I work with docker and private registries and I wonder what is the difference between the following sha256 number that are associated with a docker image:
- Manifest
- Etag
- Docker-Content-Digest
- blob
CodePudding user response:
- Manifest - This is a list of all the objects needed for a particular image:tag. From https://docs.docker.com/registry/spec/api/#manifest - "The contents can be used to identify and resolve resources required to run the specified image".
- Etag - This in an HTTP feature that helps cache behavior of user-agents. See https://en.wikipedia.org/wiki/HTTP_ETag for more details.
- Docker-Content-Digest - the content digest is a checksum of the contents of the object in question. This object could be a manifest or a blob. Checksum verification helps docker make sure that it successfully downloaded a given object. This also enables content addressability so you can pull an image by the digest and be more confident that you are getting the correct version of the image. See https://docs.docker.com/registry/spec/api/#content-digests
- blob - essentially an image layer that can be referred to by a digest. See https://docs.docker.com/registry/spec/api/#blob for more details about the operations on blob objects at the API level.