1389183 – OCP 3.4 doesn't support to use RepoDigest for ImageID

Bug 1389183 - OCP 3.4 doesn't support to use RepoDigest for ImageID

Summary: OCP 3.4 doesn't support to use RepoDigest for ImageID

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Node
Sub Component:
Version:	3.4.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Solly Ross
QA Contact:	Zhang Cheng
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1392254 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-10-27 06:32 UTC by Zhang Cheng
Modified:	2017-03-08 18:43 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:	The pod container status field ImageID was previously populated with a string of the form `docker://SOME_ID`. This displayed an image ID which was not usable to correlate the image running in the pod with an image stored on a registry. Now, the ImageID field is populated with a string of the form `docker-pullable://sha256@SOME_ID`. This image ID may be used to identify and pull the running image from the registry unambiguously.
Clone Of:
Environment:
Last Closed:	2017-01-18 12:46:48 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2017:0066	0	normal	SHIPPED_LIVE	Red Hat OpenShift Container Platform 3.4 RPM Release Advisory	2017-01-18 17:23:26 UTC

Description Zhang Cheng 2016-10-27 06:32:47 UTC

Description of problem: The code of user story "[node] Pod.Status.ContainerStatuses.ImageID value needs to match image digest for trackability" had been merged in OCP3.3.1, but not exist in OCP3.4

Version-Release number of selected component (if applicable):
# openshift version
openshift v3.4.0.16+cc70b72
kubernetes v1.4.0+776c994
etcd 3.1.0-rc.0
# docker version
1.12.1

How reproducible:
Always

Steps to Reproduce:
1. oc create -f pod-pull-by-digests.yaml
apiVersion: v1
kind: Pod
metadata:
  name: pod-pull-by-digests
  labels:
    app: pod-pull-by-digests
spec:
  containers:
  - name: hello-pod
    image: docker.io/deshuai/hello-pod@sha256:90b815d55c95fffafd7b68a997787d0b939cdae1bca785c6f52b5d3ffa70714f
    ports:
    - containerPort: 80

2. check image info from pod status
oc get pod pod-pull-by-digests -o yaml

Actual results: 
imageID: docker://sha256:e6a47a29d0e2749c873134622635a69badbedc98ea23791a2b152663d797c4dc

Expected results: 
Should be:
imageID: docker-pullable://docker.io/deshuai/hello-pod@sha256:90b815d55c95fffafd7b68a997787d0b939cdae1bca785c6f52b5d3ffa70714f

addition info: 
None

Comment 1 Derek Carr 2016-10-27 19:35:36 UTC

This requires a fix to docker-1.10 that has not yet shipped in RHEL.  It's due Nov 5.

Comment 2 Derek Carr 2016-10-31 19:39:15 UTC

Actually, to clarify, the test would be against docker 1.12.  Solly - please confirm you actually cherry-picked this to openshift/origin:master.  I suspect we need to pick it.

Comment 3 Derek Carr 2016-11-01 14:23:42 UTC

origin pr:

https://github.com/openshift/origin/pull/11674

Comment 4 Troy Dawson 2016-11-04 18:59:59 UTC

This has been merged into ose and is in OSE v3.4.0.22 or newer.

Comment 6 Solly Ross 2016-11-04 20:18:33 UTC

I noticed an issue and posted a second PR: https://github.com/openshift/origin/pull/11793

Comment 7 DeShuai Ma 2016-11-07 01:42:44 UTC

wait PR 11793 merge

Comment 8 Andy Goldstein 2016-11-07 20:18:58 UTC

In the merge queue

Comment 9 Seth Jennings 2016-11-08 18:35:05 UTC

*** Bug 1392254 has been marked as a duplicate of this bug. ***

Comment 10 Troy Dawson 2016-11-09 19:51:59 UTC

This has been merged into ose and is in OSE v3.4.0.24 or newer.

Comment 11 Zhang Cheng 2016-11-14 05:57:59 UTC

Verified and Passed. Code have been merged in 3.4 latest version.

Test Env:
oc v3.4.0.25+1f36858
kubernetes v1.4.0+776c994

Comment 13 errata-xmlrpc 2017-01-18 12:46:48 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:0066

Note You need to log in before you can comment on or make changes to this bug.