-
Notifications
You must be signed in to change notification settings - Fork 5.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Docker compose pull doesn't respect local images #3660
Comments
I'm facing similar issues. I use the --ignore-pull-failures option when I do a docker-compose pull. This basically ignores ALL errors. It is ok as a workaround. We do the same thing in our pipeline. I pull other production-images and start my freshly build release-candidate container locally. When the tests are ok, it's uploaded. |
I don't see this is a issue / bug with current functionality. Perhaps a --filter option to pull? So something like:
Then:
|
You could also do |
Both of those options seem kind of sub-optimal. It's not really a 'failure' to ignore, more of a separate use case. The second option means you're having to declare some behavior / state outside of the compose file. I.e. I have all of this automated but then want to change which images are pulled and which aren't, I probably want that to be reflected in my compose file as a single-point-of-truth, but I have to edit the pull command instead. |
I'd agree with @johnharris85 on I didn't know you could pull specific images, so thanks for that @dnephin - the downside being, this would move knowledge about the composure of my stack outside the compose file, whereas for me a compose file is a one-stop encapsulation of my architecture. |
Yes, and in this case I think that's correct. The behaviour that is external to the Compose file is not the behaviour of a container, but part of your project dev workflow. Compose is not a project workflow tool. It's a tool for orchestrating containers. The Compose file should really only include configuration for those containers. How to pull an image is not container configuration, it's part of the workflow, and currently all of those options are commands and flags. I think this is an important distinction. Trying to mix both would make the Compose file very confusing. The equivalent of |
Problem: Suggestion: |
Any clues how to avoid this issue? |
I'd like to know how to avoid this issue too. |
I'd also like to use a locally built image, before building and publishing a real image to our registry. How would I go about doing that? Looking at this conversation, it seems impossible to use locally installed images? |
It's not only for containers if docker-compose allows to pull and push. Maybe it shouldn't be concern for docker-compose? Maybe docker should mark locally built, not-yet-pushed images and ignore it when trying to pull this particular image. It's PITA since latest docker-compose releases, we're able to build docker images with concrete name specified in docker-compose.yml. |
A hacky workaround to use your local images is to run your own registry:
|
+1 same issue |
Try this './docker-env -c ./build --no-update'. This command works for running locally built images. |
This kind of solution isn't really viable:
People want to ignore that an image is local. Not necessarily every other type of error. Developers aiming to create robust systems will program strictly and abort on the first error. This breaks with that. In nearly all my years of programming auto-fix, force and ignore options turn out useless if you program safely. They tend to only be genuinely useful in 0.0001% of cases for safe code. If it's to be useful, then it should only fire when the error is non-critical (as in it has the image, only update failed). That's or there should be a variant that does that. It should be possible to have something such as pull --missing-only. That would at least allow a pre-fetch. It doesn't seem like docker stores enough information on images to know if they are local or remote. The correct way to support it would be to add an option in the docker compose file that an image is built locally. There's the question of why this happens at all if docker-compose can build images (and then knows that they are local). For me it's because it isn't very good at that (for example it doesn't have a separate build section, instead it's crammed into services), I've made my own tool to manage and wrap that. This then breaks pull because docker-compose doesn't know about them being built locally. I can implement the functionality I need with my system. At that point docker-compose wont be used for build or pull at all for my, only service management (run, stop, up, down, start). It would be nice though if docker compose fixed these issues at the core. It is also missing an image section where you should be able to specify images that are local and some management for private repositories. If you have a repository section then you could specify images for those repositories (is left out maybe have it automatic, then some thought going into what happens when an image is in the global and one or more private).
|
With the status quo, using —ignore-pull-failures and —include-deps together doesn’t actually work.. my dockerfile has “FROM: ubuntu:16.04”, but this dependency is never pulled because of the pull failure... Of course it is pulled when I later build, but there is no way to force pull the latest version of every dependency, so it is left with the first version of the image forever... I imagine there is a lot of out of date code in production for this reason.. |
--prefer-local (prefer newer image with same tag on local machine) would be great - than we can use the same compose file and workflow in local development and in production - and it is always possible to locally override images with ease for testing purpose |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Bump |
This issue has been automatically marked as not stale anymore due to the recent activity. |
Bump |
bump |
I think this syntax is more logical.
|
Bump! |
A workaround for this while developing locally to save pull time:
|
@akashjain971 Oh man, you saved me. It's a very ugly workaround but works like a charm. Shame than docker-compose doesn't have anything like the |
Is it not simpler for there to be a reserved "repo" name for locally-built images such that something like: service:
my_service:
image: localhost/myimage:devtag
my_other_service:
image: redis:alpine Means that Compose knows that my_service is using an image that only exists as a local build and would never attempt to pull it? |
Still no solution better than creating a local registry ? |
@ard-i that's not what the issue is about. The issue is about using |
Thanks @lucasbasquerotto Using |
AFAICT |
@ndeloof With The former is probably what people in this issue want (no remote connection at all if |
The spec don't define how implementation has to behave regarding registry connexion, but a reasonable implementation would be:
About checking the image is up-to-date with registry one, there's unfortunately no such thing as a portable hash to be compared with the remote. The local image ID only exists in the local engine. Using
|
Thanks @ndeloof I've tried both
|
I said this was introduced by the compose-spec, and could be used to support this feature request, not that it's already supported in docker compose! |
hopefully, it's implemented soon! This is already available with |
docker run is a complete distinct beast actually. But yes indeed, could be implemented quickly as the structure is already defined in the compose-spec model |
Is this being addressed? It's a real pain for some use cases and the solution seems pretty straightforward |
for me I needed to specify the local IMAGE ID instead of the name of the image in docker-compose.yml Instead of
I changed it to
and then running EDIT: |
My workaround: |
Found the issue. For latest Docker versions that happens because you haven't pointed base image platform type like |
@filinvadim thanks. add |
Still having the issue and found this thread! I don't think disabling Buildkit is a smart hack if one wants to use buildkit-features like The matter that buildkit obviously breaks this is a bug. Has this been reported to buildkit or is the bug located in docker itself? |
Know this issue is closed but you can use watchtower on a custom custom interval to keep remote images up to date and never push your local image to a remote registry. |
During my searches I've seen this issue raised and closed a few times, but even using the latest build of docker-compose, this still doesn't behave the way I understand that it is expected to.
Scenario:
We're building a composed environment for our CI tests to run. We grab a database image, an api image, and a local copy of the image containing application we are trying to test (it has been built in a previous CI step, and tagged with the build hash provided by our CI environment (CIRCLE_SHA1)
docker-compose.yml
The commands we run then are as follows:
Actual Result:
No matter what I do, docker compose always tries to pull my CIRCLE_SHA1 tagged version from docker hub. it doesn't exist there, I never want to push it (until it passes tests and is re-tagged as :latest and/or :release
I have a unique tag CIRCLE_SHA1 which only exists inside the build environment, meaning no confusion for docker-compose when it tries to pull, and yet, it seems to try to fetch it anyway, and fail even though that exact tag exists locally.
Expected Result:
I'd expect the fact that there is no remote build tagged with CIRCLE_SHA1 to cause docker-compose to use the local copy it finds. I need to do pull, because I want everything else to be the latest.
I'd suggest that if there is confusion where
image:
refers to a remote repository, then perhaps we could uselocal:
instead, to reference a local image?The text was updated successfully, but these errors were encountered: