I am trying to push a bunch of images to a public registry I have in Amazon ECR. Those images should be usable on hosts of different architectures (amd64, arm, ppc64le, s390x).
Basically, after AWS login, I am pulling locally the images I need, tagging them and pushing them to $MY_REGISTRY:
podman pull alpine
podman tag alpine $MY_REGISTRY/alpine:latest
podman push $MY_REGISTRY/alpine:latest
However, those images are only usable on amd64 hosts...
I have observed that the original image keeps the manifest list:
podman manifest inspect alpine
{
"schemaVersion": 2,
"mediaType": "application/vnd.docker.distribution.manifest.list.v2 json",
"manifests": [
{
"mediaType": "application/vnd.docker.distribution.manifest.v2 json",
"size": 528,
"digest": "sha256:4ff3ca91275773af45cb4b0834e12b7eb47d1c18f770a0b151381cd227f4c253",
"platform": {
"architecture": "amd64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2 json",
"size": 528,
"digest": "sha256:3c66139adbd2513f9fc56eff206513ffc8356b282bed31a4e74c7eb926b850aa",
"platform": {
"architecture": "arm",
"os": "linux",
"variant": "v6"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2 json",
"size": 528,
"digest": "sha256:0615cdd745d0b78e7e6ac3a7b1f02e4daefa664eae0324120955f4e4c91bea3f",
"platform": {
"architecture": "arm",
"os": "linux",
"variant": "v7"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2 json",
"size": 528,
"digest": "sha256:c3c58223e2af75154c4a7852d6924b4cc51a00c821553bbd9b3319481131b2e0",
"platform": {
"architecture": "arm64",
"os": "linux",
"variant": "v8"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2 json",
"size": 528,
"digest": "sha256:72af6266bafde8c78d5f20a2a85d0576533ce1ecd6ed8bcf7baf62a743f3b24d",
"platform": {
"architecture": "386",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2 json",
"size": 528,
"digest": "sha256:0f3aeb63bb71ccd3ba0020772f5617e50946a4f2713953c3f494203f1544ea03",
"platform": {
"architecture": "ppc64le",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2 json",
"size": 528,
"digest": "sha256:83167bc8418071fc178d191ed604f44792c94ad3c3ac26350c29d2445f6a9644",
"platform": {
"architecture": "s390x",
"os": "linux"
}
}
]
}
However, the tagged image doesn't:
podman manifest inspect $MY_REGISTRY/alpine
WARN[0001] Warning! The manifest type application/vnd.docker.distribution.manifest.v2 json is not a manifest list but a single image.
{
"schemaVersion": 2,
"mediaType": "application/vnd.docker.distribution.manifest.v2 json",
"config": {
"mediaType": "application/vnd.docker.container.image.v1 json",
"size": 1472,
"digest": "sha256:e66264b98777e12192600bf9b4d663655c98a090072e1bab49e233d7531d1294"
},
"layers": [
{
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"size": 2897375,
"digest": "sha256:ff309671352dd8bb4f487772b942ab34acb26811d2ab2b6fa659a9ef84b11cb4"
}
]
}
How can I tag the image and keep the manifest list so that when I push it to the registry it can be used on any architecture?
CodePudding user response:
Pulling an image dereferences the manifest list to your local platform (or at least it does in docker). There are various tools that will copy an image between registries, including Google's crane, RedHat's skopeo, and my regclient. E.g. using regclient's regctl:
$ regctl image copy alpine:latest localhost:5000/library/alpine:latest
$ regctl manifest get localhost:5000/library/alpine:latest
Name: localhost:5000/library/alpine:latest
MediaType: application/vnd.docker.distribution.manifest.list.v2 json
Digest: sha256:686d8c9dfa6f3ccfc8230bc3178d23f84eeaf7e457f36f271ab1acc53015037c
Manifests:
Name: localhost:5000/library/alpine:latest@sha256:4ff3ca91275773af45cb4b0834e12b7eb47d1c18f770a0b151381cd227f4c253
Digest: sha256:4ff3ca91275773af45cb4b0834e12b7eb47d1c18f770a0b151381cd227f4c253
MediaType: application/vnd.docker.distribution.manifest.v2 json
Platform: linux/amd64
Name: localhost:5000/library/alpine:latest@sha256:3c66139adbd2513f9fc56eff206513ffc8356b282bed31a4e74c7eb926b850aa
Digest: sha256:3c66139adbd2513f9fc56eff206513ffc8356b282bed31a4e74c7eb926b850aa
MediaType: application/vnd.docker.distribution.manifest.v2 json
Platform: linux/arm/v6
Name: localhost:5000/library/alpine:latest@sha256:0615cdd745d0b78e7e6ac3a7b1f02e4daefa664eae0324120955f4e4c91bea3f
Digest: sha256:0615cdd745d0b78e7e6ac3a7b1f02e4daefa664eae0324120955f4e4c91bea3f
MediaType: application/vnd.docker.distribution.manifest.v2 json
Platform: linux/arm/v7
Name: localhost:5000/library/alpine:latest@sha256:c3c58223e2af75154c4a7852d6924b4cc51a00c821553bbd9b3319481131b2e0
Digest: sha256:c3c58223e2af75154c4a7852d6924b4cc51a00c821553bbd9b3319481131b2e0
MediaType: application/vnd.docker.distribution.manifest.v2 json
Platform: linux/arm64
Name: localhost:5000/library/alpine:latest@sha256:72af6266bafde8c78d5f20a2a85d0576533ce1ecd6ed8bcf7baf62a743f3b24d
Digest: sha256:72af6266bafde8c78d5f20a2a85d0576533ce1ecd6ed8bcf7baf62a743f3b24d
MediaType: application/vnd.docker.distribution.manifest.v2 json
Platform: linux/386
Name: localhost:5000/library/alpine:latest@sha256:0f3aeb63bb71ccd3ba0020772f5617e50946a4f2713953c3f494203f1544ea03
Digest: sha256:0f3aeb63bb71ccd3ba0020772f5617e50946a4f2713953c3f494203f1544ea03
MediaType: application/vnd.docker.distribution.manifest.v2 json
Platform: linux/ppc64le
Name: localhost:5000/library/alpine:latest@sha256:83167bc8418071fc178d191ed604f44792c94ad3c3ac26350c29d2445f6a9644
Digest: sha256:83167bc8418071fc178d191ed604f44792c94ad3c3ac26350c29d2445f6a9644
MediaType: application/vnd.docker.distribution.manifest.v2 json
Platform: linux/s390x