堆栈内存溢出
  简体   繁体   English

有没有办法只用它的 sha 找到一个层是由什么组成的?

[英]Is there a way to find what a layer was made from only with its sha?

 原文  2022-04-26 10:12:16       docker

问题描述

This docker image https://hub.docker.com/layers/hseeberger/scala-sbt/8u222_1.3.5_2.13.1/images/sha256-c332b90d6141f34517dec9285601b246f4df7861d421d1fb8cc70ee157a098f2 This docker image https://hub.docker.com/layers/hseeberger/scala-sbt/8u222_1.3.5_2.13.1/images/sha256-c332b90d6141f34517dec9285601b246f4df7861d421d1fb8cc70ee157a098f2

does not use the usual FROM as a base, but rather ADD file:fdf0128645db4c8b990073dc4fe3fabad50411032c9aa4f86538d46e0e8f158f in /不使用通常的FROM作为基础,而是ADD file:fdf0128645db4c8b990073dc4fe3fabad50411032c9aa4f86538d46e0e8f158f in /

Is there a way to see what this layer was build from / what are its contents / basically make sure that it is safe to run?有没有办法查看该层是从什么构建的/它的内容是什么/基本上确保它可以安全运行?

1 个解决方案

解决方案1
 1  2022-04-26 14:08:18

I don't know of an automated way.我不知道自动方式。 But the image is based on an OpenJDK image and I found the same hash in this image https://hub.docker.com/layers/openjdk/library/openjdk/8u222-stretch/images/sha256-c9170435c6535402241fc24cd9b426aa3db527be345231147775ad83ba145705?context=explore But the image is based on an OpenJDK image and I found the same hash in this image https://hub.docker.com/layers/openjdk/library/openjdk/8u222-stretch/images/sha256-c9170435c6535402241fc24cd9b426aa3db527be345231147775ad83ba145705?context=explore

The OpenJDK image was published on Oct 17th 2019 and because it has 'stretch' in the name, I guessed that the base image probably was Debian, I found the same hash in the Debian image from Oct 14th 2019 https://hub.docker.com/layers/debian/library/debian/stretch-20191014/images/sha256-06888500a6e8fc2e2a06ddf83417b10660d457b1ba1e4a06bdcd427cfd394b31?context=explore OpenJDK 镜像发布于 2019 年 10 月 17 日,因为名称中有“stretch”,我猜测基础镜像可能是 Debian,我在 2019 年 10 月 14 日的 Debian 镜像中发现了相同的 hash https://hub.8587224 .com/layers/debian/library/debian/stretch-20191014/images/sha256-06888500a6e8fc2e2a06ddf83417b10660d457b1ba1e4a06bdcd427cfd394b31?context=explore

So the base image is the official debian:stretch-20191014 image.所以基础镜像是官方的debian:stretch-20191014镜像。 The ADD command is often used to create the official OS base images, since you can create a full filesystem from a single tar file. ADD命令通常用于创建官方操作系统基础映像,因为您可以从单个 tar 文件创建完整的文件系统。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何从 hash 中找出 Docker 图像层是什么? - How to find out what a Docker image layer is from its hash? “绑定:试图以访问权限禁止的方式访问套接字” - “bind: An attempt was made to access a socket in a way forbidden by its access permissions” 从私有 docker 注册表中拉取图像会导致摘要 sha256 的文件系统层验证失败: - pulling image from private docker registry causes filesystem layer verification failed for digest sha256: Docker 我的图像内层的图像SHA - Docker image SHA of layer inside my image Docker SQL 绑定:试图以访问权限禁止的方式访问套接字 - Docker SQL bind: An attempt was made to access a socket in a way forbidden by its access permissions System.Net.Sockets.SocketException:“试图以访问权限禁止的方式访问套接字。” - System.Net.Sockets.SocketException: 'An attempt was made to access a socket in a way forbidden by its access permissions.' 端口不可用:侦听 tcp 0.0.0.0/50070:绑定:尝试以其访问权限禁止的方式访问套接字 - Ports are not available: listen tcp 0.0.0.0/50070: bind: An attempt was made to access a socket in a way forbidden by its access permissions 如何找到从SHA1拉出的图像? - How can I find the images being pulled from the SHA1s? 有没有办法只将更改的文件作为新层添加到 docker 映像中 - 而无需求助于 docker commit? - Is there a way to add only changed files to a docker image as a new layer - without resorting to docker commit? docker 镜像中的每个 sha 是什么意思 - What does each sha mean in a docker image
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM