere/x.tar'
^Z
mkdir s
tar xzvf -C s /somewhere/x.tar

  • Prettyfying the jsons for inspection

    cat s/<SHA>.json         | python -m json.tool > s/<SHA>.json.pretty
cat s/manifest.json      | python -m json.tool > s/manifest.json.pretty
cat docker/<SHA>.json    | python -m json.tool > docker/<SHA>.json.pretty
cat docker/manifest.json | python -m json.tool > docker/manifest.json.pretty

  • Making 2 images of those dockerfiles

    docker build -t test1 . -f Dockerfile
docker build -t test2 . -f Dockerfile2
docker save test2 -o test2.tar

  • Looking in the produced toplevel json file s/<SHA*>.json and diffing from what docker-squash/<SHA*>/json, we see at first that in docker squash json file:

    • container is lost
    • container_config is lost
    • Image has the form <UUID> and not sha256:<SHA>
    • history varies, but seems still valid and correlated as, ofc, we just rewrote a part with the tool.

2be38e2819619468fe1df5c8dfca4c929c0d557d1d93c9b785a7d4925ec66c68 sha256:23b9c7b43573dd164619ad59e9d51eda4095926729f59d5f22803bcbe9ab24c2 aafba8947124a6f67e5b588d5ff2b66e30b07f2cb1eff0974bbda004e14d65dd sha256:4eb0216f37e735ca2987fd0c31d8430ae746e736d3f5bab4b27bb41e3b08688c c632685499500acf92eee6754487c5b16fbef1dd44f6b34045a12479b933dbdc sha256:845cc8d94e6866379eb820bf9ef8281224bf55aa9fc8bb29ca71ff3ebb369d23 c638bf95e4e5d9d5a0f9e4a51594bedf0127b3b8c0fd053c6b0319161be53f37 sha256:7ab02dd6a21675fdabceb784f8fc35413c253a05f109eb5cb7529ba81b15d5df 29c416acbb1f9ee980b30c8c75b6abcf3b3ac791b4fad5d8df01754632dbdc09 sha256:d5e0577b12ae03578dd1e74241a03b7c5aeabe5bcc0973f161ab59d3eadef7f9 2d7b68975110379ced34847281b2fef1832dad03590644944a3634337f9783ca xxx sha256:3fd3aff183969e87645e19d0b3c4c684532fe9fd18b083594114775c3e91f45f

Raw
Dockerfile
FROM alpine
RUN touch fooa
RUN touch foob
Raw
Dockerfile2
FROM test1
RUN touch 1a
RUN touch 1b
Raw
Dockerfile3
FROM test3
RUN touch fooa
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment