Details
Minor Description
Mesos: 1.5.x (according to DC/OS documentation)
DC/OS 1.11.4
Nexus 3.14.0
Docker: 1.13.1
We are using a private docker registry that requires SSL client certificates for authentication and want to use a proxy registry for caching and access (firewall rules). As we already have a nexus 3 instance in each of our clusters, we opted to use that (docker proxy registry). Using the docker engine, everything works as intended. However, setting up an UCR service results in the following error message:
Failed to launch container: Unsupported manifest MIME type: application/vnd.docker.distribution.manifest.v2+json
If we configure nexus to proxy the docker hub (https://registry-1.docker.io) we get the same result: Working with docker, not with UCR.
Using a hosted docker registry in nexus 3 does work with docker and UCR... with the same content-type of blobs and metadata. Activating support for registry v1 made no difference.
The error seems to arise in the docker-fetcher:
https://github.com/apache/mesos/blob/1.5.x/src/uri/fetchers/docker.cpp#L702
There is also a comment that might lead to a solution or cause-of
// Check if we got a V2 Schema 1 manifest. // TODO(ipronin): We have to support Schema 2 manifests to be able to use // digests for pulling images that were pushed with Docker 1.10+ to // Registry 2.3+.
Docker is capable of retrieving images from a hosted or a proxy registry in nexus 3. UCR fails with a proxy one.