Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-14327

Windows images referencing foreign layers are not cached inside artifactory in version 5.3


    • Type: New Feature
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: 5.10.4
    • Fix Version/s: 6.4.0
    • Component/s: Docker
    • Labels:
    • Sprint:
      Leap 32, Leap 33, Leap 34


      We were testing docker updates for 5.3, hoping to see fixes for remote repo caching regarding docker images for windows, which our rep Ben Irizarry thought was there. We want to force all our dependency management to go through this tool so we can further lock down our firewall. From our analysis we found this:

      • Remote caching is only storing the manifest and a single sha256 file containing xml
      • Client appears to be handling downloading the image pieces, so firewall has to allow access to those locations
      • At this point a docker client will need access to: docker.io, go.microsoft.com, az896309.vo.msecnd.net
      • Testing blocking links on my local firewall and was able to verify that the client is initiating pulling those secondary links
      • Artifactory only stores images for the custom stuff we build

      Example manifest (microsoft/nanoserver/10.0.14393.953)

          "schemaVersion": 2,
          "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
          "config": {
              "mediaType": "application/vnd.docker.container.image.v1+json",
              "size": 582,
              "digest": "sha256:18a0d32a4b98e8a3e1ab7eb33b2be75b4826cbf43754961db08101b52bce0840"
          "layers": [{
                  "mediaType": "application/vnd.docker.image.rootfs.foreign.diff.tar.gzip",
                  "size": 252691002,
                  "digest": "sha256:bce2fbc256ea437a87dadac2f69aabd25bed4f56255549090056c1131fad0277",
                  "urls": [
                  "mediaType": "application/vnd.docker.image.rootfs.foreign.diff.tar.gzip",
                  "size": 114925341,
                  "digest": "sha256:58f68fa0ceda734a980c12dedf782342f892e218bba3c74ded58bfabed652ba1",
                  "urls": [


      C:\Code\Corp\POC\Containers\Network\Linux>docker version
       Version:      17.03.1-ce
       API version:  1.27
       Go version:   go1.7.5
       Git commit:   c6d412e
       Built:        Tue Mar 28 00:40:02 2017
       OS/Arch:      windows/amd64
       Version:      17.03.1-ce
       API version:  1.27 (minimum version 1.24)
       Go version:   go1.7.5
       Git commit:   c6d412e
       Built:        Tue Mar 28 00:40:02 2017
       OS/Arch:      windows/amd64
       Experimental: true

      Artifactory version: 5.3.0 rev 50045

      Is this expected behavior and if so, are there any plans to support caching these items for windows?


          Issue Links



              • Assignee:
                rotemk Rotem Kfir
                paylocity-sflanders Spencer Flanders
                Assigned QA:
                Matan Katz
              • Votes:
                8 Vote for this issue
                15 Start watching this issue


                • Created: