Skip to content

Docker Compose "type: image" mount fails on Linux with "file name too long" when image path contains long registry namespace #51687

New issue
New issue
Closed
#51827
Closed
Docker Compose "type: image" mount fails on Linux with "file name too long" when image path contains long registry namespace#51687
#51827
Labels
kind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.status/0-triage
@MrScriptSmith

Description

@MrScriptSmith
MrScriptSmith
opened on Dec 11, 2025

Description

When using Docker Compose with the experimental mount type type: image, container startup fails on Linux due to Docker generating a mount-id that includes the full image path (src=...).

If the registry namespace is long (e.g., cloud registries with autogenerated IDs), the generated mount-id exceeds the 255-character filesystem limit, causing the following error:

Error response from daemon: mkdir <...>: file name too long

This makes the type: image feature unusable on Linux for images pulled from registries with long paths (e.g., Yandex Cloud Registry, AWS ECR, GCR, etc.).
The same configuration works on Docker Desktop for macOS.

Reproduce

  1. Use any Linux host (Ubuntu 22.04).
  2. Install Docker Engine 27+ / 28+ / 29+.
  3. Install Docker Compose (v2.39.4 or v5 also tested).
  4. Create a docker-compose file:
services:
  test:
    image: alpine
    volumes:
      - type: image
        source: registry.example.com/very-long-namespace-abcdef1234567890/geoip-db:latest
        target: /data
  1. Run:

docker compose up

Actual result

Docker fails with:
Error response from daemon: mkdir /var/lib/docker/image/overlay2/layerdb/mounts/<generated_mount_id>: file name too long

Example of generated mount-id (shortened):
3934363238...,src=registry.example.com/very-long-namespace-abcdef1234567890/geoip-db:latest,dst=/data

Total length exceeds Linux filesystem limit of 255 characters.

This happens both with:

  • overlay2 (/var/lib/docker/image/overlay2/...)
  • containerd snapshotter (/var/lib/docker/rootfs/overlayfs/...)
    after enabling:
    {
    "features": {
    "containerd-snapshotter": true
    }
    }

Expected behavior

Mounting an image as a filesystem should work on Linux, without exceeding filesystem path limits.

Docker should avoid embedding the full image path into the mount-id.

This could be achieved by:

  • hashing long src= values, or
  • storing metadata outside the directory name, or
  • shortening identifiers internally.

This behavior works on Docker Desktop for macOS; Linux should be consistent.

docker version

Client: Docker Engine - Community
 Version:           29.1.2
 API version:       1.52
 Go version:        go1.25.5
 Git commit:        890dcca
 Built:             Tue Dec  2 21:55:19 2025
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          29.1.2
  API version:      1.52 (minimum version 1.44)
  Go version:       go1.25.5
  Git commit:       de45c2a
  Built:            Tue Dec  2 21:55:19 2025
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v2.2.0
  GitCommit:        1c4457e00facac03ce1d75f7b6777a7a851e5c41
 runc:
  Version:          1.3.4
  GitCommit:        v1.3.4-0-gd6d73eb8
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

Client: Docker Engine - Community
 Version:    29.1.2
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.28.0
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.39.4
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 7
  Running: 7
  Paused: 0
  Stopped: 0
 Images: 8
 Server Version: 29.1.2
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 CDI spec directories:
  /etc/cdi
  /var/run/cdi
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 1c4457e00facac03ce1d75f7b6777a7a851e5c41
 runc version: v1.3.4-0-gd6d73eb8
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 6.8.0-88-generic
 Operating System: Ubuntu 24.04.2 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 3.822GiB
 Name: pasyuk-sandbox
 ID: bb3bb664-9b80-4f45-a083-d04491e8eae6
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  ::1/128
  127.0.0.0/8
 Live Restore Enabled: false
 Firewall Backend: iptables

Additional Info

  • The issue occurs only on Linux, not on Docker Desktop (macOS).-
  • Workarounds tested:
    • Tagging the image to a shorter local alias → works but breaks automated updates.
    • Using an init-container to copy files from the image into a volume → works but adds orchestration complexity.
    • Switching Docker between overlay2 and containerd → does not solve the problem.
  • Registry paths from cloud providers often include long autogenerated namespaces (e.g., cr.yandex/<24-character-id>/image:tag), making this issue very common in real-world CI/CD setups.

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.status/0-triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions