| # A Swagger 2.0 (a.k.a. OpenAPI) definition of the Engine API. |
| # |
| # This is used for generating API documentation and the types used by the |
| # client/server. See api/README.md for more information. |
| # |
| # Some style notes: |
| # - This file is used by ReDoc, which allows GitHub Flavored Markdown in |
| # descriptions. |
| # - There is no maximum line length, for ease of editing and pretty diffs. |
| # - operationIds are in the format "NounVerb", with a singular noun. |
| |
| swagger: "2.0" |
| schemes: |
| - "http" |
| - "https" |
| produces: |
| - "application/json" |
| - "text/plain" |
| consumes: |
| - "application/json" |
| - "text/plain" |
| basePath: "/v1.42" |
| info: |
| title: "Docker Engine API" |
| version: "1.42" |
| x-logo: |
| url: "https://docs.docker.com/assets/images/logo-docker-main.png" |
| description: | |
| The Engine API is an HTTP API served by Docker Engine. It is the API the |
| Docker client uses to communicate with the Engine, so everything the Docker |
| client can do can be done with the API. |
| |
| Most of the client's commands map directly to API endpoints (e.g. `docker ps` |
| is `GET /containers/json`). The notable exception is running containers, |
| which consists of several API calls. |
| |
| # Errors |
| |
| The API uses standard HTTP status codes to indicate the success or failure |
| of the API call. The body of the response will be JSON in the following |
| format: |
| |
| ``` |
| { |
| "message": "page not found" |
| } |
| ``` |
| |
| # Versioning |
| |
| The API is usually changed in each release, so API calls are versioned to |
| ensure that clients don't break. To lock to a specific version of the API, |
| you prefix the URL with its version, for example, call `/v1.30/info` to use |
| the v1.30 version of the `/info` endpoint. If the API version specified in |
| the URL is not supported by the daemon, a HTTP `400 Bad Request` error message |
| is returned. |
| |
| If you omit the version-prefix, the current version of the API (v1.42) is used. |
| For example, calling `/info` is the same as calling `/v1.42/info`. Using the |
| API without a version-prefix is deprecated and will be removed in a future release. |
| |
| Engine releases in the near future should support this version of the API, |
| so your client will continue to work even if it is talking to a newer Engine. |
| |
| The API uses an open schema model, which means server may add extra properties |
| to responses. Likewise, the server will ignore any extra query parameters and |
| request body properties. When you write clients, you need to ignore additional |
| properties in responses to ensure they do not break when talking to newer |
| daemons. |
| |
| |
| # Authentication |
| |
| Authentication for registries is handled client side. The client has to send |
| authentication details to various endpoints that need to communicate with |
| registries, such as `POST /images/(name)/push`. These are sent as |
| `X-Registry-Auth` header as a [base64url encoded](https://tools.ietf.org/html/rfc4648#section-5) |
| (JSON) string with the following structure: |
| |
| ``` |
| { |
| "username": "string", |
| "password": "string", |
| "email": "string", |
| "serveraddress": "string" |
| } |
| ``` |
| |
| The `serveraddress` is a domain/IP without a protocol. Throughout this |
| structure, double quotes are required. |
| |
| If you have already got an identity token from the [`/auth` endpoint](#operation/SystemAuth), |
| you can just pass this instead of credentials: |
| |
| ``` |
| { |
| "identitytoken": "9cbaf023786cd7..." |
| } |
| ``` |
| |
| # The tags on paths define the menu sections in the ReDoc documentation, so |
| # the usage of tags must make sense for that: |
| # - They should be singular, not plural. |
| # - There should not be too many tags, or the menu becomes unwieldy. For |
| # example, it is preferable to add a path to the "System" tag instead of |
| # creating a tag with a single path in it. |
| # - The order of tags in this list defines the order in the menu. |
| tags: |
| # Primary objects |
| - name: "Container" |
| x-displayName: "Containers" |
| description: | |
| Create and manage containers. |
| - name: "Image" |
| x-displayName: "Images" |
| - name: "Network" |
| x-displayName: "Networks" |
| description: | |
| Networks are user-defined networks that containers can be attached to. |
| See the [networking documentation](https://docs.docker.com/network/) |
| for more information. |
| - name: "Volume" |
| x-displayName: "Volumes" |
| description: | |
| Create and manage persistent storage that can be attached to containers. |
| - name: "Exec" |
| x-displayName: "Exec" |
| description: | |
| Run new commands inside running containers. Refer to the |
| [command-line reference](https://docs.docker.com/engine/reference/commandline/exec/) |
| for more information. |
| |
| To exec a command in a container, you first need to create an exec instance, |
| then start it. These two API endpoints are wrapped up in a single command-line |
| command, `docker exec`. |
| |
| # Swarm things |
| - name: "Swarm" |
| x-displayName: "Swarm" |
| description: | |
| Engines can be clustered together in a swarm. Refer to the |
| [swarm mode documentation](https://docs.docker.com/engine/swarm/) |
| for more information. |
| - name: "Node" |
| x-displayName: "Nodes" |
| description: | |
| Nodes are instances of the Engine participating in a swarm. Swarm mode |
| must be enabled for these endpoints to work. |
| - name: "Service" |
| x-displayName: "Services" |
| description: | |
| Services are the definitions of tasks to run on a swarm. Swarm mode must |
| be enabled for these endpoints to work. |
| - name: "Task" |
| x-displayName: "Tasks" |
| description: | |
| A task is a container running on a swarm. It is the atomic scheduling unit |
| of swarm. Swarm mode must be enabled for these endpoints to work. |
| - name: "Secret" |
| x-displayName: "Secrets" |
| description: | |
| Secrets are sensitive data that can be used by services. Swarm mode must |
| be enabled for these endpoints to work. |
| - name: "Config" |
| x-displayName: "Configs" |
| description: | |
| Configs are application configurations that can be used by services. Swarm |
| mode must be enabled for these endpoints to work. |
| # System things |
| - name: "Plugin" |
| x-displayName: "Plugins" |
| - name: "System" |
| x-displayName: "System" |
| |
| definitions: |
| Port: |
| type: "object" |
| description: "An open port on a container" |
| required: [PrivatePort, Type] |
| properties: |
| IP: |
| type: "string" |
| format: "ip-address" |
| description: "Host IP address that the container's port is mapped to" |
| PrivatePort: |
| type: "integer" |
| format: "uint16" |
| x-nullable: false |
| description: "Port on the container" |
| PublicPort: |
| type: "integer" |
| format: "uint16" |
| description: "Port exposed on the host" |
| Type: |
| type: "string" |
| x-nullable: false |
| enum: ["tcp", "udp", "sctp"] |
| example: |
| PrivatePort: 8080 |
| PublicPort: 80 |
| Type: "tcp" |
| |
| MountPoint: |
| type: "object" |
| description: | |
| MountPoint represents a mount point configuration inside the container. |
| This is used for reporting the mountpoints in use by a container. |
| properties: |
| Type: |
| description: | |
| The mount type: |
| |
| - `bind` a mount of a file or directory from the host into the container. |
| - `volume` a docker volume with the given `Name`. |
| - `tmpfs` a `tmpfs`. |
| - `npipe` a named pipe from the host into the container. |
| - `cluster` a Swarm cluster volume |
| type: "string" |
| enum: |
| - "bind" |
| - "volume" |
| - "tmpfs" |
| - "npipe" |
| - "cluster" |
| example: "volume" |
| Name: |
| description: | |
| Name is the name reference to the underlying data defined by `Source` |
| e.g., the volume name. |
| type: "string" |
| example: "myvolume" |
| Source: |
| description: | |
| Source location of the mount. |
| |
| For volumes, this contains the storage location of the volume (within |
| `/var/lib/docker/volumes/`). For bind-mounts, and `npipe`, this contains |
| the source (host) part of the bind-mount. For `tmpfs` mount points, this |
| field is empty. |
| type: "string" |
| example: "/var/lib/docker/volumes/myvolume/_data" |
| Destination: |
| description: | |
| Destination is the path relative to the container root (`/`) where |
| the `Source` is mounted inside the container. |
| type: "string" |
| example: "/usr/share/nginx/html/" |
| Driver: |
| description: | |
| Driver is the volume driver used to create the volume (if it is a volume). |
| type: "string" |
| example: "local" |
| Mode: |
| description: | |
| Mode is a comma separated list of options supplied by the user when |
| creating the bind/volume mount. |
| |
| The default is platform-specific (`"z"` on Linux, empty on Windows). |
| type: "string" |
| example: "z" |
| RW: |
| description: | |
| Whether the mount is mounted writable (read-write). |
| type: "boolean" |
| example: true |
| Propagation: |
| description: | |
| Propagation describes how mounts are propagated from the host into the |
| mount point, and vice-versa. Refer to the [Linux kernel documentation](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt) |
| for details. This field is not used on Windows. |
| type: "string" |
| example: "" |
| |
| DeviceMapping: |
| type: "object" |
| description: "A device mapping between the host and container" |
| properties: |
| PathOnHost: |
| type: "string" |
| PathInContainer: |
| type: "string" |
| CgroupPermissions: |
| type: "string" |
| example: |
| PathOnHost: "/dev/deviceName" |
| PathInContainer: "/dev/deviceName" |
| CgroupPermissions: "mrw" |
| |
| DeviceRequest: |
| type: "object" |
| description: "A request for devices to be sent to device drivers" |
| properties: |
| Driver: |
| type: "string" |
| example: "nvidia" |
| Count: |
| type: "integer" |
| example: -1 |
| DeviceIDs: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "0" |
| - "1" |
| - "GPU-fef8089b-4820-abfc-e83e-94318197576e" |
| Capabilities: |
| description: | |
| A list of capabilities; an OR list of AND lists of capabilities. |
| type: "array" |
| items: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| # gpu AND nvidia AND compute |
| - ["gpu", "nvidia", "compute"] |
| Options: |
| description: | |
| Driver-specific options, specified as a key/value pairs. These options |
| are passed directly to the driver. |
| type: "object" |
| additionalProperties: |
| type: "string" |
| |
| ThrottleDevice: |
| type: "object" |
| properties: |
| Path: |
| description: "Device path" |
| type: "string" |
| Rate: |
| description: "Rate" |
| type: "integer" |
| format: "int64" |
| minimum: 0 |
| |
| Mount: |
| type: "object" |
| properties: |
| Target: |
| description: "Container path." |
| type: "string" |
| Source: |
| description: "Mount source (e.g. a volume name, a host path)." |
| type: "string" |
| Type: |
| description: | |
| The mount type. Available types: |
| |
| - `bind` Mounts a file or directory from the host into the container. Must exist prior to creating the container. |
| - `volume` Creates a volume with the given name and options (or uses a pre-existing volume with the same name and options). These are **not** removed when the container is removed. |
| - `tmpfs` Create a tmpfs with the given options. The mount source cannot be specified for tmpfs. |
| - `npipe` Mounts a named pipe from the host into the container. Must exist prior to creating the container. |
| - `cluster` a Swarm cluster volume |
| type: "string" |
| enum: |
| - "bind" |
| - "volume" |
| - "tmpfs" |
| - "npipe" |
| - "cluster" |
| ReadOnly: |
| description: "Whether the mount should be read-only." |
| type: "boolean" |
| Consistency: |
| description: "The consistency requirement for the mount: `default`, `consistent`, `cached`, or `delegated`." |
| type: "string" |
| BindOptions: |
| description: "Optional configuration for the `bind` type." |
| type: "object" |
| properties: |
| Propagation: |
| description: "A propagation mode with the value `[r]private`, `[r]shared`, or `[r]slave`." |
| type: "string" |
| enum: |
| - "private" |
| - "rprivate" |
| - "shared" |
| - "rshared" |
| - "slave" |
| - "rslave" |
| NonRecursive: |
| description: "Disable recursive bind mount." |
| type: "boolean" |
| default: false |
| CreateMountpoint: |
| description: "Create mount point on host if missing" |
| type: "boolean" |
| default: false |
| VolumeOptions: |
| description: "Optional configuration for the `volume` type." |
| type: "object" |
| properties: |
| NoCopy: |
| description: "Populate volume with data from the target." |
| type: "boolean" |
| default: false |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| DriverConfig: |
| description: "Map of driver specific options" |
| type: "object" |
| properties: |
| Name: |
| description: "Name of the driver to use to create the volume." |
| type: "string" |
| Options: |
| description: "key/value map of driver specific options." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| TmpfsOptions: |
| description: "Optional configuration for the `tmpfs` type." |
| type: "object" |
| properties: |
| SizeBytes: |
| description: "The size for the tmpfs mount in bytes." |
| type: "integer" |
| format: "int64" |
| Mode: |
| description: "The permission mode for the tmpfs mount in an integer." |
| type: "integer" |
| |
| RestartPolicy: |
| description: | |
| The behavior to apply when the container exits. The default is not to |
| restart. |
| |
| An ever increasing delay (double the previous delay, starting at 100ms) is |
| added before each restart to prevent flooding the server. |
| type: "object" |
| properties: |
| Name: |
| type: "string" |
| description: | |
| - Empty string means not to restart |
| - `no` Do not automatically restart |
| - `always` Always restart |
| - `unless-stopped` Restart always except when the user has manually stopped the container |
| - `on-failure` Restart only when the container exit code is non-zero |
| enum: |
| - "" |
| - "no" |
| - "always" |
| - "unless-stopped" |
| - "on-failure" |
| MaximumRetryCount: |
| type: "integer" |
| description: | |
| If `on-failure` is used, the number of times to retry before giving up. |
| |
| Resources: |
| description: "A container's resources (cgroups config, ulimits, etc)" |
| type: "object" |
| properties: |
| # Applicable to all platforms |
| CpuShares: |
| description: | |
| An integer value representing this container's relative CPU weight |
| versus other containers. |
| type: "integer" |
| Memory: |
| description: "Memory limit in bytes." |
| type: "integer" |
| format: "int64" |
| default: 0 |
| # Applicable to UNIX platforms |
| CgroupParent: |
| description: | |
| Path to `cgroups` under which the container's `cgroup` is created. If |
| the path is not absolute, the path is considered to be relative to the |
| `cgroups` path of the init process. Cgroups are created if they do not |
| already exist. |
| type: "string" |
| BlkioWeight: |
| description: "Block IO weight (relative weight)." |
| type: "integer" |
| minimum: 0 |
| maximum: 1000 |
| BlkioWeightDevice: |
| description: | |
| Block IO weight (relative device weight) in the form: |
| |
| ``` |
| [{"Path": "device_path", "Weight": weight}] |
| ``` |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| Path: |
| type: "string" |
| Weight: |
| type: "integer" |
| minimum: 0 |
| BlkioDeviceReadBps: |
| description: | |
| Limit read rate (bytes per second) from a device, in the form: |
| |
| ``` |
| [{"Path": "device_path", "Rate": rate}] |
| ``` |
| type: "array" |
| items: |
| $ref: "#/definitions/ThrottleDevice" |
| BlkioDeviceWriteBps: |
| description: | |
| Limit write rate (bytes per second) to a device, in the form: |
| |
| ``` |
| [{"Path": "device_path", "Rate": rate}] |
| ``` |
| type: "array" |
| items: |
| $ref: "#/definitions/ThrottleDevice" |
| BlkioDeviceReadIOps: |
| description: | |
| Limit read rate (IO per second) from a device, in the form: |
| |
| ``` |
| [{"Path": "device_path", "Rate": rate}] |
| ``` |
| type: "array" |
| items: |
| $ref: "#/definitions/ThrottleDevice" |
| BlkioDeviceWriteIOps: |
| description: | |
| Limit write rate (IO per second) to a device, in the form: |
| |
| ``` |
| [{"Path": "device_path", "Rate": rate}] |
| ``` |
| type: "array" |
| items: |
| $ref: "#/definitions/ThrottleDevice" |
| CpuPeriod: |
| description: "The length of a CPU period in microseconds." |
| type: "integer" |
| format: "int64" |
| CpuQuota: |
| description: | |
| Microseconds of CPU time that the container can get in a CPU period. |
| type: "integer" |
| format: "int64" |
| CpuRealtimePeriod: |
| description: | |
| The length of a CPU real-time period in microseconds. Set to 0 to |
| allocate no time allocated to real-time tasks. |
| type: "integer" |
| format: "int64" |
| CpuRealtimeRuntime: |
| description: | |
| The length of a CPU real-time runtime in microseconds. Set to 0 to |
| allocate no time allocated to real-time tasks. |
| type: "integer" |
| format: "int64" |
| CpusetCpus: |
| description: | |
| CPUs in which to allow execution (e.g., `0-3`, `0,1`). |
| type: "string" |
| example: "0-3" |
| CpusetMems: |
| description: | |
| Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only |
| effective on NUMA systems. |
| type: "string" |
| Devices: |
| description: "A list of devices to add to the container." |
| type: "array" |
| items: |
| $ref: "#/definitions/DeviceMapping" |
| DeviceCgroupRules: |
| description: "a list of cgroup rules to apply to the container" |
| type: "array" |
| items: |
| type: "string" |
| example: "c 13:* rwm" |
| DeviceRequests: |
| description: | |
| A list of requests for devices to be sent to device drivers. |
| type: "array" |
| items: |
| $ref: "#/definitions/DeviceRequest" |
| KernelMemoryTCP: |
| description: | |
| Hard limit for kernel TCP buffer memory (in bytes). Depending on the |
| OCI runtime in use, this option may be ignored. It is no longer supported |
| by the default (runc) runtime. |
| |
| This field is omitted when empty. |
| type: "integer" |
| format: "int64" |
| MemoryReservation: |
| description: "Memory soft limit in bytes." |
| type: "integer" |
| format: "int64" |
| MemorySwap: |
| description: | |
| Total memory limit (memory + swap). Set as `-1` to enable unlimited |
| swap. |
| type: "integer" |
| format: "int64" |
| MemorySwappiness: |
| description: | |
| Tune a container's memory swappiness behavior. Accepts an integer |
| between 0 and 100. |
| type: "integer" |
| format: "int64" |
| minimum: 0 |
| maximum: 100 |
| NanoCpus: |
| description: "CPU quota in units of 10<sup>-9</sup> CPUs." |
| type: "integer" |
| format: "int64" |
| OomKillDisable: |
| description: "Disable OOM Killer for the container." |
| type: "boolean" |
| Init: |
| description: | |
| Run an init inside the container that forwards signals and reaps |
| processes. This field is omitted if empty, and the default (as |
| configured on the daemon) is used. |
| type: "boolean" |
| x-nullable: true |
| PidsLimit: |
| description: | |
| Tune a container's PIDs limit. Set `0` or `-1` for unlimited, or `null` |
| to not change. |
| type: "integer" |
| format: "int64" |
| x-nullable: true |
| Ulimits: |
| description: | |
| A list of resource limits to set in the container. For example: |
| |
| ``` |
| {"Name": "nofile", "Soft": 1024, "Hard": 2048} |
| ``` |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| Name: |
| description: "Name of ulimit" |
| type: "string" |
| Soft: |
| description: "Soft limit" |
| type: "integer" |
| Hard: |
| description: "Hard limit" |
| type: "integer" |
| # Applicable to Windows |
| CpuCount: |
| description: | |
| The number of usable CPUs (Windows only). |
| |
| On Windows Server containers, the processor resource controls are |
| mutually exclusive. The order of precedence is `CPUCount` first, then |
| `CPUShares`, and `CPUPercent` last. |
| type: "integer" |
| format: "int64" |
| CpuPercent: |
| description: | |
| The usable percentage of the available CPUs (Windows only). |
| |
| On Windows Server containers, the processor resource controls are |
| mutually exclusive. The order of precedence is `CPUCount` first, then |
| `CPUShares`, and `CPUPercent` last. |
| type: "integer" |
| format: "int64" |
| IOMaximumIOps: |
| description: "Maximum IOps for the container system drive (Windows only)" |
| type: "integer" |
| format: "int64" |
| IOMaximumBandwidth: |
| description: | |
| Maximum IO in bytes per second for the container system drive |
| (Windows only). |
| type: "integer" |
| format: "int64" |
| |
| Limit: |
| description: | |
| An object describing a limit on resources which can be requested by a task. |
| type: "object" |
| properties: |
| NanoCPUs: |
| type: "integer" |
| format: "int64" |
| example: 4000000000 |
| MemoryBytes: |
| type: "integer" |
| format: "int64" |
| example: 8272408576 |
| Pids: |
| description: | |
| Limits the maximum number of PIDs in the container. Set `0` for unlimited. |
| type: "integer" |
| format: "int64" |
| default: 0 |
| example: 100 |
| |
| ResourceObject: |
| description: | |
| An object describing the resources which can be advertised by a node and |
| requested by a task. |
| type: "object" |
| properties: |
| NanoCPUs: |
| type: "integer" |
| format: "int64" |
| example: 4000000000 |
| MemoryBytes: |
| type: "integer" |
| format: "int64" |
| example: 8272408576 |
| GenericResources: |
| $ref: "#/definitions/GenericResources" |
| |
| GenericResources: |
| description: | |
| User-defined resources can be either Integer resources (e.g, `SSD=3`) or |
| String resources (e.g, `GPU=UUID1`). |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| NamedResourceSpec: |
| type: "object" |
| properties: |
| Kind: |
| type: "string" |
| Value: |
| type: "string" |
| DiscreteResourceSpec: |
| type: "object" |
| properties: |
| Kind: |
| type: "string" |
| Value: |
| type: "integer" |
| format: "int64" |
| example: |
| - DiscreteResourceSpec: |
| Kind: "SSD" |
| Value: 3 |
| - NamedResourceSpec: |
| Kind: "GPU" |
| Value: "UUID1" |
| - NamedResourceSpec: |
| Kind: "GPU" |
| Value: "UUID2" |
| |
| HealthConfig: |
| description: "A test to perform to check that the container is healthy." |
| type: "object" |
| properties: |
| Test: |
| description: | |
| The test to perform. Possible values are: |
| |
| - `[]` inherit healthcheck from image or parent image |
| - `["NONE"]` disable healthcheck |
| - `["CMD", args...]` exec arguments directly |
| - `["CMD-SHELL", command]` run command with system's default shell |
| type: "array" |
| items: |
| type: "string" |
| Interval: |
| description: | |
| The time to wait between checks in nanoseconds. It should be 0 or at |
| least 1000000 (1 ms). 0 means inherit. |
| type: "integer" |
| format: "int64" |
| Timeout: |
| description: | |
| The time to wait before considering the check to have hung. It should |
| be 0 or at least 1000000 (1 ms). 0 means inherit. |
| type: "integer" |
| format: "int64" |
| Retries: |
| description: | |
| The number of consecutive failures needed to consider a container as |
| unhealthy. 0 means inherit. |
| type: "integer" |
| StartPeriod: |
| description: | |
| Start period for the container to initialize before starting |
| health-retries countdown in nanoseconds. It should be 0 or at least |
| 1000000 (1 ms). 0 means inherit. |
| type: "integer" |
| format: "int64" |
| |
| Health: |
| description: | |
| Health stores information about the container's healthcheck results. |
| type: "object" |
| x-nullable: true |
| properties: |
| Status: |
| description: | |
| Status is one of `none`, `starting`, `healthy` or `unhealthy` |
| |
| - "none" Indicates there is no healthcheck |
| - "starting" Starting indicates that the container is not yet ready |
| - "healthy" Healthy indicates that the container is running correctly |
| - "unhealthy" Unhealthy indicates that the container has a problem |
| type: "string" |
| enum: |
| - "none" |
| - "starting" |
| - "healthy" |
| - "unhealthy" |
| example: "healthy" |
| FailingStreak: |
| description: "FailingStreak is the number of consecutive failures" |
| type: "integer" |
| example: 0 |
| Log: |
| type: "array" |
| description: | |
| Log contains the last few results (oldest first) |
| items: |
| $ref: "#/definitions/HealthcheckResult" |
| |
| HealthcheckResult: |
| description: | |
| HealthcheckResult stores information about a single run of a healthcheck probe |
| type: "object" |
| x-nullable: true |
| properties: |
| Start: |
| description: | |
| Date and time at which this check started in |
| [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. |
| type: "string" |
| format: "date-time" |
| example: "2020-01-04T10:44:24.496525531Z" |
| End: |
| description: | |
| Date and time at which this check ended in |
| [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. |
| type: "string" |
| format: "dateTime" |
| example: "2020-01-04T10:45:21.364524523Z" |
| ExitCode: |
| description: | |
| ExitCode meanings: |
| |
| - `0` healthy |
| - `1` unhealthy |
| - `2` reserved (considered unhealthy) |
| - other values: error running probe |
| type: "integer" |
| example: 0 |
| Output: |
| description: "Output from last check" |
| type: "string" |
| |
| HostConfig: |
| description: "Container configuration that depends on the host we are running on" |
| allOf: |
| - $ref: "#/definitions/Resources" |
| - type: "object" |
| properties: |
| # Applicable to all platforms |
| Binds: |
| type: "array" |
| description: | |
| A list of volume bindings for this container. Each volume binding |
| is a string in one of these forms: |
| |
| - `host-src:container-dest[:options]` to bind-mount a host path |
| into the container. Both `host-src`, and `container-dest` must |
| be an _absolute_ path. |
| - `volume-name:container-dest[:options]` to bind-mount a volume |
| managed by a volume driver into the container. `container-dest` |
| must be an _absolute_ path. |
| |
| `options` is an optional, comma-delimited list of: |
| |
| - `nocopy` disables automatic copying of data from the container |
| path to the volume. The `nocopy` flag only applies to named volumes. |
| - `[ro|rw]` mounts a volume read-only or read-write, respectively. |
| If omitted or set to `rw`, volumes are mounted read-write. |
| - `[z|Z]` applies SELinux labels to allow or deny multiple containers |
| to read and write to the same volume. |
| - `z`: a _shared_ content label is applied to the content. This |
| label indicates that multiple containers can share the volume |
| content, for both reading and writing. |
| - `Z`: a _private unshared_ label is applied to the content. |
| This label indicates that only the current container can use |
| a private volume. Labeling systems such as SELinux require |
| proper labels to be placed on volume content that is mounted |
| into a container. Without a label, the security system can |
| prevent a container's processes from using the content. By |
| default, the labels set by the host operating system are not |
| modified. |
| - `[[r]shared|[r]slave|[r]private]` specifies mount |
| [propagation behavior](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt). |
| This only applies to bind-mounted volumes, not internal volumes |
| or named volumes. Mount propagation requires the source mount |
| point (the location where the source directory is mounted in the |
| host operating system) to have the correct propagation properties. |
| For shared volumes, the source mount point must be set to `shared`. |
| For slave volumes, the mount must be set to either `shared` or |
| `slave`. |
| items: |
| type: "string" |
| ContainerIDFile: |
| type: "string" |
| description: "Path to a file where the container ID is written" |
| LogConfig: |
| type: "object" |
| description: "The logging configuration for this container" |
| properties: |
| Type: |
| type: "string" |
| enum: |
| - "json-file" |
| - "syslog" |
| - "journald" |
| - "gelf" |
| - "fluentd" |
| - "awslogs" |
| - "splunk" |
| - "etwlogs" |
| - "none" |
| Config: |
| type: "object" |
| additionalProperties: |
| type: "string" |
| NetworkMode: |
| type: "string" |
| description: | |
| Network mode to use for this container. Supported standard values |
| are: `bridge`, `host`, `none`, and `container:<name|id>`. Any |
| other value is taken as a custom network's name to which this |
| container should connect to. |
| PortBindings: |
| $ref: "#/definitions/PortMap" |
| RestartPolicy: |
| $ref: "#/definitions/RestartPolicy" |
| AutoRemove: |
| type: "boolean" |
| description: | |
| Automatically remove the container when the container's process |
| exits. This has no effect if `RestartPolicy` is set. |
| VolumeDriver: |
| type: "string" |
| description: "Driver that this container uses to mount volumes." |
| VolumesFrom: |
| type: "array" |
| description: | |
| A list of volumes to inherit from another container, specified in |
| the form `<container name>[:<ro|rw>]`. |
| items: |
| type: "string" |
| Mounts: |
| description: | |
| Specification for mounts to be added to the container. |
| type: "array" |
| items: |
| $ref: "#/definitions/Mount" |
| ConsoleSize: |
| type: "array" |
| description: | |
| Initial console size, as an `[height, width]` array. |
| x-nullable: true |
| minItems: 2 |
| maxItems: 2 |
| items: |
| type: "integer" |
| minimum: 0 |
| |
| # Applicable to UNIX platforms |
| CapAdd: |
| type: "array" |
| description: | |
| A list of kernel capabilities to add to the container. Conflicts |
| with option 'Capabilities'. |
| items: |
| type: "string" |
| CapDrop: |
| type: "array" |
| description: | |
| A list of kernel capabilities to drop from the container. Conflicts |
| with option 'Capabilities'. |
| items: |
| type: "string" |
| CgroupnsMode: |
| type: "string" |
| enum: |
| - "private" |
| - "host" |
| description: | |
| cgroup namespace mode for the container. Possible values are: |
| |
| - `"private"`: the container runs in its own private cgroup namespace |
| - `"host"`: use the host system's cgroup namespace |
| |
| If not specified, the daemon default is used, which can either be `"private"` |
| or `"host"`, depending on daemon version, kernel support and configuration. |
| Dns: |
| type: "array" |
| description: "A list of DNS servers for the container to use." |
| items: |
| type: "string" |
| DnsOptions: |
| type: "array" |
| description: "A list of DNS options." |
| items: |
| type: "string" |
| DnsSearch: |
| type: "array" |
| description: "A list of DNS search domains." |
| items: |
| type: "string" |
| ExtraHosts: |
| type: "array" |
| description: | |
| A list of hostnames/IP mappings to add to the container's `/etc/hosts` |
| file. Specified in the form `["hostname:IP"]`. |
| items: |
| type: "string" |
| GroupAdd: |
| type: "array" |
| description: | |
| A list of additional groups that the container process will run as. |
| items: |
| type: "string" |
| IpcMode: |
| type: "string" |
| description: | |
| IPC sharing mode for the container. Possible values are: |
| |
| - `"none"`: own private IPC namespace, with /dev/shm not mounted |
| - `"private"`: own private IPC namespace |
| - `"shareable"`: own private IPC namespace, with a possibility to share it with other containers |
| - `"container:<name|id>"`: join another (shareable) container's IPC namespace |
| - `"host"`: use the host system's IPC namespace |
| |
| If not specified, daemon default is used, which can either be `"private"` |
| or `"shareable"`, depending on daemon version and configuration. |
| Cgroup: |
| type: "string" |
| description: "Cgroup to use for the container." |
| Links: |
| type: "array" |
| description: | |
| A list of links for the container in the form `container_name:alias`. |
| items: |
| type: "string" |
| OomScoreAdj: |
| type: "integer" |
| description: | |
| An integer value containing the score given to the container in |
| order to tune OOM killer preferences. |
| example: 500 |
| PidMode: |
| type: "string" |
| description: | |
| Set the PID (Process) Namespace mode for the container. It can be |
| either: |
| |
| - `"container:<name|id>"`: joins another container's PID namespace |
| - `"host"`: use the host's PID namespace inside the container |
| Privileged: |
| type: "boolean" |
| description: "Gives the container full access to the host." |
| PublishAllPorts: |
| type: "boolean" |
| description: | |
| Allocates an ephemeral host port for all of a container's |
| exposed ports. |
| |
| Ports are de-allocated when the container stops and allocated when |
| the container starts. The allocated port might be changed when |
| restarting the container. |
| |
| The port is selected from the ephemeral port range that depends on |
| the kernel. For example, on Linux the range is defined by |
| `/proc/sys/net/ipv4/ip_local_port_range`. |
| ReadonlyRootfs: |
| type: "boolean" |
| description: "Mount the container's root filesystem as read only." |
| SecurityOpt: |
| type: "array" |
| description: | |
| A list of string values to customize labels for MLS systems, such |
| as SELinux. |
| items: |
| type: "string" |
| StorageOpt: |
| type: "object" |
| description: | |
| Storage driver options for this container, in the form `{"size": "120G"}`. |
| additionalProperties: |
| type: "string" |
| Tmpfs: |
| type: "object" |
| description: | |
| A map of container directories which should be replaced by tmpfs |
| mounts, and their corresponding mount options. For example: |
| |
| ``` |
| { "/run": "rw,noexec,nosuid,size=65536k" } |
| ``` |
| additionalProperties: |
| type: "string" |
| UTSMode: |
| type: "string" |
| description: "UTS namespace to use for the container." |
| UsernsMode: |
| type: "string" |
| description: | |
| Sets the usernamespace mode for the container when usernamespace |
| remapping option is enabled. |
| ShmSize: |
| type: "integer" |
| description: | |
| Size of `/dev/shm` in bytes. If omitted, the system uses 64MB. |
| minimum: 0 |
| Sysctls: |
| type: "object" |
| description: | |
| A list of kernel parameters (sysctls) to set in the container. |
| For example: |
| |
| ``` |
| {"net.ipv4.ip_forward": "1"} |
| ``` |
| additionalProperties: |
| type: "string" |
| Runtime: |
| type: "string" |
| description: "Runtime to use with this container." |
| # Applicable to Windows |
| Isolation: |
| type: "string" |
| description: | |
| Isolation technology of the container. (Windows only) |
| enum: |
| - "default" |
| - "process" |
| - "hyperv" |
| MaskedPaths: |
| type: "array" |
| description: | |
| The list of paths to be masked inside the container (this overrides |
| the default set of paths). |
| items: |
| type: "string" |
| ReadonlyPaths: |
| type: "array" |
| description: | |
| The list of paths to be set as read-only inside the container |
| (this overrides the default set of paths). |
| items: |
| type: "string" |
| |
| ContainerConfig: |
| description: | |
| Configuration for a container that is portable between hosts. |
| |
| When used as `ContainerConfig` field in an image, `ContainerConfig` is an |
| optional field containing the configuration of the container that was last |
| committed when creating the image. |
| |
| Previous versions of Docker builder used this field to store build cache, |
| and it is not in active use anymore. |
| type: "object" |
| properties: |
| Hostname: |
| description: | |
| The hostname to use for the container, as a valid RFC 1123 hostname. |
| type: "string" |
| example: "439f4e91bd1d" |
| Domainname: |
| description: | |
| The domain name to use for the container. |
| type: "string" |
| User: |
| description: "The user that commands are run as inside the container." |
| type: "string" |
| AttachStdin: |
| description: "Whether to attach to `stdin`." |
| type: "boolean" |
| default: false |
| AttachStdout: |
| description: "Whether to attach to `stdout`." |
| type: "boolean" |
| default: true |
| AttachStderr: |
| description: "Whether to attach to `stderr`." |
| type: "boolean" |
| default: true |
| ExposedPorts: |
| description: | |
| An object mapping ports to an empty object in the form: |
| |
| `{"<port>/<tcp|udp|sctp>": {}}` |
| type: "object" |
| x-nullable: true |
| additionalProperties: |
| type: "object" |
| enum: |
| - {} |
| default: {} |
| example: { |
| "80/tcp": {}, |
| "443/tcp": {} |
| } |
| Tty: |
| description: | |
| Attach standard streams to a TTY, including `stdin` if it is not closed. |
| type: "boolean" |
| default: false |
| OpenStdin: |
| description: "Open `stdin`" |
| type: "boolean" |
| default: false |
| StdinOnce: |
| description: "Close `stdin` after one attached client disconnects" |
| type: "boolean" |
| default: false |
| Env: |
| description: | |
| A list of environment variables to set inside the container in the |
| form `["VAR=value", ...]`. A variable without `=` is removed from the |
| environment, rather than to have an empty value. |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" |
| Cmd: |
| description: | |
| Command to run specified as a string or an array of strings. |
| type: "array" |
| items: |
| type: "string" |
| example: ["/bin/sh"] |
| Healthcheck: |
| $ref: "#/definitions/HealthConfig" |
| ArgsEscaped: |
| description: "Command is already escaped (Windows only)" |
| type: "boolean" |
| default: false |
| example: false |
| x-nullable: true |
| Image: |
| description: | |
| The name (or reference) of the image to use when creating the container, |
| or which was used when the container was created. |
| type: "string" |
| example: "example-image:1.0" |
| Volumes: |
| description: | |
| An object mapping mount point paths inside the container to empty |
| objects. |
| type: "object" |
| additionalProperties: |
| type: "object" |
| enum: |
| - {} |
| default: {} |
| WorkingDir: |
| description: "The working directory for commands to run in." |
| type: "string" |
| example: "/public/" |
| Entrypoint: |
| description: | |
| The entry point for the container as a string or an array of strings. |
| |
| If the array consists of exactly one empty string (`[""]`) then the |
| entry point is reset to system default (i.e., the entry point used by |
| docker when there is no `ENTRYPOINT` instruction in the `Dockerfile`). |
| type: "array" |
| items: |
| type: "string" |
| example: [] |
| NetworkDisabled: |
| description: "Disable networking for the container." |
| type: "boolean" |
| x-nullable: true |
| MacAddress: |
| description: "MAC address of the container." |
| type: "string" |
| x-nullable: true |
| OnBuild: |
| description: | |
| `ONBUILD` metadata that were defined in the image's `Dockerfile`. |
| type: "array" |
| x-nullable: true |
| items: |
| type: "string" |
| example: [] |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| example: |
| com.example.some-label: "some-value" |
| com.example.some-other-label: "some-other-value" |
| StopSignal: |
| description: | |
| Signal to stop a container as a string or unsigned integer. |
| type: "string" |
| example: "SIGTERM" |
| x-nullable: true |
| StopTimeout: |
| description: "Timeout to stop a container in seconds." |
| type: "integer" |
| default: 10 |
| x-nullable: true |
| Shell: |
| description: | |
| Shell for when `RUN`, `CMD`, and `ENTRYPOINT` uses a shell. |
| type: "array" |
| x-nullable: true |
| items: |
| type: "string" |
| example: ["/bin/sh", "-c"] |
| |
| NetworkingConfig: |
| description: | |
| NetworkingConfig represents the container's networking configuration for |
| each of its interfaces. |
| It is used for the networking configs specified in the `docker create` |
| and `docker network connect` commands. |
| type: "object" |
| properties: |
| EndpointsConfig: |
| description: | |
| A mapping of network name to endpoint configuration for that network. |
| type: "object" |
| additionalProperties: |
| $ref: "#/definitions/EndpointSettings" |
| example: |
| # putting an example here, instead of using the example values from |
| # /definitions/EndpointSettings, because containers/create currently |
| # does not support attaching to multiple networks, so the example request |
| # would be confusing if it showed that multiple networks can be contained |
| # in the EndpointsConfig. |
| # TODO remove once we support multiple networks on container create (see https://github.com/moby/moby/blob/07e6b843594e061f82baa5fa23c2ff7d536c2a05/daemon/create.go#L323) |
| EndpointsConfig: |
| isolated_nw: |
| IPAMConfig: |
| IPv4Address: "172.20.30.33" |
| IPv6Address: "2001:db8:abcd::3033" |
| LinkLocalIPs: |
| - "169.254.34.68" |
| - "fe80::3468" |
| Links: |
| - "container_1" |
| - "container_2" |
| Aliases: |
| - "server_x" |
| - "server_y" |
| |
| NetworkSettings: |
| description: "NetworkSettings exposes the network settings in the API" |
| type: "object" |
| properties: |
| Bridge: |
| description: Name of the network's bridge (for example, `docker0`). |
| type: "string" |
| example: "docker0" |
| SandboxID: |
| description: SandboxID uniquely represents a container's network stack. |
| type: "string" |
| example: "9d12daf2c33f5959c8bf90aa513e4f65b561738661003029ec84830cd503a0c3" |
| HairpinMode: |
| description: | |
| Indicates if hairpin NAT should be enabled on the virtual interface. |
| type: "boolean" |
| example: false |
| LinkLocalIPv6Address: |
| description: IPv6 unicast address using the link-local prefix. |
| type: "string" |
| example: "fe80::42:acff:fe11:1" |
| LinkLocalIPv6PrefixLen: |
| description: Prefix length of the IPv6 unicast address. |
| type: "integer" |
| example: "64" |
| Ports: |
| $ref: "#/definitions/PortMap" |
| SandboxKey: |
| description: SandboxKey identifies the sandbox |
| type: "string" |
| example: "/var/run/docker/netns/8ab54b426c38" |
| |
| # TODO is SecondaryIPAddresses actually used? |
| SecondaryIPAddresses: |
| description: "" |
| type: "array" |
| items: |
| $ref: "#/definitions/Address" |
| x-nullable: true |
| |
| # TODO is SecondaryIPv6Addresses actually used? |
| SecondaryIPv6Addresses: |
| description: "" |
| type: "array" |
| items: |
| $ref: "#/definitions/Address" |
| x-nullable: true |
| |
| # TODO properties below are part of DefaultNetworkSettings, which is |
| # marked as deprecated since Docker 1.9 and to be removed in Docker v17.12 |
| EndpointID: |
| description: | |
| EndpointID uniquely represents a service endpoint in a Sandbox. |
| |
| <p><br /></p> |
| |
| > **Deprecated**: This field is only propagated when attached to the |
| > default "bridge" network. Use the information from the "bridge" |
| > network inside the `Networks` map instead, which contains the same |
| > information. This field was deprecated in Docker 1.9 and is scheduled |
| > to be removed in Docker 17.12.0 |
| type: "string" |
| example: "b88f5b905aabf2893f3cbc4ee42d1ea7980bbc0a92e2c8922b1e1795298afb0b" |
| Gateway: |
| description: | |
| Gateway address for the default "bridge" network. |
| |
| <p><br /></p> |
| |
| > **Deprecated**: This field is only propagated when attached to the |
| > default "bridge" network. Use the information from the "bridge" |
| > network inside the `Networks` map instead, which contains the same |
| > information. This field was deprecated in Docker 1.9 and is scheduled |
| > to be removed in Docker 17.12.0 |
| type: "string" |
| example: "172.17.0.1" |
| GlobalIPv6Address: |
| description: | |
| Global IPv6 address for the default "bridge" network. |
| |
| <p><br /></p> |
| |
| > **Deprecated**: This field is only propagated when attached to the |
| > default "bridge" network. Use the information from the "bridge" |
| > network inside the `Networks` map instead, which contains the same |
| > information. This field was deprecated in Docker 1.9 and is scheduled |
| > to be removed in Docker 17.12.0 |
| type: "string" |
| example: "2001:db8::5689" |
| GlobalIPv6PrefixLen: |
| description: | |
| Mask length of the global IPv6 address. |
| |
| <p><br /></p> |
| |
| > **Deprecated**: This field is only propagated when attached to the |
| > default "bridge" network. Use the information from the "bridge" |
| > network inside the `Networks` map instead, which contains the same |
| > information. This field was deprecated in Docker 1.9 and is scheduled |
| > to be removed in Docker 17.12.0 |
| type: "integer" |
| example: 64 |
| IPAddress: |
| description: | |
| IPv4 address for the default "bridge" network. |
| |
| <p><br /></p> |
| |
| > **Deprecated**: This field is only propagated when attached to the |
| > default "bridge" network. Use the information from the "bridge" |
| > network inside the `Networks` map instead, which contains the same |
| > information. This field was deprecated in Docker 1.9 and is scheduled |
| > to be removed in Docker 17.12.0 |
| type: "string" |
| example: "172.17.0.4" |
| IPPrefixLen: |
| description: | |
| Mask length of the IPv4 address. |
| |
| <p><br /></p> |
| |
| > **Deprecated**: This field is only propagated when attached to the |
| > default "bridge" network. Use the information from the "bridge" |
| > network inside the `Networks` map instead, which contains the same |
| > information. This field was deprecated in Docker 1.9 and is scheduled |
| > to be removed in Docker 17.12.0 |
| type: "integer" |
| example: 16 |
| IPv6Gateway: |
| description: | |
| IPv6 gateway address for this network. |
| |
| <p><br /></p> |
| |
| > **Deprecated**: This field is only propagated when attached to the |
| > default "bridge" network. Use the information from the "bridge" |
| > network inside the `Networks` map instead, which contains the same |
| > information. This field was deprecated in Docker 1.9 and is scheduled |
| > to be removed in Docker 17.12.0 |
| type: "string" |
| example: "2001:db8:2::100" |
| MacAddress: |
| description: | |
| MAC address for the container on the default "bridge" network. |
| |
| <p><br /></p> |
| |
| > **Deprecated**: This field is only propagated when attached to the |
| > default "bridge" network. Use the information from the "bridge" |
| > network inside the `Networks` map instead, which contains the same |
| > information. This field was deprecated in Docker 1.9 and is scheduled |
| > to be removed in Docker 17.12.0 |
| type: "string" |
| example: "02:42:ac:11:00:04" |
| Networks: |
| description: | |
| Information about all networks that the container is connected to. |
| type: "object" |
| additionalProperties: |
| $ref: "#/definitions/EndpointSettings" |
| |
| Address: |
| description: Address represents an IPv4 or IPv6 IP address. |
| type: "object" |
| properties: |
| Addr: |
| description: IP address. |
| type: "string" |
| PrefixLen: |
| description: Mask length of the IP address. |
| type: "integer" |
| |
| PortMap: |
| description: | |
| PortMap describes the mapping of container ports to host ports, using the |
| container's port-number and protocol as key in the format `<port>/<protocol>`, |
| for example, `80/udp`. |
| |
| If a container's port is mapped for multiple protocols, separate entries |
| are added to the mapping table. |
| type: "object" |
| additionalProperties: |
| type: "array" |
| x-nullable: true |
| items: |
| $ref: "#/definitions/PortBinding" |
| example: |
| "443/tcp": |
| - HostIp: "127.0.0.1" |
| HostPort: "4443" |
| "80/tcp": |
| - HostIp: "0.0.0.0" |
| HostPort: "80" |
| - HostIp: "0.0.0.0" |
| HostPort: "8080" |
| "80/udp": |
| - HostIp: "0.0.0.0" |
| HostPort: "80" |
| "53/udp": |
| - HostIp: "0.0.0.0" |
| HostPort: "53" |
| "2377/tcp": null |
| |
| PortBinding: |
| description: | |
| PortBinding represents a binding between a host IP address and a host |
| port. |
| type: "object" |
| properties: |
| HostIp: |
| description: "Host IP address that the container's port is mapped to." |
| type: "string" |
| example: "127.0.0.1" |
| HostPort: |
| description: "Host port number that the container's port is mapped to." |
| type: "string" |
| example: "4443" |
| |
| GraphDriverData: |
| description: | |
| Information about the storage driver used to store the container's and |
| image's filesystem. |
| type: "object" |
| required: [Name, Data] |
| properties: |
| Name: |
| description: "Name of the storage driver." |
| type: "string" |
| x-nullable: false |
| example: "overlay2" |
| Data: |
| description: | |
| Low-level storage metadata, provided as key/value pairs. |
| |
| This information is driver-specific, and depends on the storage-driver |
| in use, and should be used for informational purposes only. |
| type: "object" |
| x-nullable: false |
| additionalProperties: |
| type: "string" |
| example: { |
| "MergedDir": "/var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/merged", |
| "UpperDir": "/var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/diff", |
| "WorkDir": "/var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/work" |
| } |
| |
| ImageInspect: |
| description: | |
| Information about an image in the local image cache. |
| type: "object" |
| properties: |
| Id: |
| description: | |
| ID is the content-addressable ID of an image. |
| |
| This identifier is a content-addressable digest calculated from the |
| image's configuration (which includes the digests of layers used by |
| the image). |
| |
| Note that this digest differs from the `RepoDigests` below, which |
| holds digests of image manifests that reference the image. |
| type: "string" |
| x-nullable: false |
| example: "sha256:ec3f0931a6e6b6855d76b2d7b0be30e81860baccd891b2e243280bf1cd8ad710" |
| RepoTags: |
| description: | |
| List of image names/tags in the local image cache that reference this |
| image. |
| |
| Multiple image tags can refer to the same image, and this list may be |
| empty if no tags reference the image, in which case the image is |
| "untagged", in which case it can still be referenced by its ID. |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "example:1.0" |
| - "example:latest" |
| - "example:stable" |
| - "internal.registry.example.com:5000/example:1.0" |
| RepoDigests: |
| description: | |
| List of content-addressable digests of locally available image manifests |
| that the image is referenced from. Multiple manifests can refer to the |
| same image. |
| |
| These digests are usually only available if the image was either pulled |
| from a registry, or if the image was pushed to a registry, which is when |
| the manifest is generated and its digest calculated. |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "example@sha256:afcc7f1ac1b49db317a7196c902e61c6c3c4607d63599ee1a82d702d249a0ccb" |
| - "internal.registry.example.com:5000/example@sha256:b69959407d21e8a062e0416bf13405bb2b71ed7a84dde4158ebafacfa06f5578" |
| Parent: |
| description: | |
| ID of the parent image. |
| |
| Depending on how the image was created, this field may be empty and |
| is only set for images that were built/created locally. This field |
| is empty if the image was pulled from an image registry. |
| type: "string" |
| x-nullable: false |
| example: "" |
| Comment: |
| description: | |
| Optional message that was set when committing or importing the image. |
| type: "string" |
| x-nullable: false |
| example: "" |
| Created: |
| description: | |
| Date and time at which the image was created, formatted in |
| [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. |
| type: "string" |
| x-nullable: false |
| example: "2022-02-04T21:20:12.497794809Z" |
| Container: |
| description: | |
| The ID of the container that was used to create the image. |
| |
| Depending on how the image was created, this field may be empty. |
| type: "string" |
| x-nullable: false |
| example: "65974bc86f1770ae4bff79f651ebdbce166ae9aada632ee3fa9af3a264911735" |
| ContainerConfig: |
| $ref: "#/definitions/ContainerConfig" |
| DockerVersion: |
| description: | |
| The version of Docker that was used to build the image. |
| |
| Depending on how the image was created, this field may be empty. |
| type: "string" |
| x-nullable: false |
| example: "20.10.7" |
| Author: |
| description: | |
| Name of the author that was specified when committing the image, or as |
| specified through MAINTAINER (deprecated) in the Dockerfile. |
| type: "string" |
| x-nullable: false |
| example: "" |
| Config: |
| $ref: "#/definitions/ContainerConfig" |
| Architecture: |
| description: | |
| Hardware CPU architecture that the image runs on. |
| type: "string" |
| x-nullable: false |
| example: "arm" |
| Variant: |
| description: | |
| CPU architecture variant (presently ARM-only). |
| type: "string" |
| x-nullable: true |
| example: "v7" |
| Os: |
| description: | |
| Operating System the image is built to run on. |
| type: "string" |
| x-nullable: false |
| example: "linux" |
| OsVersion: |
| description: | |
| Operating System version the image is built to run on (especially |
| for Windows). |
| type: "string" |
| example: "" |
| x-nullable: true |
| Size: |
| description: | |
| Total size of the image including all layers it is composed of. |
| type: "integer" |
| format: "int64" |
| x-nullable: false |
| example: 1239828 |
| VirtualSize: |
| description: | |
| Total size of the image including all layers it is composed of. |
| |
| In versions of Docker before v1.10, this field was calculated from |
| the image itself and all of its parent images. Docker v1.10 and up |
| store images self-contained, and no longer use a parent-chain, making |
| this field an equivalent of the Size field. |
| |
| This field is kept for backward compatibility, but may be removed in |
| a future version of the API. |
| type: "integer" |
| format: "int64" |
| x-nullable: false |
| example: 1239828 |
| GraphDriver: |
| $ref: "#/definitions/GraphDriverData" |
| RootFS: |
| description: | |
| Information about the image's RootFS, including the layer IDs. |
| type: "object" |
| required: [Type] |
| properties: |
| Type: |
| type: "string" |
| x-nullable: false |
| example: "layers" |
| Layers: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "sha256:1834950e52ce4d5a88a1bbd131c537f4d0e56d10ff0dd69e66be3b7dfa9df7e6" |
| - "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef" |
| Metadata: |
| description: | |
| Additional metadata of the image in the local cache. This information |
| is local to the daemon, and not part of the image itself. |
| type: "object" |
| properties: |
| LastTagTime: |
| description: | |
| Date and time at which the image was last tagged in |
| [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. |
| |
| This information is only available if the image was tagged locally, |
| and omitted otherwise. |
| type: "string" |
| format: "dateTime" |
| example: "2022-02-28T14:40:02.623929178Z" |
| x-nullable: true |
| ImageSummary: |
| type: "object" |
| required: |
| - Id |
| - ParentId |
| - RepoTags |
| - RepoDigests |
| - Created |
| - Size |
| - SharedSize |
| - VirtualSize |
| - Labels |
| - Containers |
| properties: |
| Id: |
| description: | |
| ID is the content-addressable ID of an image. |
| |
| This identifier is a content-addressable digest calculated from the |
| image's configuration (which includes the digests of layers used by |
| the image). |
| |
| Note that this digest differs from the `RepoDigests` below, which |
| holds digests of image manifests that reference the image. |
| type: "string" |
| x-nullable: false |
| example: "sha256:ec3f0931a6e6b6855d76b2d7b0be30e81860baccd891b2e243280bf1cd8ad710" |
| ParentId: |
| description: | |
| ID of the parent image. |
| |
| Depending on how the image was created, this field may be empty and |
| is only set for images that were built/created locally. This field |
| is empty if the image was pulled from an image registry. |
| type: "string" |
| x-nullable: false |
| example: "" |
| RepoTags: |
| description: | |
| List of image names/tags in the local image cache that reference this |
| image. |
| |
| Multiple image tags can refer to the same image, and this list may be |
| empty if no tags reference the image, in which case the image is |
| "untagged", in which case it can still be referenced by its ID. |
| type: "array" |
| x-nullable: false |
| items: |
| type: "string" |
| example: |
| - "example:1.0" |
| - "example:latest" |
| - "example:stable" |
| - "internal.registry.example.com:5000/example:1.0" |
| RepoDigests: |
| description: | |
| List of content-addressable digests of locally available image manifests |
| that the image is referenced from. Multiple manifests can refer to the |
| same image. |
| |
| These digests are usually only available if the image was either pulled |
| from a registry, or if the image was pushed to a registry, which is when |
| the manifest is generated and its digest calculated. |
| type: "array" |
| x-nullable: false |
| items: |
| type: "string" |
| example: |
| - "example@sha256:afcc7f1ac1b49db317a7196c902e61c6c3c4607d63599ee1a82d702d249a0ccb" |
| - "internal.registry.example.com:5000/example@sha256:b69959407d21e8a062e0416bf13405bb2b71ed7a84dde4158ebafacfa06f5578" |
| Created: |
| description: | |
| Date and time at which the image was created as a Unix timestamp |
| (number of seconds sinds EPOCH). |
| type: "integer" |
| x-nullable: false |
| example: "1644009612" |
| Size: |
| description: | |
| Total size of the image including all layers it is composed of. |
| type: "integer" |
| format: "int64" |
| x-nullable: false |
| example: 172064416 |
| SharedSize: |
| description: | |
| Total size of image layers that are shared between this image and other |
| images. |
| |
| This size is not calculated by default. `-1` indicates that the value |
| has not been set / calculated. |
| type: "integer" |
| format: "int64" |
| x-nullable: false |
| example: 1239828 |
| VirtualSize: |
| description: | |
| Total size of the image including all layers it is composed of. |
| |
| In versions of Docker before v1.10, this field was calculated from |
| the image itself and all of its parent images. Docker v1.10 and up |
| store images self-contained, and no longer use a parent-chain, making |
| this field an equivalent of the Size field. |
| |
| This field is kept for backward compatibility, but may be removed in |
| a future version of the API. |
| type: "integer" |
| format: "int64" |
| x-nullable: false |
| example: 172064416 |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| x-nullable: false |
| additionalProperties: |
| type: "string" |
| example: |
| com.example.some-label: "some-value" |
| com.example.some-other-label: "some-other-value" |
| Containers: |
| description: | |
| Number of containers using this image. Includes both stopped and running |
| containers. |
| |
| This size is not calculated by default, and depends on which API endpoint |
| is used. `-1` indicates that the value has not been set / calculated. |
| x-nullable: false |
| type: "integer" |
| example: 2 |
| |
| AuthConfig: |
| type: "object" |
| properties: |
| username: |
| type: "string" |
| password: |
| type: "string" |
| email: |
| type: "string" |
| serveraddress: |
| type: "string" |
| example: |
| username: "hannibal" |
| password: "xxxx" |
| serveraddress: "https://index.docker.io/v1/" |
| |
| ProcessConfig: |
| type: "object" |
| properties: |
| privileged: |
| type: "boolean" |
| user: |
| type: "string" |
| tty: |
| type: "boolean" |
| entrypoint: |
| type: "string" |
| arguments: |
| type: "array" |
| items: |
| type: "string" |
| |
| Volume: |
| type: "object" |
| required: [Name, Driver, Mountpoint, Labels, Scope, Options] |
| properties: |
| Name: |
| type: "string" |
| description: "Name of the volume." |
| x-nullable: false |
| example: "tardis" |
| Driver: |
| type: "string" |
| description: "Name of the volume driver used by the volume." |
| x-nullable: false |
| example: "custom" |
| Mountpoint: |
| type: "string" |
| description: "Mount path of the volume on the host." |
| x-nullable: false |
| example: "/var/lib/docker/volumes/tardis" |
| CreatedAt: |
| type: "string" |
| format: "dateTime" |
| description: "Date/Time the volume was created." |
| example: "2016-06-07T20:31:11.853781916Z" |
| Status: |
| type: "object" |
| description: | |
| Low-level details about the volume, provided by the volume driver. |
| Details are returned as a map with key/value pairs: |
| `{"key":"value","key2":"value2"}`. |
| |
| The `Status` field is optional, and is omitted if the volume driver |
| does not support this feature. |
| additionalProperties: |
| type: "object" |
| example: |
| hello: "world" |
| Labels: |
| type: "object" |
| description: "User-defined key/value metadata." |
| x-nullable: false |
| additionalProperties: |
| type: "string" |
| example: |
| com.example.some-label: "some-value" |
| com.example.some-other-label: "some-other-value" |
| Scope: |
| type: "string" |
| description: | |
| The level at which the volume exists. Either `global` for cluster-wide, |
| or `local` for machine level. |
| default: "local" |
| x-nullable: false |
| enum: ["local", "global"] |
| example: "local" |
| ClusterVolume: |
| $ref: "#/definitions/ClusterVolume" |
| Options: |
| type: "object" |
| description: | |
| The driver specific options used when creating the volume. |
| additionalProperties: |
| type: "string" |
| example: |
| device: "tmpfs" |
| o: "size=100m,uid=1000" |
| type: "tmpfs" |
| UsageData: |
| type: "object" |
| x-nullable: true |
| x-go-name: "UsageData" |
| required: [Size, RefCount] |
| description: | |
| Usage details about the volume. This information is used by the |
| `GET /system/df` endpoint, and omitted in other endpoints. |
| properties: |
| Size: |
| type: "integer" |
| format: "int64" |
| default: -1 |
| description: | |
| Amount of disk space used by the volume (in bytes). This information |
| is only available for volumes created with the `"local"` volume |
| driver. For volumes created with other volume drivers, this field |
| is set to `-1` ("not available") |
| x-nullable: false |
| RefCount: |
| type: "integer" |
| format: "int64" |
| default: -1 |
| description: | |
| The number of containers referencing this volume. This field |
| is set to `-1` if the reference-count is not available. |
| x-nullable: false |
| |
| VolumeCreateOptions: |
| description: "Volume configuration" |
| type: "object" |
| title: "VolumeConfig" |
| x-go-name: "CreateOptions" |
| properties: |
| Name: |
| description: | |
| The new volume's name. If not specified, Docker generates a name. |
| type: "string" |
| x-nullable: false |
| example: "tardis" |
| Driver: |
| description: "Name of the volume driver to use." |
| type: "string" |
| default: "local" |
| x-nullable: false |
| example: "custom" |
| DriverOpts: |
| description: | |
| A mapping of driver options and values. These options are |
| passed directly to the driver and are driver specific. |
| type: "object" |
| additionalProperties: |
| type: "string" |
| example: |
| device: "tmpfs" |
| o: "size=100m,uid=1000" |
| type: "tmpfs" |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| example: |
| com.example.some-label: "some-value" |
| com.example.some-other-label: "some-other-value" |
| ClusterVolumeSpec: |
| $ref: "#/definitions/ClusterVolumeSpec" |
| |
| VolumeListResponse: |
| type: "object" |
| title: "VolumeListResponse" |
| x-go-name: "ListResponse" |
| description: "Volume list response" |
| properties: |
| Volumes: |
| type: "array" |
| description: "List of volumes" |
| items: |
| $ref: "#/definitions/Volume" |
| Warnings: |
| type: "array" |
| description: | |
| Warnings that occurred when fetching the list of volumes. |
| items: |
| type: "string" |
| example: [] |
| |
| Network: |
| type: "object" |
| properties: |
| Name: |
| type: "string" |
| Id: |
| type: "string" |
| Created: |
| type: "string" |
| format: "dateTime" |
| Scope: |
| type: "string" |
| Driver: |
| type: "string" |
| EnableIPv6: |
| type: "boolean" |
| IPAM: |
| $ref: "#/definitions/IPAM" |
| Internal: |
| type: "boolean" |
| Attachable: |
| type: "boolean" |
| Ingress: |
| type: "boolean" |
| Containers: |
| type: "object" |
| additionalProperties: |
| $ref: "#/definitions/NetworkContainer" |
| Options: |
| type: "object" |
| additionalProperties: |
| type: "string" |
| Labels: |
| type: "object" |
| additionalProperties: |
| type: "string" |
| example: |
| Name: "net01" |
| Id: "7d86d31b1478e7cca9ebed7e73aa0fdeec46c5ca29497431d3007d2d9e15ed99" |
| Created: "2016-10-19T04:33:30.360899459Z" |
| Scope: "local" |
| Driver: "bridge" |
| EnableIPv6: false |
| IPAM: |
| Driver: "default" |
| Config: |
| - Subnet: "172.19.0.0/16" |
| Gateway: "172.19.0.1" |
| Options: |
| foo: "bar" |
| Internal: false |
| Attachable: false |
| Ingress: false |
| Containers: |
| 19a4d5d687db25203351ed79d478946f861258f018fe384f229f2efa4b23513c: |
| Name: "test" |
| EndpointID: "628cadb8bcb92de107b2a1e516cbffe463e321f548feb37697cce00ad694f21a" |
| MacAddress: "02:42:ac:13:00:02" |
| IPv4Address: "172.19.0.2/16" |
| IPv6Address: "" |
| Options: |
| com.docker.network.bridge.default_bridge: "true" |
| com.docker.network.bridge.enable_icc: "true" |
| com.docker.network.bridge.enable_ip_masquerade: "true" |
| com.docker.network.bridge.host_binding_ipv4: "0.0.0.0" |
| com.docker.network.bridge.name: "docker0" |
| com.docker.network.driver.mtu: "1500" |
| Labels: |
| com.example.some-label: "some-value" |
| com.example.some-other-label: "some-other-value" |
| IPAM: |
| type: "object" |
| properties: |
| Driver: |
| description: "Name of the IPAM driver to use." |
| type: "string" |
| default: "default" |
| Config: |
| description: | |
| List of IPAM configuration options, specified as a map: |
| |
| ``` |
| {"Subnet": <CIDR>, "IPRange": <CIDR>, "Gateway": <IP address>, "AuxAddress": <device_name:IP address>} |
| ``` |
| type: "array" |
| items: |
| $ref: "#/definitions/IPAMConfig" |
| Options: |
| description: "Driver-specific options, specified as a map." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| |
| IPAMConfig: |
| type: "object" |
| properties: |
| Subnet: |
| type: "string" |
| IPRange: |
| type: "string" |
| Gateway: |
| type: "string" |
| AuxiliaryAddresses: |
| type: "object" |
| additionalProperties: |
| type: "string" |
| |
| NetworkContainer: |
| type: "object" |
| properties: |
| Name: |
| type: "string" |
| EndpointID: |
| type: "string" |
| MacAddress: |
| type: "string" |
| IPv4Address: |
| type: "string" |
| IPv6Address: |
| type: "string" |
| |
| BuildInfo: |
| type: "object" |
| properties: |
| id: |
| type: "string" |
| stream: |
| type: "string" |
| error: |
| type: "string" |
| errorDetail: |
| $ref: "#/definitions/ErrorDetail" |
| status: |
| type: "string" |
| progress: |
| type: "string" |
| progressDetail: |
| $ref: "#/definitions/ProgressDetail" |
| aux: |
| $ref: "#/definitions/ImageID" |
| |
| BuildCache: |
| type: "object" |
| description: | |
| BuildCache contains information about a build cache record. |
| properties: |
| ID: |
| type: "string" |
| description: | |
| Unique ID of the build cache record. |
| example: "ndlpt0hhvkqcdfkputsk4cq9c" |
| Parent: |
| description: | |
| ID of the parent build cache record. |
| |
| > **Deprecated**: This field is deprecated, and omitted if empty. |
| type: "string" |
| x-nullable: true |
| example: "" |
| Parents: |
| description: | |
| List of parent build cache record IDs. |
| type: "array" |
| items: |
| type: "string" |
| x-nullable: true |
| example: ["hw53o5aio51xtltp5xjp8v7fx"] |
| Type: |
| type: "string" |
| description: | |
| Cache record type. |
| example: "regular" |
| # see https://github.com/moby/buildkit/blob/fce4a32258dc9d9664f71a4831d5de10f0670677/client/diskusage.go#L75-L84 |
| enum: |
| - "internal" |
| - "frontend" |
| - "source.local" |
| - "source.git.checkout" |
| - "exec.cachemount" |
| - "regular" |
| Description: |
| type: "string" |
| description: | |
| Description of the build-step that produced the build cache. |
| example: "mount / from exec /bin/sh -c echo 'Binary::apt::APT::Keep-Downloaded-Packages \"true\";' > /etc/apt/apt.conf.d/keep-cache" |
| InUse: |
| type: "boolean" |
| description: | |
| Indicates if the build cache is in use. |
| example: false |
| Shared: |
| type: "boolean" |
| description: | |
| Indicates if the build cache is shared. |
| example: true |
| Size: |
| description: | |
| Amount of disk space used by the build cache (in bytes). |
| type: "integer" |
| example: 51 |
| CreatedAt: |
| description: | |
| Date and time at which the build cache was created in |
| [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. |
| type: "string" |
| format: "dateTime" |
| example: "2016-08-18T10:44:24.496525531Z" |
| LastUsedAt: |
| description: | |
| Date and time at which the build cache was last used in |
| [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. |
| type: "string" |
| format: "dateTime" |
| x-nullable: true |
| example: "2017-08-09T07:09:37.632105588Z" |
| UsageCount: |
| type: "integer" |
| example: 26 |
| |
| ImageID: |
| type: "object" |
| description: "Image ID or Digest" |
| properties: |
| ID: |
| type: "string" |
| example: |
| ID: "sha256:85f05633ddc1c50679be2b16a0479ab6f7637f8884e0cfe0f4d20e1ebb3d6e7c" |
| |
| CreateImageInfo: |
| type: "object" |
| properties: |
| id: |
| type: "string" |
| error: |
| type: "string" |
| status: |
| type: "string" |
| progress: |
| type: "string" |
| progressDetail: |
| $ref: "#/definitions/ProgressDetail" |
| |
| PushImageInfo: |
| type: "object" |
| properties: |
| error: |
| type: "string" |
| status: |
| type: "string" |
| progress: |
| type: "string" |
| progressDetail: |
| $ref: "#/definitions/ProgressDetail" |
| |
| ErrorDetail: |
| type: "object" |
| properties: |
| code: |
| type: "integer" |
| message: |
| type: "string" |
| |
| ProgressDetail: |
| type: "object" |
| properties: |
| current: |
| type: "integer" |
| total: |
| type: "integer" |
| |
| ErrorResponse: |
| description: "Represents an error." |
| type: "object" |
| required: ["message"] |
| properties: |
| message: |
| description: "The error message." |
| type: "string" |
| x-nullable: false |
| example: |
| message: "Something went wrong." |
| |
| IdResponse: |
| description: "Response to an API call that returns just an Id" |
| type: "object" |
| required: ["Id"] |
| properties: |
| Id: |
| description: "The id of the newly created object." |
| type: "string" |
| x-nullable: false |
| |
| EndpointSettings: |
| description: "Configuration for a network endpoint." |
| type: "object" |
| properties: |
| # Configurations |
| IPAMConfig: |
| $ref: "#/definitions/EndpointIPAMConfig" |
| Links: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "container_1" |
| - "container_2" |
| Aliases: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "server_x" |
| - "server_y" |
| |
| # Operational data |
| NetworkID: |
| description: | |
| Unique ID of the network. |
| type: "string" |
| example: "08754567f1f40222263eab4102e1c733ae697e8e354aa9cd6e18d7402835292a" |
| EndpointID: |
| description: | |
| Unique ID for the service endpoint in a Sandbox. |
| type: "string" |
| example: "b88f5b905aabf2893f3cbc4ee42d1ea7980bbc0a92e2c8922b1e1795298afb0b" |
| Gateway: |
| description: | |
| Gateway address for this network. |
| type: "string" |
| example: "172.17.0.1" |
| IPAddress: |
| description: | |
| IPv4 address. |
| type: "string" |
| example: "172.17.0.4" |
| IPPrefixLen: |
| description: | |
| Mask length of the IPv4 address. |
| type: "integer" |
| example: 16 |
| IPv6Gateway: |
| description: | |
| IPv6 gateway address. |
| type: "string" |
| example: "2001:db8:2::100" |
| GlobalIPv6Address: |
| description: | |
| Global IPv6 address. |
| type: "string" |
| example: "2001:db8::5689" |
| GlobalIPv6PrefixLen: |
| description: | |
| Mask length of the global IPv6 address. |
| type: "integer" |
| format: "int64" |
| example: 64 |
| MacAddress: |
| description: | |
| MAC address for the endpoint on this network. |
| type: "string" |
| example: "02:42:ac:11:00:04" |
| DriverOpts: |
| description: | |
| DriverOpts is a mapping of driver options and values. These options |
| are passed directly to the driver and are driver specific. |
| type: "object" |
| x-nullable: true |
| additionalProperties: |
| type: "string" |
| example: |
| com.example.some-label: "some-value" |
| com.example.some-other-label: "some-other-value" |
| |
| EndpointIPAMConfig: |
| description: | |
| EndpointIPAMConfig represents an endpoint's IPAM configuration. |
| type: "object" |
| x-nullable: true |
| properties: |
| IPv4Address: |
| type: "string" |
| example: "172.20.30.33" |
| IPv6Address: |
| type: "string" |
| example: "2001:db8:abcd::3033" |
| LinkLocalIPs: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "169.254.34.68" |
| - "fe80::3468" |
| |
| PluginMount: |
| type: "object" |
| x-nullable: false |
| required: [Name, Description, Settable, Source, Destination, Type, Options] |
| properties: |
| Name: |
| type: "string" |
| x-nullable: false |
| example: "some-mount" |
| Description: |
| type: "string" |
| x-nullable: false |
| example: "This is a mount that's used by the plugin." |
| Settable: |
| type: "array" |
| items: |
| type: "string" |
| Source: |
| type: "string" |
| example: "/var/lib/docker/plugins/" |
| Destination: |
| type: "string" |
| x-nullable: false |
| example: "/mnt/state" |
| Type: |
| type: "string" |
| x-nullable: false |
| example: "bind" |
| Options: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "rbind" |
| - "rw" |
| |
| PluginDevice: |
| type: "object" |
| required: [Name, Description, Settable, Path] |
| x-nullable: false |
| properties: |
| Name: |
| type: "string" |
| x-nullable: false |
| Description: |
| type: "string" |
| x-nullable: false |
| Settable: |
| type: "array" |
| items: |
| type: "string" |
| Path: |
| type: "string" |
| example: "/dev/fuse" |
| |
| PluginEnv: |
| type: "object" |
| x-nullable: false |
| required: [Name, Description, Settable, Value] |
| properties: |
| Name: |
| x-nullable: false |
| type: "string" |
| Description: |
| x-nullable: false |
| type: "string" |
| Settable: |
| type: "array" |
| items: |
| type: "string" |
| Value: |
| type: "string" |
| |
| PluginInterfaceType: |
| type: "object" |
| x-nullable: false |
| required: [Prefix, Capability, Version] |
| properties: |
| Prefix: |
| type: "string" |
| x-nullable: false |
| Capability: |
| type: "string" |
| x-nullable: false |
| Version: |
| type: "string" |
| x-nullable: false |
| |
| PluginPrivilege: |
| description: | |
| Describes a permission the user has to accept upon installing |
| the plugin. |
| type: "object" |
| x-go-name: "PluginPrivilege" |
| properties: |
| Name: |
| type: "string" |
| example: "network" |
| Description: |
| type: "string" |
| Value: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "host" |
| |
| Plugin: |
| description: "A plugin for the Engine API" |
| type: "object" |
| required: [Settings, Enabled, Config, Name] |
| properties: |
| Id: |
| type: "string" |
| example: "5724e2c8652da337ab2eedd19fc6fc0ec908e4bd907c7421bf6a8dfc70c4c078" |
| Name: |
| type: "string" |
| x-nullable: false |
| example: "tiborvass/sample-volume-plugin" |
| Enabled: |
| description: |
| True if the plugin is running. False if the plugin is not running, |
| only installed. |
| type: "boolean" |
| x-nullable: false |
| example: true |
| Settings: |
| description: "Settings that can be modified by users." |
| type: "object" |
| x-nullable: false |
| required: [Args, Devices, Env, Mounts] |
| properties: |
| Mounts: |
| type: "array" |
| items: |
| $ref: "#/definitions/PluginMount" |
| Env: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "DEBUG=0" |
| Args: |
| type: "array" |
| items: |
| type: "string" |
| Devices: |
| type: "array" |
| items: |
| $ref: "#/definitions/PluginDevice" |
| PluginReference: |
| description: "plugin remote reference used to push/pull the plugin" |
| type: "string" |
| x-nullable: false |
| example: "localhost:5000/tiborvass/sample-volume-plugin:latest" |
| Config: |
| description: "The config of a plugin." |
| type: "object" |
| x-nullable: false |
| required: |
| - Description |
| - Documentation |
| - Interface |
| - Entrypoint |
| - WorkDir |
| - Network |
| - Linux |
| - PidHost |
| - PropagatedMount |
| - IpcHost |
| - Mounts |
| - Env |
| - Args |
| properties: |
| DockerVersion: |
| description: "Docker Version used to create the plugin" |
| type: "string" |
| x-nullable: false |
| example: "17.06.0-ce" |
| Description: |
| type: "string" |
| x-nullable: false |
| example: "A sample volume plugin for Docker" |
| Documentation: |
| type: "string" |
| x-nullable: false |
| example: "https://docs.docker.com/engine/extend/plugins/" |
| Interface: |
| description: "The interface between Docker and the plugin" |
| x-nullable: false |
| type: "object" |
| required: [Types, Socket] |
| properties: |
| Types: |
| type: "array" |
| items: |
| $ref: "#/definitions/PluginInterfaceType" |
| example: |
| - "docker.volumedriver/1.0" |
| Socket: |
| type: "string" |
| x-nullable: false |
| example: "plugins.sock" |
| ProtocolScheme: |
| type: "string" |
| example: "some.protocol/v1.0" |
| description: "Protocol to use for clients connecting to the plugin." |
| enum: |
| - "" |
| - "moby.plugins.http/v1" |
| Entrypoint: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "/usr/bin/sample-volume-plugin" |
| - "/data" |
| WorkDir: |
| type: "string" |
| x-nullable: false |
| example: "/bin/" |
| User: |
| type: "object" |
| x-nullable: false |
| properties: |
| UID: |
| type: "integer" |
| format: "uint32" |
| example: 1000 |
| GID: |
| type: "integer" |
| format: "uint32" |
| example: 1000 |
| Network: |
| type: "object" |
| x-nullable: false |
| required: [Type] |
| properties: |
| Type: |
| x-nullable: false |
| type: "string" |
| example: "host" |
| Linux: |
| type: "object" |
| x-nullable: false |
| required: [Capabilities, AllowAllDevices, Devices] |
| properties: |
| Capabilities: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "CAP_SYS_ADMIN" |
| - "CAP_SYSLOG" |
| AllowAllDevices: |
| type: "boolean" |
| x-nullable: false |
| example: false |
| Devices: |
| type: "array" |
| items: |
| $ref: "#/definitions/PluginDevice" |
| PropagatedMount: |
| type: "string" |
| x-nullable: false |
| example: "/mnt/volumes" |
| IpcHost: |
| type: "boolean" |
| x-nullable: false |
| example: false |
| PidHost: |
| type: "boolean" |
| x-nullable: false |
| example: false |
| Mounts: |
| type: "array" |
| items: |
| $ref: "#/definitions/PluginMount" |
| Env: |
| type: "array" |
| items: |
| $ref: "#/definitions/PluginEnv" |
| example: |
| - Name: "DEBUG" |
| Description: "If set, prints debug messages" |
| Settable: null |
| Value: "0" |
| Args: |
| type: "object" |
| x-nullable: false |
| required: [Name, Description, Settable, Value] |
| properties: |
| Name: |
| x-nullable: false |
| type: "string" |
| example: "args" |
| Description: |
| x-nullable: false |
| type: "string" |
| example: "command line arguments" |
| Settable: |
| type: "array" |
| items: |
| type: "string" |
| Value: |
| type: "array" |
| items: |
| type: "string" |
| rootfs: |
| type: "object" |
| properties: |
| type: |
| type: "string" |
| example: "layers" |
| diff_ids: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "sha256:675532206fbf3030b8458f88d6e26d4eb1577688a25efec97154c94e8b6b4887" |
| - "sha256:e216a057b1cb1efc11f8a268f37ef62083e70b1b38323ba252e25ac88904a7e8" |
| |
| ObjectVersion: |
| description: | |
| The version number of the object such as node, service, etc. This is needed |
| to avoid conflicting writes. The client must send the version number along |
| with the modified specification when updating these objects. |
| |
| This approach ensures safe concurrency and determinism in that the change |
| on the object may not be applied if the version number has changed from the |
| last read. In other words, if two update requests specify the same base |
| version, only one of the requests can succeed. As a result, two separate |
| update requests that happen at the same time will not unintentionally |
| overwrite each other. |
| type: "object" |
| properties: |
| Index: |
| type: "integer" |
| format: "uint64" |
| example: 373531 |
| |
| NodeSpec: |
| type: "object" |
| properties: |
| Name: |
| description: "Name for the node." |
| type: "string" |
| example: "my-node" |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| Role: |
| description: "Role of the node." |
| type: "string" |
| enum: |
| - "worker" |
| - "manager" |
| example: "manager" |
| Availability: |
| description: "Availability of the node." |
| type: "string" |
| enum: |
| - "active" |
| - "pause" |
| - "drain" |
| example: "active" |
| example: |
| Availability: "active" |
| Name: "node-name" |
| Role: "manager" |
| Labels: |
| foo: "bar" |
| |
| Node: |
| type: "object" |
| properties: |
| ID: |
| type: "string" |
| example: "24ifsmvkjbyhk" |
| Version: |
| $ref: "#/definitions/ObjectVersion" |
| CreatedAt: |
| description: | |
| Date and time at which the node was added to the swarm in |
| [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. |
| type: "string" |
| format: "dateTime" |
| example: "2016-08-18T10:44:24.496525531Z" |
| UpdatedAt: |
| description: | |
| Date and time at which the node was last updated in |
| [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. |
| type: "string" |
| format: "dateTime" |
| example: "2017-08-09T07:09:37.632105588Z" |
| Spec: |
| $ref: "#/definitions/NodeSpec" |
| Description: |
| $ref: "#/definitions/NodeDescription" |
| Status: |
| $ref: "#/definitions/NodeStatus" |
| ManagerStatus: |
| $ref: "#/definitions/ManagerStatus" |
| |
| NodeDescription: |
| description: | |
| NodeDescription encapsulates the properties of the Node as reported by the |
| agent. |
| type: "object" |
| properties: |
| Hostname: |
| type: "string" |
| example: "bf3067039e47" |
| Platform: |
| $ref: "#/definitions/Platform" |
| Resources: |
| $ref: "#/definitions/ResourceObject" |
| Engine: |
| $ref: "#/definitions/EngineDescription" |
| TLSInfo: |
| $ref: "#/definitions/TLSInfo" |
| |
| Platform: |
| description: | |
| Platform represents the platform (Arch/OS). |
| type: "object" |
| properties: |
| Architecture: |
| description: | |
| Architecture represents the hardware architecture (for example, |
| `x86_64`). |
| type: "string" |
| example: "x86_64" |
| OS: |
| description: | |
| OS represents the Operating System (for example, `linux` or `windows`). |
| type: "string" |
| example: "linux" |
| |
| EngineDescription: |
| description: "EngineDescription provides information about an engine." |
| type: "object" |
| properties: |
| EngineVersion: |
| type: "string" |
| example: "17.06.0" |
| Labels: |
| type: "object" |
| additionalProperties: |
| type: "string" |
| example: |
| foo: "bar" |
| Plugins: |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| Type: |
| type: "string" |
| Name: |
| type: "string" |
| example: |
| - Type: "Log" |
| Name: "awslogs" |
| - Type: "Log" |
| Name: "fluentd" |
| - Type: "Log" |
| Name: "gcplogs" |
| - Type: "Log" |
| Name: "gelf" |
| - Type: "Log" |
| Name: "journald" |
| - Type: "Log" |
| Name: "json-file" |
| - Type: "Log" |
| Name: "logentries" |
| - Type: "Log" |
| Name: "splunk" |
| - Type: "Log" |
| Name: "syslog" |
| - Type: "Network" |
| Name: "bridge" |
| - Type: "Network" |
| Name: "host" |
| - Type: "Network" |
| Name: "ipvlan" |
| - Type: "Network" |
| Name: "macvlan" |
| - Type: "Network" |
| Name: "null" |
| - Type: "Network" |
| Name: "overlay" |
| - Type: "Volume" |
| Name: "local" |
| - Type: "Volume" |
| Name: "localhost:5000/vieux/sshfs:latest" |
| - Type: "Volume" |
| Name: "vieux/sshfs:latest" |
| |
| TLSInfo: |
| description: | |
| Information about the issuer of leaf TLS certificates and the trusted root |
| CA certificate. |
| type: "object" |
| properties: |
| TrustRoot: |
| description: | |
| The root CA certificate(s) that are used to validate leaf TLS |
| certificates. |
| type: "string" |
| CertIssuerSubject: |
| description: |
| The base64-url-safe-encoded raw subject bytes of the issuer. |
| type: "string" |
| CertIssuerPublicKey: |
| description: | |
| The base64-url-safe-encoded raw public key bytes of the issuer. |
| type: "string" |
| example: |
| TrustRoot: | |
| -----BEGIN CERTIFICATE----- |
| MIIBajCCARCgAwIBAgIUbYqrLSOSQHoxD8CwG6Bi2PJi9c8wCgYIKoZIzj0EAwIw |
| EzERMA8GA1UEAxMIc3dhcm0tY2EwHhcNMTcwNDI0MjE0MzAwWhcNMzcwNDE5MjE0 |
| MzAwWjATMREwDwYDVQQDEwhzd2FybS1jYTBZMBMGByqGSM49AgEGCCqGSM49AwEH |
| A0IABJk/VyMPYdaqDXJb/VXh5n/1Yuv7iNrxV3Qb3l06XD46seovcDWs3IZNV1lf |
| 3Skyr0ofcchipoiHkXBODojJydSjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB |
| Af8EBTADAQH/MB0GA1UdDgQWBBRUXxuRcnFjDfR/RIAUQab8ZV/n4jAKBggqhkjO |
| PQQDAgNIADBFAiAy+JTe6Uc3KyLCMiqGl2GyWGQqQDEcO3/YG36x7om65AIhAJvz |
| pxv6zFeVEkAEEkqIYi0omA9+CjanB/6Bz4n1uw8H |
| -----END CERTIFICATE----- |
| CertIssuerSubject: "MBMxETAPBgNVBAMTCHN3YXJtLWNh" |
| CertIssuerPublicKey: "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEmT9XIw9h1qoNclv9VeHmf/Vi6/uI2vFXdBveXTpcPjqx6i9wNazchk1XWV/dKTKvSh9xyGKmiIeRcE4OiMnJ1A==" |
| |
| NodeStatus: |
| description: | |
| NodeStatus represents the status of a node. |
| |
| It provides the current status of the node, as seen by the manager. |
| type: "object" |
| properties: |
| State: |
| $ref: "#/definitions/NodeState" |
| Message: |
| type: "string" |
| example: "" |
| Addr: |
| description: "IP address of the node." |
| type: "string" |
| example: "172.17.0.2" |
| |
| NodeState: |
| description: "NodeState represents the state of a node." |
| type: "string" |
| enum: |
| - "unknown" |
| - "down" |
| - "ready" |
| - "disconnected" |
| example: "ready" |
| |
| ManagerStatus: |
| description: | |
| ManagerStatus represents the status of a manager. |
| |
| It provides the current status of a node's manager component, if the node |
| is a manager. |
| x-nullable: true |
| type: "object" |
| properties: |
| Leader: |
| type: "boolean" |
| default: false |
| example: true |
| Reachability: |
| $ref: "#/definitions/Reachability" |
| Addr: |
| description: | |
| The IP address and port at which the manager is reachable. |
| type: "string" |
| example: "10.0.0.46:2377" |
| |
| Reachability: |
| description: "Reachability represents the reachability of a node." |
| type: "string" |
| enum: |
| - "unknown" |
| - "unreachable" |
| - "reachable" |
| example: "reachable" |
| |
| SwarmSpec: |
| description: "User modifiable swarm configuration." |
| type: "object" |
| properties: |
| Name: |
| description: "Name of the swarm." |
| type: "string" |
| example: "default" |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| example: |
| com.example.corp.type: "production" |
| com.example.corp.department: "engineering" |
| Orchestration: |
| description: "Orchestration configuration." |
| type: "object" |
| x-nullable: true |
| properties: |
| TaskHistoryRetentionLimit: |
| description: | |
| The number of historic tasks to keep per instance or node. If |
| negative, never remove completed or failed tasks. |
| type: "integer" |
| format: "int64" |
| example: 10 |
| Raft: |
| description: "Raft configuration." |
| type: "object" |
| properties: |
| SnapshotInterval: |
| description: "The number of log entries between snapshots." |
| type: "integer" |
| format: "uint64" |
| example: 10000 |
| KeepOldSnapshots: |
| description: | |
| The number of snapshots to keep beyond the current snapshot. |
| type: "integer" |
| format: "uint64" |
| LogEntriesForSlowFollowers: |
| description: | |
| The number of log entries to keep around to sync up slow followers |
| after a snapshot is created. |
| type: "integer" |
| format: "uint64" |
| example: 500 |
| ElectionTick: |
| description: | |
| The number of ticks that a follower will wait for a message from |
| the leader before becoming a candidate and starting an election. |
| `ElectionTick` must be greater than `HeartbeatTick`. |
| |
| A tick currently defaults to one second, so these translate |
| directly to seconds currently, but this is NOT guaranteed. |
| type: "integer" |
| example: 3 |
| HeartbeatTick: |
| description: | |
| The number of ticks between heartbeats. Every HeartbeatTick ticks, |
| the leader will send a heartbeat to the followers. |
| |
| A tick currently defaults to one second, so these translate |
| directly to seconds currently, but this is NOT guaranteed. |
| type: "integer" |
| example: 1 |
| Dispatcher: |
| description: "Dispatcher configuration." |
| type: "object" |
| x-nullable: true |
| properties: |
| HeartbeatPeriod: |
| description: | |
| The delay for an agent to send a heartbeat to the dispatcher. |
| type: "integer" |
| format: "int64" |
| example: 5000000000 |
| CAConfig: |
| description: "CA configuration." |
| type: "object" |
| x-nullable: true |
| properties: |
| NodeCertExpiry: |
| description: "The duration node certificates are issued for." |
| type: "integer" |
| format: "int64" |
| example: 7776000000000000 |
| ExternalCAs: |
| description: | |
| Configuration for forwarding signing requests to an external |
| certificate authority. |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| Protocol: |
| description: | |
| Protocol for communication with the external CA (currently |
| only `cfssl` is supported). |
| type: "string" |
| enum: |
| - "cfssl" |
| default: "cfssl" |
| URL: |
| description: | |
| URL where certificate signing requests should be sent. |
| type: "string" |
| Options: |
| description: | |
| An object with key/value pairs that are interpreted as |
| protocol-specific options for the external CA driver. |
| type: "object" |
| additionalProperties: |
| type: "string" |
| CACert: |
| description: | |
| The root CA certificate (in PEM format) this external CA uses |
| to issue TLS certificates (assumed to be to the current swarm |
| root CA certificate if not provided). |
| type: "string" |
| SigningCACert: |
| description: | |
| The desired signing CA certificate for all swarm node TLS leaf |
| certificates, in PEM format. |
| type: "string" |
| SigningCAKey: |
| description: | |
| The desired signing CA key for all swarm node TLS leaf certificates, |
| in PEM format. |
| type: "string" |
| ForceRotate: |
| description: | |
| An integer whose purpose is to force swarm to generate a new |
| signing CA certificate and key, if none have been specified in |
| `SigningCACert` and `SigningCAKey` |
| format: "uint64" |
| type: "integer" |
| EncryptionConfig: |
| description: "Parameters related to encryption-at-rest." |
| type: "object" |
| properties: |
| AutoLockManagers: |
| description: | |
| If set, generate a key and use it to lock data stored on the |
| managers. |
| type: "boolean" |
| example: false |
| TaskDefaults: |
| description: "Defaults for creating tasks in this cluster." |
| type: "object" |
| properties: |
| LogDriver: |
| description: | |
| The log driver to use for tasks created in the orchestrator if |
| unspecified by a service. |
| |
| Updating this value only affects new tasks. Existing tasks continue |
| to use their previously configured log driver until recreated. |
| type: "object" |
| properties: |
| Name: |
| description: | |
| The log driver to use as a default for new tasks. |
| type: "string" |
| example: "json-file" |
| Options: |
| description: | |
| Driver-specific options for the selectd log driver, specified |
| as key/value pairs. |
| type: "object" |
| additionalProperties: |
| type: "string" |
| example: |
| "max-file": "10" |
| "max-size": "100m" |
| |
| # The Swarm information for `GET /info`. It is the same as `GET /swarm`, but |
| # without `JoinTokens`. |
| ClusterInfo: |
| description: | |
| ClusterInfo represents information about the swarm as is returned by the |
| "/info" endpoint. Join-tokens are not included. |
| x-nullable: true |
| type: "object" |
| properties: |
| ID: |
| description: "The ID of the swarm." |
| type: "string" |
| example: "abajmipo7b4xz5ip2nrla6b11" |
| Version: |
| $ref: "#/definitions/ObjectVersion" |
| CreatedAt: |
| description: | |
| Date and time at which the swarm was initialised in |
| [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. |
| type: "string" |
| format: "dateTime" |
| example: "2016-08-18T10:44:24.496525531Z" |
| UpdatedAt: |
| description: | |
| Date and time at which the swarm was last updated in |
| [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. |
| type: "string" |
| format: "dateTime" |
| example: "2017-08-09T07:09:37.632105588Z" |
| Spec: |
| $ref: "#/definitions/SwarmSpec" |
| TLSInfo: |
| $ref: "#/definitions/TLSInfo" |
| RootRotationInProgress: |
| description: | |
| Whether there is currently a root CA rotation in progress for the swarm |
| type: "boolean" |
| example: false |
| DataPathPort: |
| description: | |
| DataPathPort specifies the data path port number for data traffic. |
| Acceptable port range is 1024 to 49151. |
| If no port is set or is set to 0, the default port (4789) is used. |
| type: "integer" |
| format: "uint32" |
| default: 4789 |
| example: 4789 |
| DefaultAddrPool: |
| description: | |
| Default Address Pool specifies default subnet pools for global scope |
| networks. |
| type: "array" |
| items: |
| type: "string" |
| format: "CIDR" |
| example: ["10.10.0.0/16", "20.20.0.0/16"] |
| SubnetSize: |
| description: | |
| SubnetSize specifies the subnet size of the networks created from the |
| default subnet pool. |
| type: "integer" |
| format: "uint32" |
| maximum: 29 |
| default: 24 |
| example: 24 |
| |
| JoinTokens: |
| description: | |
| JoinTokens contains the tokens workers and managers need to join the swarm. |
| type: "object" |
| properties: |
| Worker: |
| description: | |
| The token workers can use to join the swarm. |
| type: "string" |
| example: "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-1awxwuwd3z9j1z3puu7rcgdbx" |
| Manager: |
| description: | |
| The token managers can use to join the swarm. |
| type: "string" |
| example: "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2" |
| |
| Swarm: |
| type: "object" |
| allOf: |
| - $ref: "#/definitions/ClusterInfo" |
| - type: "object" |
| properties: |
| JoinTokens: |
| $ref: "#/definitions/JoinTokens" |
| |
| TaskSpec: |
| description: "User modifiable task configuration." |
| type: "object" |
| properties: |
| PluginSpec: |
| type: "object" |
| description: | |
| Plugin spec for the service. *(Experimental release only.)* |
| |
| <p><br /></p> |
| |
| > **Note**: ContainerSpec, NetworkAttachmentSpec, and PluginSpec are |
| > mutually exclusive. PluginSpec is only used when the Runtime field |
| > is set to `plugin`. NetworkAttachmentSpec is used when the Runtime |
| > field is set to `attachment`. |
| properties: |
| Name: |
| description: "The name or 'alias' to use for the plugin." |
| type: "string" |
| Remote: |
| description: "The plugin image reference to use." |
| type: "string" |
| Disabled: |
| description: "Disable the plugin once scheduled." |
| type: "boolean" |
| PluginPrivilege: |
| type: "array" |
| items: |
| $ref: "#/definitions/PluginPrivilege" |
| ContainerSpec: |
| type: "object" |
| description: | |
| Container spec for the service. |
| |
| <p><br /></p> |
| |
| > **Note**: ContainerSpec, NetworkAttachmentSpec, and PluginSpec are |
| > mutually exclusive. PluginSpec is only used when the Runtime field |
| > is set to `plugin`. NetworkAttachmentSpec is used when the Runtime |
| > field is set to `attachment`. |
| properties: |
| Image: |
| description: "The image name to use for the container" |
| type: "string" |
| Labels: |
| description: "User-defined key/value data." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| Command: |
| description: "The command to be run in the image." |
| type: "array" |
| items: |
| type: "string" |
| Args: |
| description: "Arguments to the command." |
| type: "array" |
| items: |
| type: "string" |
| Hostname: |
| description: | |
| The hostname to use for the container, as a valid |
| [RFC 1123](https://tools.ietf.org/html/rfc1123) hostname. |
| type: "string" |
| Env: |
| description: | |
| A list of environment variables in the form `VAR=value`. |
| type: "array" |
| items: |
| type: "string" |
| Dir: |
| description: "The working directory for commands to run in." |
| type: "string" |
| User: |
| description: "The user inside the container." |
| type: "string" |
| Groups: |
| type: "array" |
| description: | |
| A list of additional groups that the container process will run as. |
| items: |
| type: "string" |
| Privileges: |
| type: "object" |
| description: "Security options for the container" |
| properties: |
| CredentialSpec: |
| type: "object" |
| description: "CredentialSpec for managed service account (Windows only)" |
| properties: |
| Config: |
| type: "string" |
| example: "0bt9dmxjvjiqermk6xrop3ekq" |
| description: | |
| Load credential spec from a Swarm Config with the given ID. |
| The specified config must also be present in the Configs |
| field with the Runtime property set. |
| |
| <p><br /></p> |
| |
| |
| > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, |
| > and `CredentialSpec.Config` are mutually exclusive. |
| File: |
| type: "string" |
| example: "spec.json" |
| description: | |
| Load credential spec from this file. The file is read by |
| the daemon, and must be present in the `CredentialSpecs` |
| subdirectory in the docker data directory, which defaults |
| to `C:\ProgramData\Docker\` on Windows. |
| |
| For example, specifying `spec.json` loads |
| `C:\ProgramData\Docker\CredentialSpecs\spec.json`. |
| |
| <p><br /></p> |
| |
| > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, |
| > and `CredentialSpec.Config` are mutually exclusive. |
| Registry: |
| type: "string" |
| description: | |
| Load credential spec from this value in the Windows |
| registry. The specified registry value must be located in: |
| |
| `HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Containers\CredentialSpecs` |
| |
| <p><br /></p> |
| |
| |
| > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, |
| > and `CredentialSpec.Config` are mutually exclusive. |
| SELinuxContext: |
| type: "object" |
| description: "SELinux labels of the container" |
| properties: |
| Disable: |
| type: "boolean" |
| description: "Disable SELinux" |
| User: |
| type: "string" |
| description: "SELinux user label" |
| Role: |
| type: "string" |
| description: "SELinux role label" |
| Type: |
| type: "string" |
| description: "SELinux type label" |
| Level: |
| type: "string" |
| description: "SELinux level label" |
| TTY: |
| description: "Whether a pseudo-TTY should be allocated." |
| type: "boolean" |
| OpenStdin: |
| description: "Open `stdin`" |
| type: "boolean" |
| ReadOnly: |
| description: "Mount the container's root filesystem as read only." |
| type: "boolean" |
| Mounts: |
| description: | |
| Specification for mounts to be added to containers created as part |
| of the service. |
| type: "array" |
| items: |
| $ref: "#/definitions/Mount" |
| StopSignal: |
| description: "Signal to stop the container." |
| type: "string" |
| StopGracePeriod: |
| description: | |
| Amount of time to wait for the container to terminate before |
| forcefully killing it. |
| type: "integer" |
| format: "int64" |
| HealthCheck: |
| $ref: "#/definitions/HealthConfig" |
| Hosts: |
| type: "array" |
| description: | |
| A list of hostname/IP mappings to add to the container's `hosts` |
| file. The format of extra hosts is specified in the |
| [hosts(5)](http://man7.org/linux/man-pages/man5/hosts.5.html) |
| man page: |
| |
| IP_address canonical_hostname [aliases...] |
| items: |
| type: "string" |
| DNSConfig: |
| description: | |
| Specification for DNS related configurations in resolver configuration |
| file (`resolv.conf`). |
| type: "object" |
| properties: |
| Nameservers: |
| description: "The IP addresses of the name servers." |
| type: "array" |
| items: |
| type: "string" |
| Search: |
| description: "A search list for host-name lookup." |
| type: "array" |
| items: |
| type: "string" |
| Options: |
| description: | |
| A list of internal resolver variables to be modified (e.g., |
| `debug`, `ndots:3`, etc.). |
| type: "array" |
| items: |
| type: "string" |
| Secrets: |
| description: | |
| Secrets contains references to zero or more secrets that will be |
| exposed to the service. |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| File: |
| description: | |
| File represents a specific target that is backed by a file. |
| type: "object" |
| properties: |
| Name: |
| description: | |
| Name represents the final filename in the filesystem. |
| type: "string" |
| UID: |
| description: "UID represents the file UID." |
| type: "string" |
| GID: |
| description: "GID represents the file GID." |
| type: "string" |
| Mode: |
| description: "Mode represents the FileMode of the file." |
| type: "integer" |
| format: "uint32" |
| SecretID: |
| description: | |
| SecretID represents the ID of the specific secret that we're |
| referencing. |
| type: "string" |
| SecretName: |
| description: | |
| SecretName is the name of the secret that this references, |
| but this is just provided for lookup/display purposes. The |
| secret in the reference will be identified by its ID. |
| type: "string" |
| Configs: |
| description: | |
| Configs contains references to zero or more configs that will be |
| exposed to the service. |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| File: |
| description: | |
| File represents a specific target that is backed by a file. |
| |
| <p><br /><p> |
| |
| > **Note**: `Configs.File` and `Configs.Runtime` are mutually exclusive |
| type: "object" |
| properties: |
| Name: |
| description: | |
| Name represents the final filename in the filesystem. |
| type: "string" |
| UID: |
| description: "UID represents the file UID." |
| type: "string" |
| GID: |
| description: "GID represents the file GID." |
| type: "string" |
| Mode: |
| description: "Mode represents the FileMode of the file." |
| type: "integer" |
| format: "uint32" |
| Runtime: |
| description: | |
| Runtime represents a target that is not mounted into the |
| container but is used by the task |
| |
| <p><br /><p> |
| |
| > **Note**: `Configs.File` and `Configs.Runtime` are mutually |
| > exclusive |
| type: "object" |
| ConfigID: |
| description: | |
| ConfigID represents the ID of the specific config that we're |
| referencing. |
| type: "string" |
| ConfigName: |
| description: | |
| ConfigName is the name of the config that this references, |
| but this is just provided for lookup/display purposes. The |
| config in the reference will be identified by its ID. |
| type: "string" |
| Isolation: |
| type: "string" |
| description: | |
| Isolation technology of the containers running the service. |
| (Windows only) |
| enum: |
| - "default" |
| - "process" |
| - "hyperv" |
| Init: |
| description: | |
| Run an init inside the container that forwards signals and reaps |
| processes. This field is omitted if empty, and the default (as |
| configured on the daemon) is used. |
| type: "boolean" |
| x-nullable: true |
| Sysctls: |
| description: | |
| Set kernel namedspaced parameters (sysctls) in the container. |
| The Sysctls option on services accepts the same sysctls as the |
| are supported on containers. Note that while the same sysctls are |
| supported, no guarantees or checks are made about their |
| suitability for a clustered environment, and it's up to the user |
| to determine whether a given sysctl will work properly in a |
| Service. |
| type: "object" |
| additionalProperties: |
| type: "string" |
| # This option is not used by Windows containers |
| CapabilityAdd: |
| type: "array" |
| description: | |
| A list of kernel capabilities to add to the default set |
| for the container. |
| items: |
| type: "string" |
| example: |
| - "CAP_NET_RAW" |
| - "CAP_SYS_ADMIN" |
| - "CAP_SYS_CHROOT" |
| - "CAP_SYSLOG" |
| CapabilityDrop: |
| type: "array" |
| description: | |
| A list of kernel capabilities to drop from the default set |
| for the container. |
| items: |
| type: "string" |
| example: |
| - "CAP_NET_RAW" |
| Ulimits: |
| description: | |
| A list of resource limits to set in the container. For example: `{"Name": "nofile", "Soft": 1024, "Hard": 2048}`" |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| Name: |
| description: "Name of ulimit" |
| type: "string" |
| Soft: |
| description: "Soft limit" |
| type: "integer" |
| Hard: |
| description: "Hard limit" |
| type: "integer" |
| NetworkAttachmentSpec: |
| description: | |
| Read-only spec type for non-swarm containers attached to swarm overlay |
| networks. |
| |
| <p><br /></p> |
| |
| > **Note**: ContainerSpec, NetworkAttachmentSpec, and PluginSpec are |
| > mutually exclusive. PluginSpec is only used when the Runtime field |
| > is set to `plugin`. NetworkAttachmentSpec is used when the Runtime |
| > field is set to `attachment`. |
| type: "object" |
| properties: |
| ContainerID: |
| description: "ID of the container represented by this task" |
| type: "string" |
| Resources: |
| description: | |
| Resource requirements which apply to each individual container created |
| as part of the service. |
| type: "object" |
| properties: |
| Limits: |
| description: "Define resources limits." |
| $ref: "#/definitions/Limit" |
| Reservations: |
| description: "Define resources reservation." |
| $ref: "#/definitions/ResourceObject" |
| RestartPolicy: |
| description: | |
| Specification for the restart policy which applies to containers |
| created as part of this service. |
| type: "object" |
| properties: |
| Condition: |
| description: "Condition for restart." |
| type: "string" |
| enum: |
| - "none" |
| - "on-failure" |
| - "any" |
| Delay: |
| description: "Delay between restart attempts." |
| type: "integer" |
| format: "int64" |
| MaxAttempts: |
| description: | |
| Maximum attempts to restart a given container before giving up |
| (default value is 0, which is ignored). |
| type: "integer" |
| format: "int64" |
| default: 0 |
| Window: |
| description: | |
| Windows is the time window used to evaluate the restart policy |
| (default value is 0, which is unbounded). |
| type: "integer" |
| format: "int64" |
| default: 0 |
| Placement: |
| type: "object" |
| properties: |
| Constraints: |
| description: | |
| An array of constraint expressions to limit the set of nodes where |
| a task can be scheduled. Constraint expressions can either use a |
| _match_ (`==`) or _exclude_ (`!=`) rule. Multiple constraints find |
| nodes that satisfy every expression (AND match). Constraints can |
| match node or Docker Engine labels as follows: |
| |
| node attribute | matches | example |
| ---------------------|--------------------------------|----------------------------------------------- |
| `node.id` | Node ID | `node.id==2ivku8v2gvtg4` |
| `node.hostname` | Node hostname | `node.hostname!=node-2` |
| `node.role` | Node role (`manager`/`worker`) | `node.role==manager` |
| `node.platform.os` | Node operating system | `node.platform.os==windows` |
| `node.platform.arch` | Node architecture | `node.platform.arch==x86_64` |
| `node.labels` | User-defined node labels | `node.labels.security==high` |
| `engine.labels` | Docker Engine's labels | `engine.labels.operatingsystem==ubuntu-14.04` |
| |
| `engine.labels` apply to Docker Engine labels like operating system, |
| drivers, etc. Swarm administrators add `node.labels` for operational |
| purposes by using the [`node update endpoint`](#operation/NodeUpdate). |
| |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "node.hostname!=node3.corp.example.com" |
| - "node.role!=manager" |
| - "node.labels.type==production" |
| - "node.platform.os==linux" |
| - "node.platform.arch==x86_64" |
| Preferences: |
| description: | |
| Preferences provide a way to make the scheduler aware of factors |
| such as topology. They are provided in order from highest to |
| lowest precedence. |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| Spread: |
| type: "object" |
| properties: |
| SpreadDescriptor: |
| description: | |
| label descriptor, such as `engine.labels.az`. |
| type: "string" |
| example: |
| - Spread: |
| SpreadDescriptor: "node.labels.datacenter" |
| - Spread: |
| SpreadDescriptor: "node.labels.rack" |
| MaxReplicas: |
| description: | |
| Maximum number of replicas for per node (default value is 0, which |
| is unlimited) |
| type: "integer" |
| format: "int64" |
| default: 0 |
| Platforms: |
| description: | |
| Platforms stores all the platforms that the service's image can |
| run on. This field is used in the platform filter for scheduling. |
| If empty, then the platform filter is off, meaning there are no |
| scheduling restrictions. |
| type: "array" |
| items: |
| $ref: "#/definitions/Platform" |
| ForceUpdate: |
| description: | |
| A counter that triggers an update even if no relevant parameters have |
| been changed. |
| type: "integer" |
| Runtime: |
| description: | |
| Runtime is the type of runtime specified for the task executor. |
| type: "string" |
| Networks: |
| description: "Specifies which networks the service should attach to." |
| type: "array" |
| items: |
| $ref: "#/definitions/NetworkAttachmentConfig" |
| LogDriver: |
| description: | |
| Specifies the log driver to use for tasks created from this spec. If |
| not present, the default one for the swarm will be used, finally |
| falling back to the engine default if not specified. |
| type: "object" |
| properties: |
| Name: |
| type: "string" |
| Options: |
| type: "object" |
| additionalProperties: |
| type: "string" |
| |
| TaskState: |
| type: "string" |
| enum: |
| - "new" |
| - "allocated" |
| - "pending" |
| - "assigned" |
| - "accepted" |
| - "preparing" |
| - "ready" |
| - "starting" |
| - "running" |
| - "complete" |
| - "shutdown" |
| - "failed" |
| - "rejected" |
| - "remove" |
| - "orphaned" |
| |
| Task: |
| type: "object" |
| properties: |
| ID: |
| description: "The ID of the task." |
| type: "string" |
| Version: |
| $ref: "#/definitions/ObjectVersion" |
| CreatedAt: |
| type: "string" |
| format: "dateTime" |
| UpdatedAt: |
| type: "string" |
| format: "dateTime" |
| Name: |
| description: "Name of the task." |
| type: "string" |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| Spec: |
| $ref: "#/definitions/TaskSpec" |
| ServiceID: |
| description: "The ID of the service this task is part of." |
| type: "string" |
| Slot: |
| type: "integer" |
| NodeID: |
| description: "The ID of the node that this task is on." |
| type: "string" |
| AssignedGenericResources: |
| $ref: "#/definitions/GenericResources" |
| Status: |
| type: "object" |
| properties: |
| Timestamp: |
| type: "string" |
| format: "dateTime" |
| State: |
| $ref: "#/definitions/TaskState" |
| Message: |
| type: "string" |
| Err: |
| type: "string" |
| ContainerStatus: |
| type: "object" |
| properties: |
| ContainerID: |
| type: "string" |
| PID: |
| type: "integer" |
| ExitCode: |
| type: "integer" |
| DesiredState: |
| $ref: "#/definitions/TaskState" |
| JobIteration: |
| description: | |
| If the Service this Task belongs to is a job-mode service, contains |
| the JobIteration of the Service this Task was created for. Absent if |
| the Task was created for a Replicated or Global Service. |
| $ref: "#/definitions/ObjectVersion" |
| example: |
| ID: "0kzzo1i0y4jz6027t0k7aezc7" |
| Version: |
| Index: 71 |
| CreatedAt: "2016-06-07T21:07:31.171892745Z" |
| UpdatedAt: "2016-06-07T21:07:31.376370513Z" |
| Spec: |
| ContainerSpec: |
| Image: "redis" |
| Resources: |
| Limits: {} |
| Reservations: {} |
| RestartPolicy: |
| Condition: "any" |
| MaxAttempts: 0 |
| Placement: {} |
| ServiceID: "9mnpnzenvg8p8tdbtq4wvbkcz" |
| Slot: 1 |
| NodeID: "60gvrl6tm78dmak4yl7srz94v" |
| Status: |
| Timestamp: "2016-06-07T21:07:31.290032978Z" |
| State: "running" |
| Message: "started" |
| ContainerStatus: |
| ContainerID: "e5d62702a1b48d01c3e02ca1e0212a250801fa8d67caca0b6f35919ebc12f035" |
| PID: 677 |
| DesiredState: "running" |
| NetworksAttachments: |
| - Network: |
| ID: "4qvuz4ko70xaltuqbt8956gd1" |
| Version: |
| Index: 18 |
| CreatedAt: "2016-06-07T20:31:11.912919752Z" |
| UpdatedAt: "2016-06-07T21:07:29.955277358Z" |
| Spec: |
| Name: "ingress" |
| Labels: |
| com.docker.swarm.internal: "true" |
| DriverConfiguration: {} |
| IPAMOptions: |
| Driver: {} |
| Configs: |
| - Subnet: "10.255.0.0/16" |
| Gateway: "10.255.0.1" |
| DriverState: |
| Name: "overlay" |
| Options: |
| com.docker.network.driver.overlay.vxlanid_list: "256" |
| IPAMOptions: |
| Driver: |
| Name: "default" |
| Configs: |
| - Subnet: "10.255.0.0/16" |
| Gateway: "10.255.0.1" |
| Addresses: |
| - "10.255.0.10/16" |
| AssignedGenericResources: |
| - DiscreteResourceSpec: |
| Kind: "SSD" |
| Value: 3 |
| - NamedResourceSpec: |
| Kind: "GPU" |
| Value: "UUID1" |
| - NamedResourceSpec: |
| Kind: "GPU" |
| Value: "UUID2" |
| |
| ServiceSpec: |
| description: "User modifiable configuration for a service." |
| type: object |
| properties: |
| Name: |
| description: "Name of the service." |
| type: "string" |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| TaskTemplate: |
| $ref: "#/definitions/TaskSpec" |
| Mode: |
| description: "Scheduling mode for the service." |
| type: "object" |
| properties: |
| Replicated: |
| type: "object" |
| properties: |
| Replicas: |
| type: "integer" |
| format: "int64" |
| Global: |
| type: "object" |
| ReplicatedJob: |
| description: | |
| The mode used for services with a finite number of tasks that run |
| to a completed state. |
| type: "object" |
| properties: |
| MaxConcurrent: |
| description: | |
| The maximum number of replicas to run simultaneously. |
| type: "integer" |
| format: "int64" |
| default: 1 |
| TotalCompletions: |
| description: | |
| The total number of replicas desired to reach the Completed |
| state. If unset, will default to the value of `MaxConcurrent` |
| type: "integer" |
| format: "int64" |
| GlobalJob: |
| description: | |
| The mode used for services which run a task to the completed state |
| on each valid node. |
| type: "object" |
| UpdateConfig: |
| description: "Specification for the update strategy of the service." |
| type: "object" |
| properties: |
| Parallelism: |
| description: | |
| Maximum number of tasks to be updated in one iteration (0 means |
| unlimited parallelism). |
| type: "integer" |
| format: "int64" |
| Delay: |
| description: "Amount of time between updates, in nanoseconds." |
| type: "integer" |
| format: "int64" |
| FailureAction: |
| description: | |
| Action to take if an updated task fails to run, or stops running |
| during the update. |
| type: "string" |
| enum: |
| - "continue" |
| - "pause" |
| - "rollback" |
| Monitor: |
| description: | |
| Amount of time to monitor each updated task for failures, in |
| nanoseconds. |
| type: "integer" |
| format: "int64" |
| MaxFailureRatio: |
| description: | |
| The fraction of tasks that may fail during an update before the |
| failure action is invoked, specified as a floating point number |
| between 0 and 1. |
| type: "number" |
| default: 0 |
| Order: |
| description: | |
| The order of operations when rolling out an updated task. Either |
| the old task is shut down before the new task is started, or the |
| new task is started before the old task is shut down. |
| type: "string" |
| enum: |
| - "stop-first" |
| - "start-first" |
| RollbackConfig: |
| description: "Specification for the rollback strategy of the service." |
| type: "object" |
| properties: |
| Parallelism: |
| description: | |
| Maximum number of tasks to be rolled back in one iteration (0 means |
| unlimited parallelism). |
| type: "integer" |
| format: "int64" |
| Delay: |
| description: | |
| Amount of time between rollback iterations, in nanoseconds. |
| type: "integer" |
| format: "int64" |
| FailureAction: |
| description: | |
| Action to take if an rolled back task fails to run, or stops |
| running during the rollback. |
| type: "string" |
| enum: |
| - "continue" |
| - "pause" |
| Monitor: |
| description: | |
| Amount of time to monitor each rolled back task for failures, in |
| nanoseconds. |
| type: "integer" |
| format: "int64" |
| MaxFailureRatio: |
| description: | |
| The fraction of tasks that may fail during a rollback before the |
| failure action is invoked, specified as a floating point number |
| between 0 and 1. |
| type: "number" |
| default: 0 |
| Order: |
| description: | |
| The order of operations when rolling back a task. Either the old |
| task is shut down before the new task is started, or the new task |
| is started before the old task is shut down. |
| type: "string" |
| enum: |
| - "stop-first" |
| - "start-first" |
| Networks: |
| description: "Specifies which networks the service should attach to." |
| type: "array" |
| items: |
| $ref: "#/definitions/NetworkAttachmentConfig" |
| |
| EndpointSpec: |
| $ref: "#/definitions/EndpointSpec" |
| |
| EndpointPortConfig: |
| type: "object" |
| properties: |
| Name: |
| type: "string" |
| Protocol: |
| type: "string" |
| enum: |
| - "tcp" |
| - "udp" |
| - "sctp" |
| TargetPort: |
| description: "The port inside the container." |
| type: "integer" |
| PublishedPort: |
| description: "The port on the swarm hosts." |
| type: "integer" |
| PublishMode: |
| description: | |
| The mode in which port is published. |
| |
| <p><br /></p> |
| |
| - "ingress" makes the target port accessible on every node, |
| regardless of whether there is a task for the service running on |
| that node or not. |
| - "host" bypasses the routing mesh and publish the port directly on |
| the swarm node where that service is running. |
| |
| type: "string" |
| enum: |
| - "ingress" |
| - "host" |
| default: "ingress" |
| example: "ingress" |
| |
| EndpointSpec: |
| description: "Properties that can be configured to access and load balance a service." |
| type: "object" |
| properties: |
| Mode: |
| description: | |
| The mode of resolution to use for internal load balancing between tasks. |
| type: "string" |
| enum: |
| - "vip" |
| - "dnsrr" |
| default: "vip" |
| Ports: |
| description: | |
| List of exposed ports that this service is accessible on from the |
| outside. Ports can only be provided if `vip` resolution mode is used. |
| type: "array" |
| items: |
| $ref: "#/definitions/EndpointPortConfig" |
| |
| Service: |
| type: "object" |
| properties: |
| ID: |
| type: "string" |
| Version: |
| $ref: "#/definitions/ObjectVersion" |
| CreatedAt: |
| type: "string" |
| format: "dateTime" |
| UpdatedAt: |
| type: "string" |
| format: "dateTime" |
| Spec: |
| $ref: "#/definitions/ServiceSpec" |
| Endpoint: |
| type: "object" |
| properties: |
| Spec: |
| $ref: "#/definitions/EndpointSpec" |
| Ports: |
| type: "array" |
| items: |
| $ref: "#/definitions/EndpointPortConfig" |
| VirtualIPs: |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| NetworkID: |
| type: "string" |
| Addr: |
| type: "string" |
| UpdateStatus: |
| description: "The status of a service update." |
| type: "object" |
| properties: |
| State: |
| type: "string" |
| enum: |
| - "updating" |
| - "paused" |
| - "completed" |
| StartedAt: |
| type: "string" |
| format: "dateTime" |
| CompletedAt: |
| type: "string" |
| format: "dateTime" |
| Message: |
| type: "string" |
| ServiceStatus: |
| description: | |
| The status of the service's tasks. Provided only when requested as |
| part of a ServiceList operation. |
| type: "object" |
| properties: |
| RunningTasks: |
| description: | |
| The number of tasks for the service currently in the Running state. |
| type: "integer" |
| format: "uint64" |
| example: 7 |
| DesiredTasks: |
| description: | |
| The number of tasks for the service desired to be running. |
| For replicated services, this is the replica count from the |
| service spec. For global services, this is computed by taking |
| count of all tasks for the service with a Desired State other |
| than Shutdown. |
| type: "integer" |
| format: "uint64" |
| example: 10 |
| CompletedTasks: |
| description: | |
| The number of tasks for a job that are in the Completed state. |
| This field must be cross-referenced with the service type, as the |
| value of 0 may mean the service is not in a job mode, or it may |
| mean the job-mode service has no tasks yet Completed. |
| type: "integer" |
| format: "uint64" |
| JobStatus: |
| description: | |
| The status of the service when it is in one of ReplicatedJob or |
| GlobalJob modes. Absent on Replicated and Global mode services. The |
| JobIteration is an ObjectVersion, but unlike the Service's version, |
| does not need to be sent with an update request. |
| type: "object" |
| properties: |
| JobIteration: |
| description: | |
| JobIteration is a value increased each time a Job is executed, |
| successfully or otherwise. "Executed", in this case, means the |
| job as a whole has been started, not that an individual Task has |
| been launched. A job is "Executed" when its ServiceSpec is |
| updated. JobIteration can be used to disambiguate Tasks belonging |
| to different executions of a job. Though JobIteration will |
| increase with each subsequent execution, it may not necessarily |
| increase by 1, and so JobIteration should not be used to |
| $ref: "#/definitions/ObjectVersion" |
| LastExecution: |
| description: | |
| The last time, as observed by the server, that this job was |
| started. |
| type: "string" |
| format: "dateTime" |
| example: |
| ID: "9mnpnzenvg8p8tdbtq4wvbkcz" |
| Version: |
| Index: 19 |
| CreatedAt: "2016-06-07T21:05:51.880065305Z" |
| UpdatedAt: "2016-06-07T21:07:29.962229872Z" |
| Spec: |
| Name: "hopeful_cori" |
| TaskTemplate: |
| ContainerSpec: |
| Image: "redis" |
| Resources: |
| Limits: {} |
| Reservations: {} |
| RestartPolicy: |
| Condition: "any" |
| MaxAttempts: 0 |
| Placement: {} |
| ForceUpdate: 0 |
| Mode: |
| Replicated: |
| Replicas: 1 |
| UpdateConfig: |
| Parallelism: 1 |
| Delay: 1000000000 |
| FailureAction: "pause" |
| Monitor: 15000000000 |
| MaxFailureRatio: 0.15 |
| RollbackConfig: |
| Parallelism: 1 |
| Delay: 1000000000 |
| FailureAction: "pause" |
| Monitor: 15000000000 |
| MaxFailureRatio: 0.15 |
| EndpointSpec: |
| Mode: "vip" |
| Ports: |
| - |
| Protocol: "tcp" |
| TargetPort: 6379 |
| PublishedPort: 30001 |
| Endpoint: |
| Spec: |
| Mode: "vip" |
| Ports: |
| - |
| Protocol: "tcp" |
| TargetPort: 6379 |
| PublishedPort: 30001 |
| Ports: |
| - |
| Protocol: "tcp" |
| TargetPort: 6379 |
| PublishedPort: 30001 |
| VirtualIPs: |
| - |
| NetworkID: "4qvuz4ko70xaltuqbt8956gd1" |
| Addr: "10.255.0.2/16" |
| - |
| NetworkID: "4qvuz4ko70xaltuqbt8956gd1" |
| Addr: "10.255.0.3/16" |
| |
| ImageDeleteResponseItem: |
| type: "object" |
| properties: |
| Untagged: |
| description: "The image ID of an image that was untagged" |
| type: "string" |
| Deleted: |
| description: "The image ID of an image that was deleted" |
| type: "string" |
| |
| ServiceUpdateResponse: |
| type: "object" |
| properties: |
| Warnings: |
| description: "Optional warning messages" |
| type: "array" |
| items: |
| type: "string" |
| example: |
| Warning: "unable to pin image doesnotexist:latest to digest: image library/doesnotexist:latest not found" |
| |
| ContainerSummary: |
| type: "object" |
| properties: |
| Id: |
| description: "The ID of this container" |
| type: "string" |
| x-go-name: "ID" |
| Names: |
| description: "The names that this container has been given" |
| type: "array" |
| items: |
| type: "string" |
| Image: |
| description: "The name of the image used when creating this container" |
| type: "string" |
| ImageID: |
| description: "The ID of the image that this container was created from" |
| type: "string" |
| Command: |
| description: "Command to run when starting the container" |
| type: "string" |
| Created: |
| description: "When the container was created" |
| type: "integer" |
| format: "int64" |
| Ports: |
| description: "The ports exposed by this container" |
| type: "array" |
| items: |
| $ref: "#/definitions/Port" |
| SizeRw: |
| description: "The size of files that have been created or changed by this container" |
| type: "integer" |
| format: "int64" |
| SizeRootFs: |
| description: "The total size of all the files in this container" |
| type: "integer" |
| format: "int64" |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| State: |
| description: "The state of this container (e.g. `Exited`)" |
| type: "string" |
| Status: |
| description: "Additional human-readable status of this container (e.g. `Exit 0`)" |
| type: "string" |
| HostConfig: |
| type: "object" |
| properties: |
| NetworkMode: |
| type: "string" |
| NetworkSettings: |
| description: "A summary of the container's network settings" |
| type: "object" |
| properties: |
| Networks: |
| type: "object" |
| additionalProperties: |
| $ref: "#/definitions/EndpointSettings" |
| Mounts: |
| type: "array" |
| items: |
| $ref: "#/definitions/MountPoint" |
| |
| Driver: |
| description: "Driver represents a driver (network, logging, secrets)." |
| type: "object" |
| required: [Name] |
| properties: |
| Name: |
| description: "Name of the driver." |
| type: "string" |
| x-nullable: false |
| example: "some-driver" |
| Options: |
| description: "Key/value map of driver-specific options." |
| type: "object" |
| x-nullable: false |
| additionalProperties: |
| type: "string" |
| example: |
| OptionA: "value for driver-specific option A" |
| OptionB: "value for driver-specific option B" |
| |
| SecretSpec: |
| type: "object" |
| properties: |
| Name: |
| description: "User-defined name of the secret." |
| type: "string" |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| example: |
| com.example.some-label: "some-value" |
| com.example.some-other-label: "some-other-value" |
| Data: |
| description: | |
| Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-5)) |
| data to store as secret. |
| |
| This field is only used to _create_ a secret, and is not returned by |
| other endpoints. |
| type: "string" |
| example: "" |
| Driver: |
| description: | |
| Name of the secrets driver used to fetch the secret's value from an |
| external secret store. |
| $ref: "#/definitions/Driver" |
| Templating: |
| description: | |
| Templating driver, if applicable |
| |
| Templating controls whether and how to evaluate the config payload as |
| a template. If no driver is set, no templating is used. |
| $ref: "#/definitions/Driver" |
| |
| Secret: |
| type: "object" |
| properties: |
| ID: |
| type: "string" |
| example: "blt1owaxmitz71s9v5zh81zun" |
| Version: |
| $ref: "#/definitions/ObjectVersion" |
| CreatedAt: |
| type: "string" |
| format: "dateTime" |
| example: "2017-07-20T13:55:28.678958722Z" |
| UpdatedAt: |
| type: "string" |
| format: "dateTime" |
| example: "2017-07-20T13:55:28.678958722Z" |
| Spec: |
| $ref: "#/definitions/SecretSpec" |
| |
| ConfigSpec: |
| type: "object" |
| properties: |
| Name: |
| description: "User-defined name of the config." |
| type: "string" |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| Data: |
| description: | |
| Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-5)) |
| config data. |
| type: "string" |
| Templating: |
| description: | |
| Templating driver, if applicable |
| |
| Templating controls whether and how to evaluate the config payload as |
| a template. If no driver is set, no templating is used. |
| $ref: "#/definitions/Driver" |
| |
| Config: |
| type: "object" |
| properties: |
| ID: |
| type: "string" |
| Version: |
| $ref: "#/definitions/ObjectVersion" |
| CreatedAt: |
| type: "string" |
| format: "dateTime" |
| UpdatedAt: |
| type: "string" |
| format: "dateTime" |
| Spec: |
| $ref: "#/definitions/ConfigSpec" |
| |
| ContainerState: |
| description: | |
| ContainerState stores container's running state. It's part of ContainerJSONBase |
| and will be returned by the "inspect" command. |
| type: "object" |
| x-nullable: true |
| properties: |
| Status: |
| description: | |
| String representation of the container state. Can be one of "created", |
| "running", "paused", "restarting", "removing", "exited", or "dead". |
| type: "string" |
| enum: ["created", "running", "paused", "restarting", "removing", "exited", "dead"] |
| example: "running" |
| Running: |
| description: | |
| Whether this container is running. |
| |
| Note that a running container can be _paused_. The `Running` and `Paused` |
| booleans are not mutually exclusive: |
| |
| When pausing a container (on Linux), the freezer cgroup is used to suspend |
| all processes in the container. Freezing the process requires the process to |
| be running. As a result, paused containers are both `Running` _and_ `Paused`. |
| |
| Use the `Status` field instead to determine if a container's state is "running". |
| type: "boolean" |
| example: true |
| Paused: |
| description: "Whether this container is paused." |
| type: "boolean" |
| example: false |
| Restarting: |
| description: "Whether this container is restarting." |
| type: "boolean" |
| example: false |
| OOMKilled: |
| description: | |
| Whether this container has been killed because it ran out of memory. |
| type: "boolean" |
| example: false |
| Dead: |
| type: "boolean" |
| example: false |
| Pid: |
| description: "The process ID of this container" |
| type: "integer" |
| example: 1234 |
| ExitCode: |
| description: "The last exit code of this container" |
| type: "integer" |
| example: 0 |
| Error: |
| type: "string" |
| StartedAt: |
| description: "The time when this container was last started." |
| type: "string" |
| example: "2020-01-06T09:06:59.461876391Z" |
| FinishedAt: |
| description: "The time when this container last exited." |
| type: "string" |
| example: "2020-01-06T09:07:59.461876391Z" |
| Health: |
| $ref: "#/definitions/Health" |
| |
| ContainerCreateResponse: |
| description: "OK response to ContainerCreate operation" |
| type: "object" |
| title: "ContainerCreateResponse" |
| x-go-name: "CreateResponse" |
| required: [Id, Warnings] |
| properties: |
| Id: |
| description: "The ID of the created container" |
| type: "string" |
| x-nullable: false |
| example: "ede54ee1afda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c743" |
| Warnings: |
| description: "Warnings encountered when creating the container" |
| type: "array" |
| x-nullable: false |
| items: |
| type: "string" |
| example: [] |
| |
| ContainerWaitResponse: |
| description: "OK response to ContainerWait operation" |
| type: "object" |
| x-go-name: "WaitResponse" |
| title: "ContainerWaitResponse" |
| required: [StatusCode] |
| properties: |
| StatusCode: |
| description: "Exit code of the container" |
| type: "integer" |
| format: "int64" |
| x-nullable: false |
| Error: |
| $ref: "#/definitions/ContainerWaitExitError" |
| |
| ContainerWaitExitError: |
| description: "container waiting error, if any" |
| type: "object" |
| x-go-name: "WaitExitError" |
| properties: |
| Message: |
| description: "Details of an error" |
| type: "string" |
| |
| SystemVersion: |
| type: "object" |
| description: | |
| Response of Engine API: GET "/version" |
| properties: |
| Platform: |
| type: "object" |
| required: [Name] |
| properties: |
| Name: |
| type: "string" |
| Components: |
| type: "array" |
| description: | |
| Information about system components |
| items: |
| type: "object" |
| x-go-name: ComponentVersion |
| required: [Name, Version] |
| properties: |
| Name: |
| description: | |
| Name of the component |
| type: "string" |
| example: "Engine" |
| Version: |
| description: | |
| Version of the component |
| type: "string" |
| x-nullable: false |
| example: "19.03.12" |
| Details: |
| description: | |
| Key/value pairs of strings with additional information about the |
| component. These values are intended for informational purposes |
| only, and their content is not defined, and not part of the API |
| specification. |
| |
| These messages can be printed by the client as information to the user. |
| type: "object" |
| x-nullable: true |
| Version: |
| description: "The version of the daemon" |
| type: "string" |
| example: "19.03.12" |
| ApiVersion: |
| description: | |
| The default (and highest) API version that is supported by the daemon |
| type: "string" |
| example: "1.40" |
| MinAPIVersion: |
| description: | |
| The minimum API version that is supported by the daemon |
| type: "string" |
| example: "1.12" |
| GitCommit: |
| description: | |
| The Git commit of the source code that was used to build the daemon |
| type: "string" |
| example: "48a66213fe" |
| GoVersion: |
| description: | |
| The version Go used to compile the daemon, and the version of the Go |
| runtime in use. |
| type: "string" |
| example: "go1.13.14" |
| Os: |
| description: | |
| The operating system that the daemon is running on ("linux" or "windows") |
| type: "string" |
| example: "linux" |
| Arch: |
| description: | |
| The architecture that the daemon is running on |
| type: "string" |
| example: "amd64" |
| KernelVersion: |
| description: | |
| The kernel version (`uname -r`) that the daemon is running on. |
| |
| This field is omitted when empty. |
| type: "string" |
| example: "4.19.76-linuxkit" |
| Experimental: |
| description: | |
| Indicates if the daemon is started with experimental features enabled. |
| |
| This field is omitted when empty / false. |
| type: "boolean" |
| example: true |
| BuildTime: |
| description: | |
| The date and time that the daemon was compiled. |
| type: "string" |
| example: "2020-06-22T15:49:27.000000000+00:00" |
| |
| SystemInfo: |
| type: "object" |
| properties: |
| ID: |
| description: | |
| Unique identifier of the daemon. |
| |
| <p><br /></p> |
| |
| > **Note**: The format of the ID itself is not part of the API, and |
| > should not be considered stable. |
| type: "string" |
| example: "7TRN:IPZB:QYBB:VPBQ:UMPP:KARE:6ZNR:XE6T:7EWV:PKF4:ZOJD:TPYS" |
| Containers: |
| description: "Total number of containers on the host." |
| type: "integer" |
| example: 14 |
| ContainersRunning: |
| description: | |
| Number of containers with status `"running"`. |
| type: "integer" |
| example: 3 |
| ContainersPaused: |
| description: | |
| Number of containers with status `"paused"`. |
| type: "integer" |
| example: 1 |
| ContainersStopped: |
| description: | |
| Number of containers with status `"stopped"`. |
| type: "integer" |
| example: 10 |
| Images: |
| description: | |
| Total number of images on the host. |
| |
| Both _tagged_ and _untagged_ (dangling) images are counted. |
| type: "integer" |
| example: 508 |
| Driver: |
| description: "Name of the storage driver in use." |
| type: "string" |
| example: "overlay2" |
| DriverStatus: |
| description: | |
| Information specific to the storage driver, provided as |
| "label" / "value" pairs. |
| |
| This information is provided by the storage driver, and formatted |
| in a way consistent with the output of `docker info` on the command |
| line. |
| |
| <p><br /></p> |
| |
| > **Note**: The information returned in this field, including the |
| > formatting of values and labels, should not be considered stable, |
| > and may change without notice. |
| type: "array" |
| items: |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - ["Backing Filesystem", "extfs"] |
| - ["Supports d_type", "true"] |
| - ["Native Overlay Diff", "true"] |
| DockerRootDir: |
| description: | |
| Root directory of persistent Docker state. |
| |
| Defaults to `/var/lib/docker` on Linux, and `C:\ProgramData\docker` |
| on Windows. |
| type: "string" |
| example: "/var/lib/docker" |
| Plugins: |
| $ref: "#/definitions/PluginsInfo" |
| MemoryLimit: |
| description: "Indicates if the host has memory limit support enabled." |
| type: "boolean" |
| example: true |
| SwapLimit: |
| description: "Indicates if the host has memory swap limit support enabled." |
| type: "boolean" |
| example: true |
| KernelMemoryTCP: |
| description: | |
| Indicates if the host has kernel memory TCP limit support enabled. This |
| field is omitted if not supported. |
| |
| Kernel memory TCP limits are not supported when using cgroups v2, which |
| does not support the corresponding `memory.kmem.tcp.limit_in_bytes` cgroup. |
| type: "boolean" |
| example: true |
| CpuCfsPeriod: |
| description: | |
| Indicates if CPU CFS(Completely Fair Scheduler) period is supported by |
| the host. |
| type: "boolean" |
| example: true |
| CpuCfsQuota: |
| description: | |
| Indicates if CPU CFS(Completely Fair Scheduler) quota is supported by |
| the host. |
| type: "boolean" |
| example: true |
| CPUShares: |
| description: | |
| Indicates if CPU Shares limiting is supported by the host. |
| type: "boolean" |
| example: true |
| CPUSet: |
| description: | |
| Indicates if CPUsets (cpuset.cpus, cpuset.mems) are supported by the host. |
| |
| See [cpuset(7)](https://www.kernel.org/doc/Documentation/cgroup-v1/cpusets.txt) |
| type: "boolean" |
| example: true |
| PidsLimit: |
| description: "Indicates if the host kernel has PID limit support enabled." |
| type: "boolean" |
| example: true |
| OomKillDisable: |
| description: "Indicates if OOM killer disable is supported on the host." |
| type: "boolean" |
| IPv4Forwarding: |
| description: "Indicates IPv4 forwarding is enabled." |
| type: "boolean" |
| example: true |
| BridgeNfIptables: |
| description: "Indicates if `bridge-nf-call-iptables` is available on the host." |
| type: "boolean" |
| example: true |
| BridgeNfIp6tables: |
| description: "Indicates if `bridge-nf-call-ip6tables` is available on the host." |
| type: "boolean" |
| example: true |
| Debug: |
| description: | |
| Indicates if the daemon is running in debug-mode / with debug-level |
| logging enabled. |
| type: "boolean" |
| example: true |
| NFd: |
| description: | |
| The total number of file Descriptors in use by the daemon process. |
| |
| This information is only returned if debug-mode is enabled. |
| type: "integer" |
| example: 64 |
| NGoroutines: |
| description: | |
| The number of goroutines that currently exist. |
| |
| This information is only returned if debug-mode is enabled. |
| type: "integer" |
| example: 174 |
| SystemTime: |
| description: | |
| Current system-time in [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) |
| format with nano-seconds. |
| type: "string" |
| example: "2017-08-08T20:28:29.06202363Z" |
| LoggingDriver: |
| description: | |
| The logging driver to use as a default for new containers. |
| type: "string" |
| CgroupDriver: |
| description: | |
| The driver to use for managing cgroups. |
| type: "string" |
| enum: ["cgroupfs", "systemd", "none"] |
| default: "cgroupfs" |
| example: "cgroupfs" |
| CgroupVersion: |
| description: | |
| The version of the cgroup. |
| type: "string" |
| enum: ["1", "2"] |
| default: "1" |
| example: "1" |
| NEventsListener: |
| description: "Number of event listeners subscribed." |
| type: "integer" |
| example: 30 |
| KernelVersion: |
| description: | |
| Kernel version of the host. |
| |
| On Linux, this information obtained from `uname`. On Windows this |
| information is queried from the <kbd>HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\</kbd> |
| registry value, for example _"10.0 14393 (14393.1198.amd64fre.rs1_release_sec.170427-1353)"_. |
| type: "string" |
| example: "4.9.38-moby" |
| OperatingSystem: |
| description: | |
| Name of the host's operating system, for example: "Ubuntu 16.04.2 LTS" |
| or "Windows Server 2016 Datacenter" |
| type: "string" |
| example: "Alpine Linux v3.5" |
| OSVersion: |
| description: | |
| Version of the host's operating system |
| |
| <p><br /></p> |
| |
| > **Note**: The information returned in this field, including its |
| > very existence, and the formatting of values, should not be considered |
| > stable, and may change without notice. |
| type: "string" |
| example: "16.04" |
| OSType: |
| description: | |
| Generic type of the operating system of the host, as returned by the |
| Go runtime (`GOOS`). |
| |
| Currently returned values are "linux" and "windows". A full list of |
| possible values can be found in the [Go documentation](https://golang.org/doc/install/source#environment). |
| type: "string" |
| example: "linux" |
| Architecture: |
| description: | |
| Hardware architecture of the host, as returned by the Go runtime |
| (`GOARCH`). |
| |
| A full list of possible values can be found in the [Go documentation](https://golang.org/doc/install/source#environment). |
| type: "string" |
| example: "x86_64" |
| NCPU: |
| description: | |
| The number of logical CPUs usable by the daemon. |
| |
| The number of available CPUs is checked by querying the operating |
| system when the daemon starts. Changes to operating system CPU |
| allocation after the daemon is started are not reflected. |
| type: "integer" |
| example: 4 |
| MemTotal: |
| description: | |
| Total amount of physical memory available on the host, in bytes. |
| type: "integer" |
| format: "int64" |
| example: 2095882240 |
| |
| IndexServerAddress: |
| description: | |
| Address / URL of the index server that is used for image search, |
| and as a default for user authentication for Docker Hub and Docker Cloud. |
| default: "https://index.docker.io/v1/" |
| type: "string" |
| example: "https://index.docker.io/v1/" |
| RegistryConfig: |
| $ref: "#/definitions/RegistryServiceConfig" |
| GenericResources: |
| $ref: "#/definitions/GenericResources" |
| HttpProxy: |
| description: | |
| HTTP-proxy configured for the daemon. This value is obtained from the |
| [`HTTP_PROXY`](https://www.gnu.org/software/wget/manual/html_node/Proxies.html) environment variable. |
| Credentials ([user info component](https://tools.ietf.org/html/rfc3986#section-3.2.1)) in the proxy URL |
| are masked in the API response. |
| |
| Containers do not automatically inherit this configuration. |
| type: "string" |
| example: "http://xxxxx:xxxxx@proxy.corp.example.com:8080" |
| HttpsProxy: |
| description: | |
| HTTPS-proxy configured for the daemon. This value is obtained from the |
| [`HTTPS_PROXY`](https://www.gnu.org/software/wget/manual/html_node/Proxies.html) environment variable. |
| Credentials ([user info component](https://tools.ietf.org/html/rfc3986#section-3.2.1)) in the proxy URL |
| are masked in the API response. |
| |
| Containers do not automatically inherit this configuration. |
| type: "string" |
| example: "https://xxxxx:xxxxx@proxy.corp.example.com:4443" |
| NoProxy: |
| description: | |
| Comma-separated list of domain extensions for which no proxy should be |
| used. This value is obtained from the [`NO_PROXY`](https://www.gnu.org/software/wget/manual/html_node/Proxies.html) |
| environment variable. |
| |
| Containers do not automatically inherit this configuration. |
| type: "string" |
| example: "*.local, 169.254/16" |
| Name: |
| description: "Hostname of the host." |
| type: "string" |
| example: "node5.corp.example.com" |
| Labels: |
| description: | |
| User-defined labels (key/value metadata) as set on the daemon. |
| |
| <p><br /></p> |
| |
| > **Note**: When part of a Swarm, nodes can both have _daemon_ labels, |
| > set through the daemon configuration, and _node_ labels, set from a |
| > manager node in the Swarm. Node labels are not included in this |
| > field. Node labels can be retrieved using the `/nodes/(id)` endpoint |
| > on a manager node in the Swarm. |
| type: "array" |
| items: |
| type: "string" |
| example: ["storage=ssd", "production"] |
| ExperimentalBuild: |
| description: | |
| Indicates if experimental features are enabled on the daemon. |
| type: "boolean" |
| example: true |
| ServerVersion: |
| description: | |
| Version string of the daemon. |
| |
| > **Note**: the [standalone Swarm API](https://docs.docker.com/swarm/swarm-api/) |
| > returns the Swarm version instead of the daemon version, for example |
| > `swarm/1.2.8`. |
| type: "string" |
| example: "17.06.0-ce" |
| ClusterStore: |
| description: | |
| URL of the distributed storage backend. |
| |
| |
| The storage backend is used for multihost networking (to store |
| network and endpoint information) and by the node discovery mechanism. |
| |
| <p><br /></p> |
| |
| > **Deprecated**: This field is only propagated when using standalone Swarm |
| > mode, and overlay networking using an external k/v store. Overlay |
| > networks with Swarm mode enabled use the built-in raft store, and |
| > this field will be empty. |
| type: "string" |
| example: "consul://consul.corp.example.com:8600/some/path" |
| ClusterAdvertise: |
| description: | |
| The network endpoint that the Engine advertises for the purpose of |
| node discovery. ClusterAdvertise is a `host:port` combination on which |
| the daemon is reachable by other hosts. |
| |
| <p><br /></p> |
| |
| > **Deprecated**: This field is only propagated when using standalone Swarm |
| > mode, and overlay networking using an external k/v store. Overlay |
| > networks with Swarm mode enabled use the built-in raft store, and |
| > this field will be empty. |
| type: "string" |
| example: "node5.corp.example.com:8000" |
| Runtimes: |
| description: | |
| List of [OCI compliant](https://github.com/opencontainers/runtime-spec) |
| runtimes configured on the daemon. Keys hold the "name" used to |
| reference the runtime. |
| |
| The Docker daemon relies on an OCI compliant runtime (invoked via the |
| `containerd` daemon) as its interface to the Linux kernel namespaces, |
| cgroups, and SELinux. |
| |
| The default runtime is `runc`, and automatically configured. Additional |
| runtimes can be configured by the user and will be listed here. |
| type: "object" |
| additionalProperties: |
| $ref: "#/definitions/Runtime" |
| default: |
| runc: |
| path: "runc" |
| example: |
| runc: |
| path: "runc" |
| runc-master: |
| path: "/go/bin/runc" |
| custom: |
| path: "/usr/local/bin/my-oci-runtime" |
| runtimeArgs: ["--debug", "--systemd-cgroup=false"] |
| DefaultRuntime: |
| description: | |
| Name of the default OCI runtime that is used when starting containers. |
| |
| The default can be overridden per-container at create time. |
| type: "string" |
| default: "runc" |
| example: "runc" |
| Swarm: |
| $ref: "#/definitions/SwarmInfo" |
| LiveRestoreEnabled: |
| description: | |
| Indicates if live restore is enabled. |
| |
| If enabled, containers are kept running when the daemon is shutdown |
| or upon daemon start if running containers are detected. |
| type: "boolean" |
| default: false |
| example: false |
| Isolation: |
| description: | |
| Represents the isolation technology to use as a default for containers. |
| The supported values are platform-specific. |
| |
| If no isolation value is specified on daemon start, on Windows client, |
| the default is `hyperv`, and on Windows server, the default is `process`. |
| |
| This option is currently not used on other platforms. |
| default: "default" |
| type: "string" |
| enum: |
| - "default" |
| - "hyperv" |
| - "process" |
| InitBinary: |
| description: | |
| Name and, optional, path of the `docker-init` binary. |
| |
| If the path is omitted, the daemon searches the host's `$PATH` for the |
| binary and uses the first result. |
| type: "string" |
| example: "docker-init" |
| ContainerdCommit: |
| $ref: "#/definitions/Commit" |
| RuncCommit: |
| $ref: "#/definitions/Commit" |
| InitCommit: |
| $ref: "#/definitions/Commit" |
| SecurityOptions: |
| description: | |
| List of security features that are enabled on the daemon, such as |
| apparmor, seccomp, SELinux, user-namespaces (userns), and rootless. |
| |
| Additional configuration options for each security feature may |
| be present, and are included as a comma-separated list of key/value |
| pairs. |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "name=apparmor" |
| - "name=seccomp,profile=default" |
| - "name=selinux" |
| - "name=userns" |
| - "name=rootless" |
| ProductLicense: |
| description: | |
| Reports a summary of the product license on the daemon. |
| |
| If a commercial license has been applied to the daemon, information |
| such as number of nodes, and expiration are included. |
| type: "string" |
| example: "Community Engine" |
| DefaultAddressPools: |
| description: | |
| List of custom default address pools for local networks, which can be |
| specified in the daemon.json file or dockerd option. |
| |
| Example: a Base "10.10.0.0/16" with Size 24 will define the set of 256 |
| 10.10.[0-255].0/24 address pools. |
| type: "array" |
| items: |
| type: "object" |
| properties: |
| Base: |
| description: "The network address in CIDR format" |
| type: "string" |
| example: "10.10.0.0/16" |
| Size: |
| description: "The network pool size" |
| type: "integer" |
| example: "24" |
| Warnings: |
| description: | |
| List of warnings / informational messages about missing features, or |
| issues related to the daemon configuration. |
| |
| These messages can be printed by the client as information to the user. |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "WARNING: No memory limit support" |
| - "WARNING: bridge-nf-call-iptables is disabled" |
| - "WARNING: bridge-nf-call-ip6tables is disabled" |
| |
| |
| # PluginsInfo is a temp struct holding Plugins name |
| # registered with docker daemon. It is used by Info struct |
| PluginsInfo: |
| description: | |
| Available plugins per type. |
| |
| <p><br /></p> |
| |
| > **Note**: Only unmanaged (V1) plugins are included in this list. |
| > V1 plugins are "lazily" loaded, and are not returned in this list |
| > if there is no resource using the plugin. |
| type: "object" |
| properties: |
| Volume: |
| description: "Names of available volume-drivers, and network-driver plugins." |
| type: "array" |
| items: |
| type: "string" |
| example: ["local"] |
| Network: |
| description: "Names of available network-drivers, and network-driver plugins." |
| type: "array" |
| items: |
| type: "string" |
| example: ["bridge", "host", "ipvlan", "macvlan", "null", "overlay"] |
| Authorization: |
| description: "Names of available authorization plugins." |
| type: "array" |
| items: |
| type: "string" |
| example: ["img-authz-plugin", "hbm"] |
| Log: |
| description: "Names of available logging-drivers, and logging-driver plugins." |
| type: "array" |
| items: |
| type: "string" |
| example: ["awslogs", "fluentd", "gcplogs", "gelf", "journald", "json-file", "logentries", "splunk", "syslog"] |
| |
| |
| RegistryServiceConfig: |
| description: | |
| RegistryServiceConfig stores daemon registry services configuration. |
| type: "object" |
| x-nullable: true |
| properties: |
| AllowNondistributableArtifactsCIDRs: |
| description: | |
| List of IP ranges to which nondistributable artifacts can be pushed, |
| using the CIDR syntax [RFC 4632](https://tools.ietf.org/html/4632). |
| |
| Some images (for example, Windows base images) contain artifacts |
| whose distribution is restricted by license. When these images are |
| pushed to a registry, restricted artifacts are not included. |
| |
| This configuration override this behavior, and enables the daemon to |
| push nondistributable artifacts to all registries whose resolved IP |
| address is within the subnet described by the CIDR syntax. |
| |
| This option is useful when pushing images containing |
| nondistributable artifacts to a registry on an air-gapped network so |
| hosts on that network can pull the images without connecting to |
| another server. |
| |
| > **Warning**: Nondistributable artifacts typically have restrictions |
| > on how and where they can be distributed and shared. Only use this |
| > feature to push artifacts to private registries and ensure that you |
| > are in compliance with any terms that cover redistributing |
| > nondistributable artifacts. |
| |
| type: "array" |
| items: |
| type: "string" |
| example: ["::1/128", "127.0.0.0/8"] |
| AllowNondistributableArtifactsHostnames: |
| description: | |
| List of registry hostnames to which nondistributable artifacts can be |
| pushed, using the format `<hostname>[:<port>]` or `<IP address>[:<port>]`. |
| |
| Some images (for example, Windows base images) contain artifacts |
| whose distribution is restricted by license. When these images are |
| pushed to a registry, restricted artifacts are not included. |
| |
| This configuration override this behavior for the specified |
| registries. |
| |
| This option is useful when pushing images containing |
| nondistributable artifacts to a registry on an air-gapped network so |
| hosts on that network can pull the images without connecting to |
| another server. |
| |
| > **Warning**: Nondistributable artifacts typically have restrictions |
| > on how and where they can be distributed and shared. Only use this |
| > feature to push artifacts to private registries and ensure that you |
| > are in compliance with any terms that cover redistributing |
| > nondistributable artifacts. |
| type: "array" |
| items: |
| type: "string" |
| example: ["registry.internal.corp.example.com:3000", "[2001:db8:a0b:12f0::1]:443"] |
| InsecureRegistryCIDRs: |
| description: | |
| List of IP ranges of insecure registries, using the CIDR syntax |
| ([RFC 4632](https://tools.ietf.org/html/4632)). Insecure registries |
| accept un-encrypted (HTTP) and/or untrusted (HTTPS with certificates |
| from unknown CAs) communication. |
| |
| By default, local registries (`127.0.0.0/8`) are configured as |
| insecure. All other registries are secure. Communicating with an |
| insecure registry is not possible if the daemon assumes that registry |
| is secure. |
| |
| This configuration override this behavior, insecure communication with |
| registries whose resolved IP address is within the subnet described by |
| the CIDR syntax. |
| |
| Registries can also be marked insecure by hostname. Those registries |
| are listed under `IndexConfigs` and have their `Secure` field set to |
| `false`. |
| |
| > **Warning**: Using this option can be useful when running a local |
| > registry, but introduces security vulnerabilities. This option |
| > should therefore ONLY be used for testing purposes. For increased |
| > security, users should add their CA to their system's list of trusted |
| > CAs instead of enabling this option. |
| type: "array" |
| items: |
| type: "string" |
| example: ["::1/128", "127.0.0.0/8"] |
| IndexConfigs: |
| type: "object" |
| additionalProperties: |
| $ref: "#/definitions/IndexInfo" |
| example: |
| "127.0.0.1:5000": |
| "Name": "127.0.0.1:5000" |
| "Mirrors": [] |
| "Secure": false |
| "Official": false |
| "[2001:db8:a0b:12f0::1]:80": |
| "Name": "[2001:db8:a0b:12f0::1]:80" |
| "Mirrors": [] |
| "Secure": false |
| "Official": false |
| "docker.io": |
| Name: "docker.io" |
| Mirrors: ["https://hub-mirror.corp.example.com:5000/"] |
| Secure: true |
| Official: true |
| "registry.internal.corp.example.com:3000": |
| Name: "registry.internal.corp.example.com:3000" |
| Mirrors: [] |
| Secure: false |
| Official: false |
| Mirrors: |
| description: | |
| List of registry URLs that act as a mirror for the official |
| (`docker.io`) registry. |
| |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "https://hub-mirror.corp.example.com:5000/" |
| - "https://[2001:db8:a0b:12f0::1]/" |
| |
| IndexInfo: |
| description: |
| IndexInfo contains information about a registry. |
| type: "object" |
| x-nullable: true |
| properties: |
| Name: |
| description: | |
| Name of the registry, such as "docker.io". |
| type: "string" |
| example: "docker.io" |
| Mirrors: |
| description: | |
| List of mirrors, expressed as URIs. |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "https://hub-mirror.corp.example.com:5000/" |
| - "https://registry-2.docker.io/" |
| - "https://registry-3.docker.io/" |
| Secure: |
| description: | |
| Indicates if the registry is part of the list of insecure |
| registries. |
| |
| If `false`, the registry is insecure. Insecure registries accept |
| un-encrypted (HTTP) and/or untrusted (HTTPS with certificates from |
| unknown CAs) communication. |
| |
| > **Warning**: Insecure registries can be useful when running a local |
| > registry. However, because its use creates security vulnerabilities |
| > it should ONLY be enabled for testing purposes. For increased |
| > security, users should add their CA to their system's list of |
| > trusted CAs instead of enabling this option. |
| type: "boolean" |
| example: true |
| Official: |
| description: | |
| Indicates whether this is an official registry (i.e., Docker Hub / docker.io) |
| type: "boolean" |
| example: true |
| |
| Runtime: |
| description: | |
| Runtime describes an [OCI compliant](https://github.com/opencontainers/runtime-spec) |
| runtime. |
| |
| The runtime is invoked by the daemon via the `containerd` daemon. OCI |
| runtimes act as an interface to the Linux kernel namespaces, cgroups, |
| and SELinux. |
| type: "object" |
| properties: |
| path: |
| description: | |
| Name and, optional, path, of the OCI executable binary. |
| |
| If the path is omitted, the daemon searches the host's `$PATH` for the |
| binary and uses the first result. |
| type: "string" |
| example: "/usr/local/bin/my-oci-runtime" |
| runtimeArgs: |
| description: | |
| List of command-line arguments to pass to the runtime when invoked. |
| type: "array" |
| x-nullable: true |
| items: |
| type: "string" |
| example: ["--debug", "--systemd-cgroup=false"] |
| |
| Commit: |
| description: | |
| Commit holds the Git-commit (SHA1) that a binary was built from, as |
| reported in the version-string of external tools, such as `containerd`, |
| or `runC`. |
| type: "object" |
| properties: |
| ID: |
| description: "Actual commit ID of external tool." |
| type: "string" |
| example: "cfb82a876ecc11b5ca0977d1733adbe58599088a" |
| Expected: |
| description: | |
| Commit ID of external tool expected by dockerd as set at build time. |
| type: "string" |
| example: "2d41c047c83e09a6d61d464906feb2a2f3c52aa4" |
| |
| SwarmInfo: |
| description: | |
| Represents generic information about swarm. |
| type: "object" |
| properties: |
| NodeID: |
| description: "Unique identifier of for this node in the swarm." |
| type: "string" |
| default: "" |
| example: "k67qz4598weg5unwwffg6z1m1" |
| NodeAddr: |
| description: | |
| IP address at which this node can be reached by other nodes in the |
| swarm. |
| type: "string" |
| default: "" |
| example: "10.0.0.46" |
| LocalNodeState: |
| $ref: "#/definitions/LocalNodeState" |
| ControlAvailable: |
| type: "boolean" |
| default: false |
| example: true |
| Error: |
| type: "string" |
| default: "" |
| RemoteManagers: |
| description: | |
| List of ID's and addresses of other managers in the swarm. |
| type: "array" |
| default: null |
| x-nullable: true |
| items: |
| $ref: "#/definitions/PeerNode" |
| example: |
| - NodeID: "71izy0goik036k48jg985xnds" |
| Addr: "10.0.0.158:2377" |
| - NodeID: "79y6h1o4gv8n120drcprv5nmc" |
| Addr: "10.0.0.159:2377" |
| - NodeID: "k67qz4598weg5unwwffg6z1m1" |
| Addr: "10.0.0.46:2377" |
| Nodes: |
| description: "Total number of nodes in the swarm." |
| type: "integer" |
| x-nullable: true |
| example: 4 |
| Managers: |
| description: "Total number of managers in the swarm." |
| type: "integer" |
| x-nullable: true |
| example: 3 |
| Cluster: |
| $ref: "#/definitions/ClusterInfo" |
| |
| LocalNodeState: |
| description: "Current local status of this node." |
| type: "string" |
| default: "" |
| enum: |
| - "" |
| - "inactive" |
| - "pending" |
| - "active" |
| - "error" |
| - "locked" |
| example: "active" |
| |
| PeerNode: |
| description: "Represents a peer-node in the swarm" |
| type: "object" |
| properties: |
| NodeID: |
| description: "Unique identifier of for this node in the swarm." |
| type: "string" |
| Addr: |
| description: | |
| IP address and ports at which this node can be reached. |
| type: "string" |
| |
| NetworkAttachmentConfig: |
| description: | |
| Specifies how a service should be attached to a particular network. |
| type: "object" |
| properties: |
| Target: |
| description: | |
| The target network for attachment. Must be a network name or ID. |
| type: "string" |
| Aliases: |
| description: | |
| Discoverable alternate names for the service on this network. |
| type: "array" |
| items: |
| type: "string" |
| DriverOpts: |
| description: | |
| Driver attachment options for the network target. |
| type: "object" |
| additionalProperties: |
| type: "string" |
| |
| EventActor: |
| description: | |
| Actor describes something that generates events, like a container, network, |
| or a volume. |
| type: "object" |
| properties: |
| ID: |
| description: "The ID of the object emitting the event" |
| type: "string" |
| example: "ede54ee1afda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c743" |
| Attributes: |
| description: | |
| Various key/value attributes of the object, depending on its type. |
| type: "object" |
| additionalProperties: |
| type: "string" |
| example: |
| com.example.some-label: "some-label-value" |
| image: "alpine:latest" |
| name: "my-container" |
| |
| EventMessage: |
| description: | |
| EventMessage represents the information an event contains. |
| type: "object" |
| title: "SystemEventsResponse" |
| properties: |
| Type: |
| description: "The type of object emitting the event" |
| type: "string" |
| enum: ["builder", "config", "container", "daemon", "image", "network", "node", "plugin", "secret", "service", "volume"] |
| example: "container" |
| Action: |
| description: "The type of event" |
| type: "string" |
| example: "create" |
| Actor: |
| $ref: "#/definitions/EventActor" |
| scope: |
| description: | |
| Scope of the event. Engine events are `local` scope. Cluster (Swarm) |
| events are `swarm` scope. |
| type: "string" |
| enum: ["local", "swarm"] |
| time: |
| description: "Timestamp of event" |
| type: "integer" |
| format: "int64" |
| example: 1629574695 |
| timeNano: |
| description: "Timestamp of event, with nanosecond accuracy" |
| type: "integer" |
| format: "int64" |
| example: 1629574695515050031 |
| |
| OCIDescriptor: |
| type: "object" |
| x-go-name: Descriptor |
| description: | |
| A descriptor struct containing digest, media type, and size, as defined in |
| the [OCI Content Descriptors Specification](https://github.com/opencontainers/image-spec/blob/v1.0.1/descriptor.md). |
| properties: |
| mediaType: |
| description: | |
| The media type of the object this schema refers to. |
| type: "string" |
| example: "application/vnd.docker.distribution.manifest.v2+json" |
| digest: |
| description: | |
| The digest of the targeted content. |
| type: "string" |
| example: "sha256:c0537ff6a5218ef531ece93d4984efc99bbf3f7497c0a7726c88e2bb7584dc96" |
| size: |
| description: | |
| The size in bytes of the blob. |
| type: "integer" |
| format: "int64" |
| example: 3987495 |
| # TODO Not yet including these fields for now, as they are nil / omitted in our response. |
| # urls: |
| # description: | |
| # List of URLs from which this object MAY be downloaded. |
| # type: "array" |
| # items: |
| # type: "string" |
| # format: "uri" |
| # annotations: |
| # description: | |
| # Arbitrary metadata relating to the targeted content. |
| # type: "object" |
| # additionalProperties: |
| # type: "string" |
| # platform: |
| # $ref: "#/definitions/OCIPlatform" |
| |
| OCIPlatform: |
| type: "object" |
| x-go-name: Platform |
| description: | |
| Describes the platform which the image in the manifest runs on, as defined |
| in the [OCI Image Index Specification](https://github.com/opencontainers/image-spec/blob/v1.0.1/image-index.md). |
| properties: |
| architecture: |
| description: | |
| The CPU architecture, for example `amd64` or `ppc64`. |
| type: "string" |
| example: "arm" |
| os: |
| description: | |
| The operating system, for example `linux` or `windows`. |
| type: "string" |
| example: "windows" |
| os.version: |
| description: | |
| Optional field specifying the operating system version, for example on |
| Windows `10.0.19041.1165`. |
| type: "string" |
| example: "10.0.19041.1165" |
| os.features: |
| description: | |
| Optional field specifying an array of strings, each listing a required |
| OS feature (for example on Windows `win32k`). |
| type: "array" |
| items: |
| type: "string" |
| example: |
| - "win32k" |
| variant: |
| description: | |
| Optional field specifying a variant of the CPU, for example `v7` to |
| specify ARMv7 when architecture is `arm`. |
| type: "string" |
| example: "v7" |
| |
| DistributionInspect: |
| type: "object" |
| x-go-name: DistributionInspect |
| title: "DistributionInspectResponse" |
| required: [Descriptor, Platforms] |
| description: | |
| Describes the result obtained from contacting the registry to retrieve |
| image metadata. |
| properties: |
| Descriptor: |
| $ref: "#/definitions/OCIDescriptor" |
| Platforms: |
| type: "array" |
| description: | |
| An array containing all platforms supported by the image. |
| items: |
| $ref: "#/definitions/OCIPlatform" |
| |
| ClusterVolume: |
| type: "object" |
| description: | |
| Options and information specific to, and only present on, Swarm CSI |
| cluster volumes. |
| properties: |
| ID: |
| type: "string" |
| description: | |
| The Swarm ID of this volume. Because cluster volumes are Swarm |
| objects, they have an ID, unlike non-cluster volumes. This ID can |
| be used to refer to the Volume instead of the name. |
| Version: |
| $ref: "#/definitions/ObjectVersion" |
| CreatedAt: |
| type: "string" |
| format: "dateTime" |
| UpdatedAt: |
| type: "string" |
| format: "dateTime" |
| Spec: |
| $ref: "#/definitions/ClusterVolumeSpec" |
| Info: |
| type: "object" |
| description: | |
| Information about the global status of the volume. |
| properties: |
| CapacityBytes: |
| type: "integer" |
| format: "int64" |
| description: | |
| The capacity of the volume in bytes. A value of 0 indicates that |
| the capacity is unknown. |
| VolumeContext: |
| type: "object" |
| description: | |
| A map of strings to strings returned from the storage plugin when |
| the volume is created. |
| additionalProperties: |
| type: "string" |
| VolumeID: |
| type: "string" |
| description: | |
| The ID of the volume as returned by the CSI storage plugin. This |
| is distinct from the volume's ID as provided by Docker. This ID |
| is never used by the user when communicating with Docker to refer |
| to this volume. If the ID is blank, then the Volume has not been |
| successfully created in the plugin yet. |
| AccessibleTopology: |
| type: "array" |
| description: | |
| The topology this volume is actually accessible from. |
| items: |
| $ref: "#/definitions/Topology" |
| PublishStatus: |
| type: "array" |
| description: | |
| The status of the volume as it pertains to its publishing and use on |
| specific nodes |
| items: |
| type: "object" |
| properties: |
| NodeID: |
| type: "string" |
| description: | |
| The ID of the Swarm node the volume is published on. |
| State: |
| type: "string" |
| description: | |
| The published state of the volume. |
| * `pending-publish` The volume should be published to this node, but the call to the controller plugin to do so has not yet been successfully completed. |
| * `published` The volume is published successfully to the node. |
| * `pending-node-unpublish` The volume should be unpublished from the node, and the manager is awaiting confirmation from the worker that it has done so. |
| * `pending-controller-unpublish` The volume is successfully unpublished from the node, but has not yet been successfully unpublished on the controller. |
| enum: |
| - "pending-publish" |
| - "published" |
| - "pending-node-unpublish" |
| - "pending-controller-unpublish" |
| PublishContext: |
| type: "object" |
| description: | |
| A map of strings to strings returned by the CSI controller |
| plugin when a volume is published. |
| additionalProperties: |
| type: "string" |
| |
| ClusterVolumeSpec: |
| type: "object" |
| description: | |
| Cluster-specific options used to create the volume. |
| properties: |
| Group: |
| type: "string" |
| description: | |
| Group defines the volume group of this volume. Volumes belonging to |
| the same group can be referred to by group name when creating |
| Services. Referring to a volume by group instructs Swarm to treat |
| volumes in that group interchangeably for the purpose of scheduling. |
| Volumes with an empty string for a group technically all belong to |
| the same, emptystring group. |
| AccessMode: |
| type: "object" |
| description: | |
| Defines how the volume is used by tasks. |
| properties: |
| Scope: |
| type: "string" |
| description: | |
| The set of nodes this volume can be used on at one time. |
| - `single` The volume may only be scheduled to one node at a time. |
| - `multi` the volume may be scheduled to any supported number of nodes at a time. |
| default: "single" |
| enum: ["single", "multi"] |
| x-nullable: false |
| Sharing: |
| type: "string" |
| description: | |
| The number and way that different tasks can use this volume |
| at one time. |
| - `none` The volume may only be used by one task at a time. |
| - `readonly` The volume may be used by any number of tasks, but they all must mount the volume as readonly |
| - `onewriter` The volume may be used by any number of tasks, but only one may mount it as read/write. |
| - `all` The volume may have any number of readers and writers. |
| default: "none" |
| enum: ["none", "readonly", "onewriter", "all"] |
| x-nullable: false |
| MountVolume: |
| type: "object" |
| description: | |
| Options for using this volume as a Mount-type volume. |
| |
| Either MountVolume or BlockVolume, but not both, must be |
| present. |
| properties: |
| FsType: |
| type: "string" |
| description: | |
| Specifies the filesystem type for the mount volume. |
| Optional. |
| MountFlags: |
| type: "array" |
| description: | |
| Flags to pass when mounting the volume. Optional. |
| items: |
| type: "string" |
| BlockVolume: |
| type: "object" |
| description: | |
| Options for using this volume as a Block-type volume. |
| Intentionally empty. |
| Secrets: |
| type: "array" |
| description: | |
| Swarm Secrets that are passed to the CSI storage plugin when |
| operating on this volume. |
| items: |
| type: "object" |
| description: | |
| One cluster volume secret entry. Defines a key-value pair that |
| is passed to the plugin. |
| properties: |
| Key: |
| type: "string" |
| description: | |
| Key is the name of the key of the key-value pair passed to |
| the plugin. |
| Secret: |
| type: "string" |
| description: | |
| Secret is the swarm Secret object from which to read data. |
| This can be a Secret name or ID. The Secret data is |
| retrieved by swarm and used as the value of the key-value |
| pair passed to the plugin. |
| AccessibilityRequirements: |
| type: "object" |
| description: | |
| Requirements for the accessible topology of the volume. These |
| fields are optional. For an in-depth description of what these |
| fields mean, see the CSI specification. |
| properties: |
| Requisite: |
| type: "array" |
| description: | |
| A list of required topologies, at least one of which the |
| volume must be accessible from. |
| items: |
| $ref: "#/definitions/Topology" |
| Preferred: |
| type: "array" |
| description: | |
| A list of topologies that the volume should attempt to be |
| provisioned in. |
| items: |
| $ref: "#/definitions/Topology" |
| CapacityRange: |
| type: "object" |
| description: | |
| The desired capacity that the volume should be created with. If |
| empty, the plugin will decide the capacity. |
| properties: |
| RequiredBytes: |
| type: "integer" |
| format: "int64" |
| description: | |
| The volume must be at least this big. The value of 0 |
| indicates an unspecified minimum |
| LimitBytes: |
| type: "integer" |
| format: "int64" |
| description: | |
| The volume must not be bigger than this. The value of 0 |
| indicates an unspecified maximum. |
| Availability: |
| type: "string" |
| description: | |
| The availability of the volume for use in tasks. |
| - `active` The volume is fully available for scheduling on the cluster |
| - `pause` No new workloads should use the volume, but existing workloads are not stopped. |
| - `drain` All workloads using this volume should be stopped and rescheduled, and no new ones should be started. |
| default: "active" |
| x-nullable: false |
| enum: |
| - "active" |
| - "pause" |
| - "drain" |
| |
| Topology: |
| description: | |
| A map of topological domains to topological segments. For in depth |
| details, see documentation for the Topology object in the CSI |
| specification. |
| type: "object" |
| additionalProperties: |
| type: "string" |
| |
| paths: |
| /containers/json: |
| get: |
| summary: "List containers" |
| description: | |
| Returns a list of containers. For details on the format, see the |
| [inspect endpoint](#operation/ContainerInspect). |
| |
| Note that it uses a different, smaller representation of a container |
| than inspecting a single container. For example, the list of linked |
| containers is not propagated . |
| operationId: "ContainerList" |
| produces: |
| - "application/json" |
| parameters: |
| - name: "all" |
| in: "query" |
| description: | |
| Return all containers. By default, only running containers are shown. |
| type: "boolean" |
| default: false |
| - name: "limit" |
| in: "query" |
| description: | |
| Return this number of most recently created containers, including |
| non-running ones. |
| type: "integer" |
| - name: "size" |
| in: "query" |
| description: | |
| Return the size of container as fields `SizeRw` and `SizeRootFs`. |
| type: "boolean" |
| default: false |
| - name: "filters" |
| in: "query" |
| description: | |
| Filters to process on the container list, encoded as JSON (a |
| `map[string][]string`). For example, `{"status": ["paused"]}` will |
| only return paused containers. |
| |
| Available filters: |
| |
| - `ancestor`=(`<image-name>[:<tag>]`, `<image id>`, or `<image@digest>`) |
| - `before`=(`<container id>` or `<container name>`) |
| - `expose`=(`<port>[/<proto>]`|`<startport-endport>/[<proto>]`) |
| - `exited=<int>` containers with exit code of `<int>` |
| - `health`=(`starting`|`healthy`|`unhealthy`|`none`) |
| - `id=<ID>` a container's ID |
| - `isolation=`(`default`|`process`|`hyperv`) (Windows daemon only) |
| - `is-task=`(`true`|`false`) |
| - `label=key` or `label="key=value"` of a container label |
| - `name=<name>` a container's name |
| - `network`=(`<network id>` or `<network name>`) |
| - `publish`=(`<port>[/<proto>]`|`<startport-endport>/[<proto>]`) |
| - `since`=(`<container id>` or `<container name>`) |
| - `status=`(`created`|`restarting`|`running`|`removing`|`paused`|`exited`|`dead`) |
| - `volume`=(`<volume name>` or `<mount point destination>`) |
| type: "string" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/ContainerSummary" |
| examples: |
| application/json: |
| - Id: "8dfafdbc3a40" |
| Names: |
| - "/boring_feynman" |
| Image: "ubuntu:latest" |
| ImageID: "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82" |
| Command: "echo 1" |
| Created: 1367854155 |
| State: "Exited" |
| Status: "Exit 0" |
| Ports: |
| - PrivatePort: 2222 |
| PublicPort: 3333 |
| Type: "tcp" |
| Labels: |
| com.example.vendor: "Acme" |
| com.example.license: "GPL" |
| com.example.version: "1.0" |
| SizeRw: 12288 |
| SizeRootFs: 0 |
| HostConfig: |
| NetworkMode: "default" |
| NetworkSettings: |
| Networks: |
| bridge: |
| NetworkID: "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812" |
| EndpointID: "2cdc4edb1ded3631c81f57966563e5c8525b81121bb3706a9a9a3ae102711f3f" |
| Gateway: "172.17.0.1" |
| IPAddress: "172.17.0.2" |
| IPPrefixLen: 16 |
| IPv6Gateway: "" |
| GlobalIPv6Address: "" |
| GlobalIPv6PrefixLen: 0 |
| MacAddress: "02:42:ac:11:00:02" |
| Mounts: |
| - Name: "fac362...80535" |
| Source: "/data" |
| Destination: "/data" |
| Driver: "local" |
| Mode: "ro,Z" |
| RW: false |
| Propagation: "" |
| - Id: "9cd87474be90" |
| Names: |
| - "/coolName" |
| Image: "ubuntu:latest" |
| ImageID: "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82" |
| Command: "echo 222222" |
| Created: 1367854155 |
| State: "Exited" |
| Status: "Exit 0" |
| Ports: [] |
| Labels: {} |
| SizeRw: 12288 |
| SizeRootFs: 0 |
| HostConfig: |
| NetworkMode: "default" |
| NetworkSettings: |
| Networks: |
| bridge: |
| NetworkID: "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812" |
| EndpointID: "88eaed7b37b38c2a3f0c4bc796494fdf51b270c2d22656412a2ca5d559a64d7a" |
| Gateway: "172.17.0.1" |
| IPAddress: "172.17.0.8" |
| IPPrefixLen: 16 |
| IPv6Gateway: "" |
| GlobalIPv6Address: "" |
| GlobalIPv6PrefixLen: 0 |
| MacAddress: "02:42:ac:11:00:08" |
| Mounts: [] |
| - Id: "3176a2479c92" |
| Names: |
| - "/sleepy_dog" |
| Image: "ubuntu:latest" |
| ImageID: "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82" |
| Command: "echo 3333333333333333" |
| Created: 1367854154 |
| State: "Exited" |
| Status: "Exit 0" |
| Ports: [] |
| Labels: {} |
| SizeRw: 12288 |
| SizeRootFs: 0 |
| HostConfig: |
| NetworkMode: "default" |
| NetworkSettings: |
| Networks: |
| bridge: |
| NetworkID: "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812" |
| EndpointID: "8b27c041c30326d59cd6e6f510d4f8d1d570a228466f956edf7815508f78e30d" |
| Gateway: "172.17.0.1" |
| IPAddress: "172.17.0.6" |
| IPPrefixLen: 16 |
| IPv6Gateway: "" |
| GlobalIPv6Address: "" |
| GlobalIPv6PrefixLen: 0 |
| MacAddress: "02:42:ac:11:00:06" |
| Mounts: [] |
| - Id: "4cb07b47f9fb" |
| Names: |
| - "/running_cat" |
| Image: "ubuntu:latest" |
| ImageID: "d74508fb6632491cea586a1fd7d748dfc5274cd6fdfedee309ecdcbc2bf5cb82" |
| Command: "echo 444444444444444444444444444444444" |
| Created: 1367854152 |
| State: "Exited" |
| Status: "Exit 0" |
| Ports: [] |
| Labels: {} |
| SizeRw: 12288 |
| SizeRootFs: 0 |
| HostConfig: |
| NetworkMode: "default" |
| NetworkSettings: |
| Networks: |
| bridge: |
| NetworkID: "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812" |
| EndpointID: "d91c7b2f0644403d7ef3095985ea0e2370325cd2332ff3a3225c4247328e66e9" |
| Gateway: "172.17.0.1" |
| IPAddress: "172.17.0.5" |
| IPPrefixLen: 16 |
| IPv6Gateway: "" |
| GlobalIPv6Address: "" |
| GlobalIPv6PrefixLen: 0 |
| MacAddress: "02:42:ac:11:00:05" |
| Mounts: [] |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Container"] |
| /containers/create: |
| post: |
| summary: "Create a container" |
| operationId: "ContainerCreate" |
| consumes: |
| - "application/json" |
| - "application/octet-stream" |
| produces: |
| - "application/json" |
| parameters: |
| - name: "name" |
| in: "query" |
| description: | |
| Assign the specified name to the container. Must match |
| `/?[a-zA-Z0-9][a-zA-Z0-9_.-]+`. |
| type: "string" |
| pattern: "^/?[a-zA-Z0-9][a-zA-Z0-9_.-]+$" |
| - name: "platform" |
| in: "query" |
| description: | |
| Platform in the format `os[/arch[/variant]]` used for image lookup. |
| |
| When specified, the daemon checks if the requested image is present |
| in the local image cache with the given OS and Architecture, and |
| otherwise returns a `404` status. |
| |
| If the option is not set, the host's native OS and Architecture are |
| used to look up the image in the image cache. However, if no platform |
| is passed and the given image does exist in the local image cache, |
| but its OS or architecture does not match, the container is created |
| with the available image, and a warning is added to the `Warnings` |
| field in the response, for example; |
| |
| WARNING: The requested image's platform (linux/arm64/v8) does not |
| match the detected host platform (linux/amd64) and no |
| specific platform was requested |
| |
| type: "string" |
| default: "" |
| - name: "body" |
| in: "body" |
| description: "Container to create" |
| schema: |
| allOf: |
| - $ref: "#/definitions/ContainerConfig" |
| - type: "object" |
| properties: |
| HostConfig: |
| $ref: "#/definitions/HostConfig" |
| NetworkingConfig: |
| $ref: "#/definitions/NetworkingConfig" |
| example: |
| Hostname: "" |
| Domainname: "" |
| User: "" |
| AttachStdin: false |
| AttachStdout: true |
| AttachStderr: true |
| Tty: false |
| OpenStdin: false |
| StdinOnce: false |
| Env: |
| - "FOO=bar" |
| - "BAZ=quux" |
| Cmd: |
| - "date" |
| Entrypoint: "" |
| Image: "ubuntu" |
| Labels: |
| com.example.vendor: "Acme" |
| com.example.license: "GPL" |
| com.example.version: "1.0" |
| Volumes: |
| /volumes/data: {} |
| WorkingDir: "" |
| NetworkDisabled: false |
| MacAddress: "12:34:56:78:9a:bc" |
| ExposedPorts: |
| 22/tcp: {} |
| StopSignal: "SIGTERM" |
| StopTimeout: 10 |
| HostConfig: |
| Binds: |
| - "/tmp:/tmp" |
| Links: |
| - "redis3:redis" |
| Memory: 0 |
| MemorySwap: 0 |
| MemoryReservation: 0 |
| NanoCpus: 500000 |
| CpuPercent: 80 |
| CpuShares: 512 |
| CpuPeriod: 100000 |
| CpuRealtimePeriod: 1000000 |
| CpuRealtimeRuntime: 10000 |
| CpuQuota: 50000 |
| CpusetCpus: "0,1" |
| CpusetMems: "0,1" |
| MaximumIOps: 0 |
| MaximumIOBps: 0 |
| BlkioWeight: 300 |
| BlkioWeightDevice: |
| - {} |
| BlkioDeviceReadBps: |
| - {} |
| BlkioDeviceReadIOps: |
| - {} |
| BlkioDeviceWriteBps: |
| - {} |
| BlkioDeviceWriteIOps: |
| - {} |
| DeviceRequests: |
| - Driver: "nvidia" |
| Count: -1 |
| DeviceIDs": ["0", "1", "GPU-fef8089b-4820-abfc-e83e-94318197576e"] |
| Capabilities: [["gpu", "nvidia", "compute"]] |
| Options: |
| property1: "string" |
| property2: "string" |
| MemorySwappiness: 60 |
| OomKillDisable: false |
| OomScoreAdj: 500 |
| PidMode: "" |
| PidsLimit: 0 |
| PortBindings: |
| 22/tcp: |
| - HostPort: "11022" |
| PublishAllPorts: false |
| Privileged: false |
| ReadonlyRootfs: false |
| Dns: |
| - "8.8.8.8" |
| DnsOptions: |
| - "" |
| DnsSearch: |
| - "" |
| VolumesFrom: |
| - "parent" |
| - "other:ro" |
| CapAdd: |
| - "NET_ADMIN" |
| CapDrop: |
| - "MKNOD" |
| GroupAdd: |
| - "newgroup" |
| RestartPolicy: |
| Name: "" |
| MaximumRetryCount: 0 |
| AutoRemove: true |
| NetworkMode: "bridge" |
| Devices: [] |
| Ulimits: |
| - {} |
| LogConfig: |
| Type: "json-file" |
| Config: {} |
| SecurityOpt: [] |
| StorageOpt: {} |
| CgroupParent: "" |
| VolumeDriver: "" |
| ShmSize: 67108864 |
| NetworkingConfig: |
| EndpointsConfig: |
| isolated_nw: |
| IPAMConfig: |
| IPv4Address: "172.20.30.33" |
| IPv6Address: "2001:db8:abcd::3033" |
| LinkLocalIPs: |
| - "169.254.34.68" |
| - "fe80::3468" |
| Links: |
| - "container_1" |
| - "container_2" |
| Aliases: |
| - "server_x" |
| - "server_y" |
| |
| required: true |
| responses: |
| 201: |
| description: "Container created successfully" |
| schema: |
| $ref: "#/definitions/ContainerCreateResponse" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such image" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such image: c2ada9df5af8" |
| 409: |
| description: "conflict" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Container"] |
| /containers/{id}/json: |
| get: |
| summary: "Inspect a container" |
| description: "Return low-level information about a container." |
| operationId: "ContainerInspect" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "object" |
| title: "ContainerInspectResponse" |
| properties: |
| Id: |
| description: "The ID of the container" |
| type: "string" |
| Created: |
| description: "The time the container was created" |
| type: "string" |
| Path: |
| description: "The path to the command being run" |
| type: "string" |
| Args: |
| description: "The arguments to the command being run" |
| type: "array" |
| items: |
| type: "string" |
| State: |
| $ref: "#/definitions/ContainerState" |
| Image: |
| description: "The container's image ID" |
| type: "string" |
| ResolvConfPath: |
| type: "string" |
| HostnamePath: |
| type: "string" |
| HostsPath: |
| type: "string" |
| LogPath: |
| type: "string" |
| Name: |
| type: "string" |
| RestartCount: |
| type: "integer" |
| Driver: |
| type: "string" |
| Platform: |
| type: "string" |
| MountLabel: |
| type: "string" |
| ProcessLabel: |
| type: "string" |
| AppArmorProfile: |
| type: "string" |
| ExecIDs: |
| description: "IDs of exec instances that are running in the container." |
| type: "array" |
| items: |
| type: "string" |
| x-nullable: true |
| HostConfig: |
| $ref: "#/definitions/HostConfig" |
| GraphDriver: |
| $ref: "#/definitions/GraphDriverData" |
| SizeRw: |
| description: | |
| The size of files that have been created or changed by this |
| container. |
| type: "integer" |
| format: "int64" |
| SizeRootFs: |
| description: "The total size of all the files in this container." |
| type: "integer" |
| format: "int64" |
| Mounts: |
| type: "array" |
| items: |
| $ref: "#/definitions/MountPoint" |
| Config: |
| $ref: "#/definitions/ContainerConfig" |
| NetworkSettings: |
| $ref: "#/definitions/NetworkSettings" |
| examples: |
| application/json: |
| AppArmorProfile: "" |
| Args: |
| - "-c" |
| - "exit 9" |
| Config: |
| AttachStderr: true |
| AttachStdin: false |
| AttachStdout: true |
| Cmd: |
| - "/bin/sh" |
| - "-c" |
| - "exit 9" |
| Domainname: "" |
| Env: |
| - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" |
| Healthcheck: |
| Test: ["CMD-SHELL", "exit 0"] |
| Hostname: "ba033ac44011" |
| Image: "ubuntu" |
| Labels: |
| com.example.vendor: "Acme" |
| com.example.license: "GPL" |
| com.example.version: "1.0" |
| MacAddress: "" |
| NetworkDisabled: false |
| OpenStdin: false |
| StdinOnce: false |
| Tty: false |
| User: "" |
| Volumes: |
| /volumes/data: {} |
| WorkingDir: "" |
| StopSignal: "SIGTERM" |
| StopTimeout: 10 |
| Created: "2015-01-06T15:47:31.485331387Z" |
| Driver: "devicemapper" |
| ExecIDs: |
| - "b35395de42bc8abd327f9dd65d913b9ba28c74d2f0734eeeae84fa1c616a0fca" |
| - "3fc1232e5cd20c8de182ed81178503dc6437f4e7ef12b52cc5e8de020652f1c4" |
| HostConfig: |
| MaximumIOps: 0 |
| MaximumIOBps: 0 |
| BlkioWeight: 0 |
| BlkioWeightDevice: |
| - {} |
| BlkioDeviceReadBps: |
| - {} |
| BlkioDeviceWriteBps: |
| - {} |
| BlkioDeviceReadIOps: |
| - {} |
| BlkioDeviceWriteIOps: |
| - {} |
| ContainerIDFile: "" |
| CpusetCpus: "" |
| CpusetMems: "" |
| CpuPercent: 80 |
| CpuShares: 0 |
| CpuPeriod: 100000 |
| CpuRealtimePeriod: 1000000 |
| CpuRealtimeRuntime: 10000 |
| Devices: [] |
| DeviceRequests: |
| - Driver: "nvidia" |
| Count: -1 |
| DeviceIDs": ["0", "1", "GPU-fef8089b-4820-abfc-e83e-94318197576e"] |
| Capabilities: [["gpu", "nvidia", "compute"]] |
| Options: |
| property1: "string" |
| property2: "string" |
| IpcMode: "" |
| Memory: 0 |
| MemorySwap: 0 |
| MemoryReservation: 0 |
| OomKillDisable: false |
| OomScoreAdj: 500 |
| NetworkMode: "bridge" |
| PidMode: "" |
| PortBindings: {} |
| Privileged: false |
| ReadonlyRootfs: false |
| PublishAllPorts: false |
| RestartPolicy: |
| MaximumRetryCount: 2 |
| Name: "on-failure" |
| LogConfig: |
| Type: "json-file" |
| Sysctls: |
| net.ipv4.ip_forward: "1" |
| Ulimits: |
| - {} |
| VolumeDriver: "" |
| ShmSize: 67108864 |
| HostnamePath: "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hostname" |
| HostsPath: "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/hosts" |
| LogPath: "/var/lib/docker/containers/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b/1eb5fabf5a03807136561b3c00adcd2992b535d624d5e18b6cdc6a6844d9767b-json.log" |
| Id: "ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39" |
| Image: "04c5d3b7b0656168630d3ba35d8889bd0e9caafcaeb3004d2bfbc47e7c5d35d2" |
| MountLabel: "" |
| Name: "/boring_euclid" |
| NetworkSettings: |
| Bridge: "" |
| SandboxID: "" |
| HairpinMode: false |
| LinkLocalIPv6Address: "" |
| LinkLocalIPv6PrefixLen: 0 |
| SandboxKey: "" |
| EndpointID: "" |
| Gateway: "" |
| GlobalIPv6Address: "" |
| GlobalIPv6PrefixLen: 0 |
| IPAddress: "" |
| IPPrefixLen: 0 |
| IPv6Gateway: "" |
| MacAddress: "" |
| Networks: |
| bridge: |
| NetworkID: "7ea29fc1412292a2d7bba362f9253545fecdfa8ce9a6e37dd10ba8bee7129812" |
| EndpointID: "7587b82f0dada3656fda26588aee72630c6fab1536d36e394b2bfbcf898c971d" |
| Gateway: "172.17.0.1" |
| IPAddress: "172.17.0.2" |
| IPPrefixLen: 16 |
| IPv6Gateway: "" |
| GlobalIPv6Address: "" |
| GlobalIPv6PrefixLen: 0 |
| MacAddress: "02:42:ac:12:00:02" |
| Path: "/bin/sh" |
| ProcessLabel: "" |
| ResolvConfPath: "/var/lib/docker/containers/ba033ac4401106a3b513bc9d639eee123ad78ca3616b921167cd74b20e25ed39/resolv.conf" |
| RestartCount: 1 |
| State: |
| Error: "" |
| ExitCode: 9 |
| FinishedAt: "2015-01-06T15:47:32.080254511Z" |
| Health: |
| Status: "healthy" |
| FailingStreak: 0 |
| Log: |
| - Start: "2019-12-22T10:59:05.6385933Z" |
| End: "2019-12-22T10:59:05.8078452Z" |
| ExitCode: 0 |
| Output: "" |
| OOMKilled: false |
| Dead: false |
| Paused: false |
| Pid: 0 |
| Restarting: false |
| Running: true |
| StartedAt: "2015-01-06T15:47:32.072697474Z" |
| Status: "running" |
| Mounts: |
| - Name: "fac362...80535" |
| Source: "/data" |
| Destination: "/data" |
| Driver: "local" |
| Mode: "ro,Z" |
| RW: false |
| Propagation: "" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "size" |
| in: "query" |
| type: "boolean" |
| default: false |
| description: "Return the size of container as fields `SizeRw` and `SizeRootFs`" |
| tags: ["Container"] |
| /containers/{id}/top: |
| get: |
| summary: "List processes running inside a container" |
| description: | |
| On Unix systems, this is done by running the `ps` command. This endpoint |
| is not supported on Windows. |
| operationId: "ContainerTop" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "object" |
| title: "ContainerTopResponse" |
| description: "OK response to ContainerTop operation" |
| properties: |
| Titles: |
| description: "The ps column titles" |
| type: "array" |
| items: |
| type: "string" |
| Processes: |
| description: | |
| Each process running in the container, where each is process |
| is an array of values corresponding to the titles. |
| type: "array" |
| items: |
| type: "array" |
| items: |
| type: "string" |
| examples: |
| application/json: |
| Titles: |
| - "UID" |
| - "PID" |
| - "PPID" |
| - "C" |
| - "STIME" |
| - "TTY" |
| - "TIME" |
| - "CMD" |
| Processes: |
| - |
| - "root" |
| - "13642" |
| - "882" |
| - "0" |
| - "17:03" |
| - "pts/0" |
| - "00:00:00" |
| - "/bin/bash" |
| - |
| - "root" |
| - "13735" |
| - "13642" |
| - "0" |
| - "17:06" |
| - "pts/0" |
| - "00:00:00" |
| - "sleep 10" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "ps_args" |
| in: "query" |
| description: "The arguments to pass to `ps`. For example, `aux`" |
| type: "string" |
| default: "-ef" |
| tags: ["Container"] |
| /containers/{id}/logs: |
| get: |
| summary: "Get container logs" |
| description: | |
| Get `stdout` and `stderr` logs from a container. |
| |
| Note: This endpoint works only for containers with the `json-file` or |
| `journald` logging driver. |
| produces: |
| - "application/vnd.docker.raw-stream" |
| - "application/vnd.docker.multiplexed-stream" |
| operationId: "ContainerLogs" |
| responses: |
| 200: |
| description: | |
| logs returned as a stream in response body. |
| For the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach). |
| Note that unlike the attach endpoint, the logs endpoint does not |
| upgrade the connection and does not set Content-Type. |
| schema: |
| type: "string" |
| format: "binary" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "follow" |
| in: "query" |
| description: "Keep connection after returning logs." |
| type: "boolean" |
| default: false |
| - name: "stdout" |
| in: "query" |
| description: "Return logs from `stdout`" |
| type: "boolean" |
| default: false |
| - name: "stderr" |
| in: "query" |
| description: "Return logs from `stderr`" |
| type: "boolean" |
| default: false |
| - name: "since" |
| in: "query" |
| description: "Only return logs since this time, as a UNIX timestamp" |
| type: "integer" |
| default: 0 |
| - name: "until" |
| in: "query" |
| description: "Only return logs before this time, as a UNIX timestamp" |
| type: "integer" |
| default: 0 |
| - name: "timestamps" |
| in: "query" |
| description: "Add timestamps to every log line" |
| type: "boolean" |
| default: false |
| - name: "tail" |
| in: "query" |
| description: | |
| Only return this number of log lines from the end of the logs. |
| Specify as an integer or `all` to output all log lines. |
| type: "string" |
| default: "all" |
| tags: ["Container"] |
| /containers/{id}/changes: |
| get: |
| summary: "Get changes on a container’s filesystem" |
| description: | |
| Returns which files in a container's filesystem have been added, deleted, |
| or modified. The `Kind` of modification can be one of: |
| |
| - `0`: Modified |
| - `1`: Added |
| - `2`: Deleted |
| operationId: "ContainerChanges" |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "The list of changes" |
| schema: |
| type: "array" |
| items: |
| type: "object" |
| x-go-name: "ContainerChangeResponseItem" |
| title: "ContainerChangeResponseItem" |
| description: "change item in response to ContainerChanges operation" |
| required: [Path, Kind] |
| properties: |
| Path: |
| description: "Path to file that has changed" |
| type: "string" |
| x-nullable: false |
| Kind: |
| description: "Kind of change" |
| type: "integer" |
| format: "uint8" |
| enum: [0, 1, 2] |
| x-nullable: false |
| examples: |
| application/json: |
| - Path: "/dev" |
| Kind: 0 |
| - Path: "/dev/kmsg" |
| Kind: 1 |
| - Path: "/test" |
| Kind: 1 |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| tags: ["Container"] |
| /containers/{id}/export: |
| get: |
| summary: "Export a container" |
| description: "Export the contents of a container as a tarball." |
| operationId: "ContainerExport" |
| produces: |
| - "application/octet-stream" |
| responses: |
| 200: |
| description: "no error" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| tags: ["Container"] |
| /containers/{id}/stats: |
| get: |
| summary: "Get container stats based on resource usage" |
| description: | |
| This endpoint returns a live stream of a container’s resource usage |
| statistics. |
| |
| The `precpu_stats` is the CPU statistic of the *previous* read, and is |
| used to calculate the CPU usage percentage. It is not an exact copy |
| of the `cpu_stats` field. |
| |
| If either `precpu_stats.online_cpus` or `cpu_stats.online_cpus` is |
| nil then for compatibility with older daemons the length of the |
| corresponding `cpu_usage.percpu_usage` array should be used. |
| |
| On a cgroup v2 host, the following fields are not set |
| * `blkio_stats`: all fields other than `io_service_bytes_recursive` |
| * `cpu_stats`: `cpu_usage.percpu_usage` |
| * `memory_stats`: `max_usage` and `failcnt` |
| Also, `memory_stats.stats` fields are incompatible with cgroup v1. |
| |
| To calculate the values shown by the `stats` command of the docker cli tool |
| the following formulas can be used: |
| * used_memory = `memory_stats.usage - memory_stats.stats.cache` |
| * available_memory = `memory_stats.limit` |
| * Memory usage % = `(used_memory / available_memory) * 100.0` |
| * cpu_delta = `cpu_stats.cpu_usage.total_usage - precpu_stats.cpu_usage.total_usage` |
| * system_cpu_delta = `cpu_stats.system_cpu_usage - precpu_stats.system_cpu_usage` |
| * number_cpus = `lenght(cpu_stats.cpu_usage.percpu_usage)` or `cpu_stats.online_cpus` |
| * CPU usage % = `(cpu_delta / system_cpu_delta) * number_cpus * 100.0` |
| operationId: "ContainerStats" |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "object" |
| examples: |
| application/json: |
| read: "2015-01-08T22:57:31.547920715Z" |
| pids_stats: |
| current: 3 |
| networks: |
| eth0: |
| rx_bytes: 5338 |
| rx_dropped: 0 |
| rx_errors: 0 |
| rx_packets: 36 |
| tx_bytes: 648 |
| tx_dropped: 0 |
| tx_errors: 0 |
| tx_packets: 8 |
| eth5: |
| rx_bytes: 4641 |
| rx_dropped: 0 |
| rx_errors: 0 |
| rx_packets: 26 |
| tx_bytes: 690 |
| tx_dropped: 0 |
| tx_errors: 0 |
| tx_packets: 9 |
| memory_stats: |
| stats: |
| total_pgmajfault: 0 |
| cache: 0 |
| mapped_file: 0 |
| total_inactive_file: 0 |
| pgpgout: 414 |
| rss: 6537216 |
| total_mapped_file: 0 |
| writeback: 0 |
| unevictable: 0 |
| pgpgin: 477 |
| total_unevictable: 0 |
| pgmajfault: 0 |
| total_rss: 6537216 |
| total_rss_huge: 6291456 |
| total_writeback: 0 |
| total_inactive_anon: 0 |
| rss_huge: 6291456 |
| hierarchical_memory_limit: 67108864 |
| total_pgfault: 964 |
| total_active_file: 0 |
| active_anon: 6537216 |
| total_active_anon: 6537216 |
| total_pgpgout: 414 |
| total_cache: 0 |
| inactive_anon: 0 |
| active_file: 0 |
| pgfault: 964 |
| inactive_file: 0 |
| total_pgpgin: 477 |
| max_usage: 6651904 |
| usage: 6537216 |
| failcnt: 0 |
| limit: 67108864 |
| blkio_stats: {} |
| cpu_stats: |
| cpu_usage: |
| percpu_usage: |
| - 8646879 |
| - 24472255 |
| - 36438778 |
| - 30657443 |
| usage_in_usermode: 50000000 |
| total_usage: 100215355 |
| usage_in_kernelmode: 30000000 |
| system_cpu_usage: 739306590000000 |
| online_cpus: 4 |
| throttling_data: |
| periods: 0 |
| throttled_periods: 0 |
| throttled_time: 0 |
| precpu_stats: |
| cpu_usage: |
| percpu_usage: |
| - 8646879 |
| - 24350896 |
| - 36438778 |
| - 30657443 |
| usage_in_usermode: 50000000 |
| total_usage: 100093996 |
| usage_in_kernelmode: 30000000 |
| system_cpu_usage: 9492140000000 |
| online_cpus: 4 |
| throttling_data: |
| periods: 0 |
| throttled_periods: 0 |
| throttled_time: 0 |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "stream" |
| in: "query" |
| description: | |
| Stream the output. If false, the stats will be output once and then |
| it will disconnect. |
| type: "boolean" |
| default: true |
| - name: "one-shot" |
| in: "query" |
| description: | |
| Only get a single stat instead of waiting for 2 cycles. Must be used |
| with `stream=false`. |
| type: "boolean" |
| default: false |
| tags: ["Container"] |
| /containers/{id}/resize: |
| post: |
| summary: "Resize a container TTY" |
| description: "Resize the TTY for a container." |
| operationId: "ContainerResize" |
| consumes: |
| - "application/octet-stream" |
| produces: |
| - "text/plain" |
| responses: |
| 200: |
| description: "no error" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "cannot resize container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "h" |
| in: "query" |
| description: "Height of the TTY session in characters" |
| type: "integer" |
| - name: "w" |
| in: "query" |
| description: "Width of the TTY session in characters" |
| type: "integer" |
| tags: ["Container"] |
| /containers/{id}/start: |
| post: |
| summary: "Start a container" |
| operationId: "ContainerStart" |
| responses: |
| 204: |
| description: "no error" |
| 304: |
| description: "container already started" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "detachKeys" |
| in: "query" |
| description: | |
| Override the key sequence for detaching a container. Format is a |
| single character `[a-Z]` or `ctrl-<value>` where `<value>` is one |
| of: `a-z`, `@`, `^`, `[`, `,` or `_`. |
| type: "string" |
| tags: ["Container"] |
| /containers/{id}/stop: |
| post: |
| summary: "Stop a container" |
| operationId: "ContainerStop" |
| responses: |
| 204: |
| description: "no error" |
| 304: |
| description: "container already stopped" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "signal" |
| in: "query" |
| description: | |
| Signal to send to the container as an integer or string (e.g. `SIGINT`). |
| type: "string" |
| - name: "t" |
| in: "query" |
| description: "Number of seconds to wait before killing the container" |
| type: "integer" |
| tags: ["Container"] |
| /containers/{id}/restart: |
| post: |
| summary: "Restart a container" |
| operationId: "ContainerRestart" |
| responses: |
| 204: |
| description: "no error" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "signal" |
| in: "query" |
| description: | |
| Signal to send to the container as an integer or string (e.g. `SIGINT`). |
| type: "string" |
| - name: "t" |
| in: "query" |
| description: "Number of seconds to wait before killing the container" |
| type: "integer" |
| tags: ["Container"] |
| /containers/{id}/kill: |
| post: |
| summary: "Kill a container" |
| description: | |
| Send a POSIX signal to a container, defaulting to killing to the |
| container. |
| operationId: "ContainerKill" |
| responses: |
| 204: |
| description: "no error" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 409: |
| description: "container is not running" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "Container d37cde0fe4ad63c3a7252023b2f9800282894247d145cb5933ddf6e52cc03a28 is not running" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "signal" |
| in: "query" |
| description: | |
| Signal to send to the container as an integer or string (e.g. `SIGINT`). |
| type: "string" |
| default: "SIGKILL" |
| tags: ["Container"] |
| /containers/{id}/update: |
| post: |
| summary: "Update a container" |
| description: | |
| Change various configuration options of a container without having to |
| recreate it. |
| operationId: "ContainerUpdate" |
| consumes: ["application/json"] |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "The container has been updated." |
| schema: |
| type: "object" |
| title: "ContainerUpdateResponse" |
| description: "OK response to ContainerUpdate operation" |
| properties: |
| Warnings: |
| type: "array" |
| items: |
| type: "string" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "update" |
| in: "body" |
| required: true |
| schema: |
| allOf: |
| - $ref: "#/definitions/Resources" |
| - type: "object" |
| properties: |
| RestartPolicy: |
| $ref: "#/definitions/RestartPolicy" |
| example: |
| BlkioWeight: 300 |
| CpuShares: 512 |
| CpuPeriod: 100000 |
| CpuQuota: 50000 |
| CpuRealtimePeriod: 1000000 |
| CpuRealtimeRuntime: 10000 |
| CpusetCpus: "0,1" |
| CpusetMems: "0" |
| Memory: 314572800 |
| MemorySwap: 514288000 |
| MemoryReservation: 209715200 |
| RestartPolicy: |
| MaximumRetryCount: 4 |
| Name: "on-failure" |
| tags: ["Container"] |
| /containers/{id}/rename: |
| post: |
| summary: "Rename a container" |
| operationId: "ContainerRename" |
| responses: |
| 204: |
| description: "no error" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 409: |
| description: "name already in use" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "name" |
| in: "query" |
| required: true |
| description: "New name for the container" |
| type: "string" |
| tags: ["Container"] |
| /containers/{id}/pause: |
| post: |
| summary: "Pause a container" |
| description: | |
| Use the freezer cgroup to suspend all processes in a container. |
| |
| Traditionally, when suspending a process the `SIGSTOP` signal is used, |
| which is observable by the process being suspended. With the freezer |
| cgroup the process is unaware, and unable to capture, that it is being |
| suspended, and subsequently resumed. |
| operationId: "ContainerPause" |
| responses: |
| 204: |
| description: "no error" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| tags: ["Container"] |
| /containers/{id}/unpause: |
| post: |
| summary: "Unpause a container" |
| description: "Resume a container which has been paused." |
| operationId: "ContainerUnpause" |
| responses: |
| 204: |
| description: "no error" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| tags: ["Container"] |
| /containers/{id}/attach: |
| post: |
| summary: "Attach to a container" |
| description: | |
| Attach to a container to read its output or send it input. You can attach |
| to the same container multiple times and you can reattach to containers |
| that have been detached. |
| |
| Either the `stream` or `logs` parameter must be `true` for this endpoint |
| to do anything. |
| |
| See the [documentation for the `docker attach` command](https://docs.docker.com/engine/reference/commandline/attach/) |
| for more details. |
| |
| ### Hijacking |
| |
| This endpoint hijacks the HTTP connection to transport `stdin`, `stdout`, |
| and `stderr` on the same socket. |
| |
| This is the response from the daemon for an attach request: |
| |
| ``` |
| HTTP/1.1 200 OK |
| Content-Type: application/vnd.docker.raw-stream |
| |
| [STREAM] |
| ``` |
| |
| After the headers and two new lines, the TCP connection can now be used |
| for raw, bidirectional communication between the client and server. |
| |
| To hint potential proxies about connection hijacking, the Docker client |
| can also optionally send connection upgrade headers. |
| |
| For example, the client sends this request to upgrade the connection: |
| |
| ``` |
| POST /containers/16253994b7c4/attach?stream=1&stdout=1 HTTP/1.1 |
| Upgrade: tcp |
| Connection: Upgrade |
| ``` |
| |
| The Docker daemon will respond with a `101 UPGRADED` response, and will |
| similarly follow with the raw stream: |
| |
| ``` |
| HTTP/1.1 101 UPGRADED |
| Content-Type: application/vnd.docker.raw-stream |
| Connection: Upgrade |
| Upgrade: tcp |
| |
| [STREAM] |
| ``` |
| |
| ### Stream format |
| |
| When the TTY setting is disabled in [`POST /containers/create`](#operation/ContainerCreate), |
| the HTTP Content-Type header is set to application/vnd.docker.multiplexed-stream |
| and the stream over the hijacked connected is multiplexed to separate out |
| `stdout` and `stderr`. The stream consists of a series of frames, each |
| containing a header and a payload. |
| |
| The header contains the information which the stream writes (`stdout` or |
| `stderr`). It also contains the size of the associated frame encoded in |
| the last four bytes (`uint32`). |
| |
| It is encoded on the first eight bytes like this: |
| |
| ```go |
| header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4} |
| ``` |
| |
| `STREAM_TYPE` can be: |
| |
| - 0: `stdin` (is written on `stdout`) |
| - 1: `stdout` |
| - 2: `stderr` |
| |
| `SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of the `uint32` size |
| encoded as big endian. |
| |
| Following the header is the payload, which is the specified number of |
| bytes of `STREAM_TYPE`. |
| |
| The simplest way to implement this protocol is the following: |
| |
| 1. Read 8 bytes. |
| 2. Choose `stdout` or `stderr` depending on the first byte. |
| 3. Extract the frame size from the last four bytes. |
| 4. Read the extracted size and output it on the correct output. |
| 5. Goto 1. |
| |
| ### Stream format when using a TTY |
| |
| When the TTY setting is enabled in [`POST /containers/create`](#operation/ContainerCreate), |
| the stream is not multiplexed. The data exchanged over the hijacked |
| connection is simply the raw data from the process PTY and client's |
| `stdin`. |
| |
| operationId: "ContainerAttach" |
| produces: |
| - "application/vnd.docker.raw-stream" |
| - "application/vnd.docker.multiplexed-stream" |
| responses: |
| 101: |
| description: "no error, hints proxy about hijacking" |
| 200: |
| description: "no error, no upgrade header found" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "detachKeys" |
| in: "query" |
| description: | |
| Override the key sequence for detaching a container.Format is a single |
| character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, |
| `@`, `^`, `[`, `,` or `_`. |
| type: "string" |
| - name: "logs" |
| in: "query" |
| description: | |
| Replay previous logs from the container. |
| |
| This is useful for attaching to a container that has started and you |
| want to output everything since the container started. |
| |
| If `stream` is also enabled, once all the previous output has been |
| returned, it will seamlessly transition into streaming current |
| output. |
| type: "boolean" |
| default: false |
| - name: "stream" |
| in: "query" |
| description: | |
| Stream attached streams from the time the request was made onwards. |
| type: "boolean" |
| default: false |
| - name: "stdin" |
| in: "query" |
| description: "Attach to `stdin`" |
| type: "boolean" |
| default: false |
| - name: "stdout" |
| in: "query" |
| description: "Attach to `stdout`" |
| type: "boolean" |
| default: false |
| - name: "stderr" |
| in: "query" |
| description: "Attach to `stderr`" |
| type: "boolean" |
| default: false |
| tags: ["Container"] |
| /containers/{id}/attach/ws: |
| get: |
| summary: "Attach to a container via a websocket" |
| operationId: "ContainerAttachWebsocket" |
| responses: |
| 101: |
| description: "no error, hints proxy about hijacking" |
| 200: |
| description: "no error, no upgrade header found" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "detachKeys" |
| in: "query" |
| description: | |
| Override the key sequence for detaching a container.Format is a single |
| character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, |
| `@`, `^`, `[`, `,`, or `_`. |
| type: "string" |
| - name: "logs" |
| in: "query" |
| description: "Return logs" |
| type: "boolean" |
| default: false |
| - name: "stream" |
| in: "query" |
| description: "Return stream" |
| type: "boolean" |
| default: false |
| - name: "stdin" |
| in: "query" |
| description: "Attach to `stdin`" |
| type: "boolean" |
| default: false |
| - name: "stdout" |
| in: "query" |
| description: "Attach to `stdout`" |
| type: "boolean" |
| default: false |
| - name: "stderr" |
| in: "query" |
| description: "Attach to `stderr`" |
| type: "boolean" |
| default: false |
| tags: ["Container"] |
| /containers/{id}/wait: |
| post: |
| summary: "Wait for a container" |
| description: "Block until a container stops, then returns the exit code." |
| operationId: "ContainerWait" |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "The container has exit." |
| schema: |
| $ref: "#/definitions/ContainerWaitResponse" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "condition" |
| in: "query" |
| description: | |
| Wait until a container state reaches the given condition. |
| |
| Defaults to `not-running` if omitted or empty. |
| type: "string" |
| enum: |
| - "not-running" |
| - "next-exit" |
| - "removed" |
| default: "not-running" |
| tags: ["Container"] |
| /containers/{id}: |
| delete: |
| summary: "Remove a container" |
| operationId: "ContainerDelete" |
| responses: |
| 204: |
| description: "no error" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 409: |
| description: "conflict" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: | |
| You cannot remove a running container: c2ada9df5af8. Stop the |
| container before attempting removal or force remove |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "v" |
| in: "query" |
| description: "Remove anonymous volumes associated with the container." |
| type: "boolean" |
| default: false |
| - name: "force" |
| in: "query" |
| description: "If the container is running, kill it before removing it." |
| type: "boolean" |
| default: false |
| - name: "link" |
| in: "query" |
| description: "Remove the specified link associated with the container." |
| type: "boolean" |
| default: false |
| tags: ["Container"] |
| /containers/{id}/archive: |
| head: |
| summary: "Get information about files in a container" |
| description: | |
| A response header `X-Docker-Container-Path-Stat` is returned, containing |
| a base64 - encoded JSON object with some filesystem header information |
| about the path. |
| operationId: "ContainerArchiveInfo" |
| responses: |
| 200: |
| description: "no error" |
| headers: |
| X-Docker-Container-Path-Stat: |
| type: "string" |
| description: | |
| A base64 - encoded JSON object with some filesystem header |
| information about the path |
| 400: |
| description: "Bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "Container or path does not exist" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "path" |
| in: "query" |
| required: true |
| description: "Resource in the container’s filesystem to archive." |
| type: "string" |
| tags: ["Container"] |
| get: |
| summary: "Get an archive of a filesystem resource in a container" |
| description: "Get a tar archive of a resource in the filesystem of container id." |
| operationId: "ContainerArchive" |
| produces: ["application/x-tar"] |
| responses: |
| 200: |
| description: "no error" |
| 400: |
| description: "Bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "Container or path does not exist" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "path" |
| in: "query" |
| required: true |
| description: "Resource in the container’s filesystem to archive." |
| type: "string" |
| tags: ["Container"] |
| put: |
| summary: "Extract an archive of files or folders to a directory in a container" |
| description: | |
| Upload a tar archive to be extracted to a path in the filesystem of container id. |
| `path` parameter is asserted to be a directory. If it exists as a file, 400 error |
| will be returned with message "not a directory". |
| operationId: "PutContainerArchive" |
| consumes: ["application/x-tar", "application/octet-stream"] |
| responses: |
| 200: |
| description: "The content was extracted successfully" |
| 400: |
| description: "Bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "not a directory" |
| 403: |
| description: "Permission denied, the volume or container rootfs is marked as read-only." |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "No such container or path does not exist inside the container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the container" |
| type: "string" |
| - name: "path" |
| in: "query" |
| required: true |
| description: "Path to a directory in the container to extract the archive’s contents into. " |
| type: "string" |
| - name: "noOverwriteDirNonDir" |
| in: "query" |
| description: | |
| If `1`, `true`, or `True` then it will be an error if unpacking the |
| given content would cause an existing directory to be replaced with |
| a non-directory and vice versa. |
| type: "string" |
| - name: "copyUIDGID" |
| in: "query" |
| description: | |
| If `1`, `true`, then it will copy UID/GID maps to the dest file or |
| dir |
| type: "string" |
| - name: "inputStream" |
| in: "body" |
| required: true |
| description: | |
| The input stream must be a tar archive compressed with one of the |
| following algorithms: `identity` (no compression), `gzip`, `bzip2`, |
| or `xz`. |
| schema: |
| type: "string" |
| format: "binary" |
| tags: ["Container"] |
| /containers/prune: |
| post: |
| summary: "Delete stopped containers" |
| produces: |
| - "application/json" |
| operationId: "ContainerPrune" |
| parameters: |
| - name: "filters" |
| in: "query" |
| description: | |
| Filters to process on the prune list, encoded as JSON (a `map[string][]string`). |
| |
| Available filters: |
| - `until=<timestamp>` Prune containers created before this timestamp. The `<timestamp>` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. |
| - `label` (`label=<key>`, `label=<key>=<value>`, `label!=<key>`, or `label!=<key>=<value>`) Prune containers with (or without, in case `label!=...` is used) the specified labels. |
| type: "string" |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| type: "object" |
| title: "ContainerPruneResponse" |
| properties: |
| ContainersDeleted: |
| description: "Container IDs that were deleted" |
| type: "array" |
| items: |
| type: "string" |
| SpaceReclaimed: |
| description: "Disk space reclaimed in bytes" |
| type: "integer" |
| format: "int64" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Container"] |
| /images/json: |
| get: |
| summary: "List Images" |
| description: "Returns a list of images on the server. Note that it uses a different, smaller representation of an image than inspecting a single image." |
| operationId: "ImageList" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "Summary image data for the images matching the query" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/ImageSummary" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "all" |
| in: "query" |
| description: "Show all images. Only images from a final layer (no children) are shown by default." |
| type: "boolean" |
| default: false |
| - name: "filters" |
| in: "query" |
| description: | |
| A JSON encoded value of the filters (a `map[string][]string`) to |
| process on the images list. |
| |
| Available filters: |
| |
| - `before`=(`<image-name>[:<tag>]`, `<image id>` or `<image@digest>`) |
| - `dangling=true` |
| - `label=key` or `label="key=value"` of an image label |
| - `reference`=(`<image-name>[:<tag>]`) |
| - `since`=(`<image-name>[:<tag>]`, `<image id>` or `<image@digest>`) |
| type: "string" |
| - name: "shared-size" |
| in: "query" |
| description: "Compute and show shared size as a `SharedSize` field on each image." |
| type: "boolean" |
| default: false |
| - name: "digests" |
| in: "query" |
| description: "Show digest information as a `RepoDigests` field on each image." |
| type: "boolean" |
| default: false |
| tags: ["Image"] |
| /build: |
| post: |
| summary: "Build an image" |
| description: | |
| Build an image from a tar archive with a `Dockerfile` in it. |
| |
| The `Dockerfile` specifies how the image is built from the tar archive. It is typically in the archive's root, but can be at a different path or have a different name by specifying the `dockerfile` parameter. [See the `Dockerfile` reference for more information](https://docs.docker.com/engine/reference/builder/). |
| |
| The Docker daemon performs a preliminary validation of the `Dockerfile` before starting the build, and returns an error if the syntax is incorrect. After that, each instruction is run one-by-one until the ID of the new image is output. |
| |
| The build is canceled if the client drops the connection by quitting or being killed. |
| operationId: "ImageBuild" |
| consumes: |
| - "application/octet-stream" |
| produces: |
| - "application/json" |
| parameters: |
| - name: "inputStream" |
| in: "body" |
| description: "A tar archive compressed with one of the following algorithms: identity (no compression), gzip, bzip2, xz." |
| schema: |
| type: "string" |
| format: "binary" |
| - name: "dockerfile" |
| in: "query" |
| description: "Path within the build context to the `Dockerfile`. This is ignored if `remote` is specified and points to an external `Dockerfile`." |
| type: "string" |
| default: "Dockerfile" |
| - name: "t" |
| in: "query" |
| description: "A name and optional tag to apply to the image in the `name:tag` format. If you omit the tag the default `latest` value is assumed. You can provide several `t` parameters." |
| type: "string" |
| - name: "extrahosts" |
| in: "query" |
| description: "Extra hosts to add to /etc/hosts" |
| type: "string" |
| - name: "remote" |
| in: "query" |
| description: "A Git repository URI or HTTP/HTTPS context URI. If the URI points to a single text file, the file’s contents are placed into a file called `Dockerfile` and the image is built from that file. If the URI points to a tarball, the file is downloaded by the daemon and the contents therein used as the context for the build. If the URI points to a tarball and the `dockerfile` parameter is also specified, there must be a file with the corresponding path inside the tarball." |
| type: "string" |
| - name: "q" |
| in: "query" |
| description: "Suppress verbose build output." |
| type: "boolean" |
| default: false |
| - name: "nocache" |
| in: "query" |
| description: "Do not use the cache when building the image." |
| type: "boolean" |
| default: false |
| - name: "cachefrom" |
| in: "query" |
| description: "JSON array of images used for build cache resolution." |
| type: "string" |
| - name: "pull" |
| in: "query" |
| description: "Attempt to pull the image even if an older image exists locally." |
| type: "string" |
| - name: "rm" |
| in: "query" |
| description: "Remove intermediate containers after a successful build." |
| type: "boolean" |
| default: true |
| - name: "forcerm" |
| in: "query" |
| description: "Always remove intermediate containers, even upon failure." |
| type: "boolean" |
| default: false |
| - name: "memory" |
| in: "query" |
| description: "Set memory limit for build." |
| type: "integer" |
| - name: "memswap" |
| in: "query" |
| description: "Total memory (memory + swap). Set as `-1` to disable swap." |
| type: "integer" |
| - name: "cpushares" |
| in: "query" |
| description: "CPU shares (relative weight)." |
| type: "integer" |
| - name: "cpusetcpus" |
| in: "query" |
| description: "CPUs in which to allow execution (e.g., `0-3`, `0,1`)." |
| type: "string" |
| - name: "cpuperiod" |
| in: "query" |
| description: "The length of a CPU period in microseconds." |
| type: "integer" |
| - name: "cpuquota" |
| in: "query" |
| description: "Microseconds of CPU time that the container can get in a CPU period." |
| type: "integer" |
| - name: "buildargs" |
| in: "query" |
| description: > |
| JSON map of string pairs for build-time variables. Users pass these values at build-time. Docker |
| uses the buildargs as the environment context for commands run via the `Dockerfile` RUN |
| instruction, or for variable expansion in other `Dockerfile` instructions. This is not meant for |
| passing secret values. |
| |
| |
| For example, the build arg `FOO=bar` would become `{"FOO":"bar"}` in JSON. This would result in the |
| query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. |
| |
| |
| [Read more about the buildargs instruction.](https://docs.docker.com/engine/reference/builder/#arg) |
| type: "string" |
| - name: "shmsize" |
| in: "query" |
| description: "Size of `/dev/shm` in bytes. The size must be greater than 0. If omitted the system uses 64MB." |
| type: "integer" |
| - name: "squash" |
| in: "query" |
| description: "Squash the resulting images layers into a single layer. *(Experimental release only.)*" |
| type: "boolean" |
| - name: "labels" |
| in: "query" |
| description: "Arbitrary key/value labels to set on the image, as a JSON map of string pairs." |
| type: "string" |
| - name: "networkmode" |
| in: "query" |
| description: | |
| Sets the networking mode for the run commands during build. Supported |
| standard values are: `bridge`, `host`, `none`, and `container:<name|id>`. |
| Any other value is taken as a custom network's name or ID to which this |
| container should connect to. |
| type: "string" |
| - name: "Content-type" |
| in: "header" |
| type: "string" |
| enum: |
| - "application/x-tar" |
| default: "application/x-tar" |
| - name: "X-Registry-Config" |
| in: "header" |
| description: | |
| This is a base64-encoded JSON object with auth configurations for multiple registries that a build may refer to. |
| |
| The key is a registry URL, and the value is an auth configuration object, [as described in the authentication section](#section/Authentication). For example: |
| |
| ``` |
| { |
| "docker.example.com": { |
| "username": "janedoe", |
| "password": "hunter2" |
| }, |
| "https://index.docker.io/v1/": { |
| "username": "mobydock", |
| "password": "conta1n3rize14" |
| } |
| } |
| ``` |
| |
| Only the registry domain name (and port if not the default 443) are required. However, for legacy reasons, the Docker Hub registry must be specified with both a `https://` prefix and a `/v1/` suffix even though Docker will prefer to use the v2 registry API. |
| type: "string" |
| - name: "platform" |
| in: "query" |
| description: "Platform in the format os[/arch[/variant]]" |
| type: "string" |
| default: "" |
| - name: "target" |
| in: "query" |
| description: "Target build stage" |
| type: "string" |
| default: "" |
| - name: "outputs" |
| in: "query" |
| description: "BuildKit output configuration" |
| type: "string" |
| default: "" |
| responses: |
| 200: |
| description: "no error" |
| 400: |
| description: "Bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Image"] |
| /build/prune: |
| post: |
| summary: "Delete builder cache" |
| produces: |
| - "application/json" |
| operationId: "BuildPrune" |
| parameters: |
| - name: "keep-storage" |
| in: "query" |
| description: "Amount of disk space in bytes to keep for cache" |
| type: "integer" |
| format: "int64" |
| - name: "all" |
| in: "query" |
| type: "boolean" |
| description: "Remove all types of build cache" |
| - name: "filters" |
| in: "query" |
| type: "string" |
| description: | |
| A JSON encoded value of the filters (a `map[string][]string`) to |
| process on the list of build cache objects. |
| |
| Available filters: |
| |
| - `until=<duration>`: duration relative to daemon's time, during which build cache was not used, in Go's duration format (e.g., '24h') |
| - `id=<id>` |
| - `parent=<id>` |
| - `type=<string>` |
| - `description=<string>` |
| - `inuse` |
| - `shared` |
| - `private` |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| type: "object" |
| title: "BuildPruneResponse" |
| properties: |
| CachesDeleted: |
| type: "array" |
| items: |
| description: "ID of build cache object" |
| type: "string" |
| SpaceReclaimed: |
| description: "Disk space reclaimed in bytes" |
| type: "integer" |
| format: "int64" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Image"] |
| /images/create: |
| post: |
| summary: "Create an image" |
| description: "Create an image by either pulling it from a registry or importing it." |
| operationId: "ImageCreate" |
| consumes: |
| - "text/plain" |
| - "application/octet-stream" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| 404: |
| description: "repository does not exist or no read access" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "fromImage" |
| in: "query" |
| description: "Name of the image to pull. The name may include a tag or digest. This parameter may only be used when pulling an image. The pull is cancelled if the HTTP connection is closed." |
| type: "string" |
| - name: "fromSrc" |
| in: "query" |
| description: "Source to import. The value may be a URL from which the image can be retrieved or `-` to read the image from the request body. This parameter may only be used when importing an image." |
| type: "string" |
| - name: "repo" |
| in: "query" |
| description: "Repository name given to an image when it is imported. The repo may include a tag. This parameter may only be used when importing an image." |
| type: "string" |
| - name: "tag" |
| in: "query" |
| description: "Tag or digest. If empty when pulling an image, this causes all tags for the given image to be pulled." |
| type: "string" |
| - name: "message" |
| in: "query" |
| description: "Set commit message for imported image." |
| type: "string" |
| - name: "inputImage" |
| in: "body" |
| description: "Image content if the value `-` has been specified in fromSrc query parameter" |
| schema: |
| type: "string" |
| required: false |
| - name: "X-Registry-Auth" |
| in: "header" |
| description: | |
| A base64url-encoded auth configuration. |
| |
| Refer to the [authentication section](#section/Authentication) for |
| details. |
| type: "string" |
| - name: "changes" |
| in: "query" |
| description: | |
| Apply `Dockerfile` instructions to the image that is created, |
| for example: `changes=ENV DEBUG=true`. |
| Note that `ENV DEBUG=true` should be URI component encoded. |
| |
| Supported `Dockerfile` instructions: |
| `CMD`|`ENTRYPOINT`|`ENV`|`EXPOSE`|`ONBUILD`|`USER`|`VOLUME`|`WORKDIR` |
| type: "array" |
| items: |
| type: "string" |
| - name: "platform" |
| in: "query" |
| description: | |
| Platform in the format os[/arch[/variant]]. |
| |
| When used in combination with the `fromImage` option, the daemon checks |
| if the given image is present in the local image cache with the given |
| OS and Architecture, and otherwise attempts to pull the image. If the |
| option is not set, the host's native OS and Architecture are used. |
| If the given image does not exist in the local image cache, the daemon |
| attempts to pull the image with the host's native OS and Architecture. |
| If the given image does exists in the local image cache, but its OS or |
| architecture does not match, a warning is produced. |
| |
| When used with the `fromSrc` option to import an image from an archive, |
| this option sets the platform information for the imported image. If |
| the option is not set, the host's native OS and Architecture are used |
| for the imported image. |
| type: "string" |
| default: "" |
| tags: ["Image"] |
| /images/{name}/json: |
| get: |
| summary: "Inspect an image" |
| description: "Return low-level information about an image." |
| operationId: "ImageInspect" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| $ref: "#/definitions/ImageInspect" |
| 404: |
| description: "No such image" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such image: someimage (tag: latest)" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: "Image name or id" |
| type: "string" |
| required: true |
| tags: ["Image"] |
| /images/{name}/history: |
| get: |
| summary: "Get the history of an image" |
| description: "Return parent layers of an image." |
| operationId: "ImageHistory" |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "List of image layers" |
| schema: |
| type: "array" |
| items: |
| type: "object" |
| x-go-name: HistoryResponseItem |
| title: "HistoryResponseItem" |
| description: "individual image layer information in response to ImageHistory operation" |
| required: [Id, Created, CreatedBy, Tags, Size, Comment] |
| properties: |
| Id: |
| type: "string" |
| x-nullable: false |
| Created: |
| type: "integer" |
| format: "int64" |
| x-nullable: false |
| CreatedBy: |
| type: "string" |
| x-nullable: false |
| Tags: |
| type: "array" |
| items: |
| type: "string" |
| Size: |
| type: "integer" |
| format: "int64" |
| x-nullable: false |
| Comment: |
| type: "string" |
| x-nullable: false |
| examples: |
| application/json: |
| - Id: "3db9c44f45209632d6050b35958829c3a2aa256d81b9a7be45b362ff85c54710" |
| Created: 1398108230 |
| CreatedBy: "/bin/sh -c #(nop) ADD file:eb15dbd63394e063b805a3c32ca7bf0266ef64676d5a6fab4801f2e81e2a5148 in /" |
| Tags: |
| - "ubuntu:lucid" |
| - "ubuntu:10.04" |
| Size: 182964289 |
| Comment: "" |
| - Id: "6cfa4d1f33fb861d4d114f43b25abd0ac737509268065cdfd69d544a59c85ab8" |
| Created: 1398108222 |
| CreatedBy: "/bin/sh -c #(nop) MAINTAINER Tianon Gravi <admwiggin@gmail.com> - mkimage-debootstrap.sh -i iproute,iputils-ping,ubuntu-minimal -t lucid.tar.xz lucid http://archive.ubuntu.com/ubuntu/" |
| Tags: [] |
| Size: 0 |
| Comment: "" |
| - Id: "511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158" |
| Created: 1371157430 |
| CreatedBy: "" |
| Tags: |
| - "scratch12:latest" |
| - "scratch:latest" |
| Size: 0 |
| Comment: "Imported from -" |
| 404: |
| description: "No such image" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: "Image name or ID" |
| type: "string" |
| required: true |
| tags: ["Image"] |
| /images/{name}/push: |
| post: |
| summary: "Push an image" |
| description: | |
| Push an image to a registry. |
| |
| If you wish to push an image on to a private registry, that image must |
| already have a tag which references the registry. For example, |
| `registry.example.com/myimage:latest`. |
| |
| The push is cancelled if the HTTP connection is closed. |
| operationId: "ImagePush" |
| consumes: |
| - "application/octet-stream" |
| responses: |
| 200: |
| description: "No error" |
| 404: |
| description: "No such image" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: "Image name or ID." |
| type: "string" |
| required: true |
| - name: "tag" |
| in: "query" |
| description: "The tag to associate with the image on the registry." |
| type: "string" |
| - name: "X-Registry-Auth" |
| in: "header" |
| description: | |
| A base64url-encoded auth configuration. |
| |
| Refer to the [authentication section](#section/Authentication) for |
| details. |
| type: "string" |
| required: true |
| tags: ["Image"] |
| /images/{name}/tag: |
| post: |
| summary: "Tag an image" |
| description: "Tag an image so that it becomes part of a repository." |
| operationId: "ImageTag" |
| responses: |
| 201: |
| description: "No error" |
| 400: |
| description: "Bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "No such image" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 409: |
| description: "Conflict" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: "Image name or ID to tag." |
| type: "string" |
| required: true |
| - name: "repo" |
| in: "query" |
| description: "The repository to tag in. For example, `someuser/someimage`." |
| type: "string" |
| - name: "tag" |
| in: "query" |
| description: "The name of the new tag." |
| type: "string" |
| tags: ["Image"] |
| /images/{name}: |
| delete: |
| summary: "Remove an image" |
| description: | |
| Remove an image, along with any untagged parent images that were |
| referenced by that image. |
| |
| Images can't be removed if they have descendant images, are being |
| used by a running container or are being used by a build. |
| operationId: "ImageDelete" |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "The image was deleted successfully" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/ImageDeleteResponseItem" |
| examples: |
| application/json: |
| - Untagged: "3e2f21a89f" |
| - Deleted: "3e2f21a89f" |
| - Deleted: "53b4f83ac9" |
| 404: |
| description: "No such image" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 409: |
| description: "Conflict" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: "Image name or ID" |
| type: "string" |
| required: true |
| - name: "force" |
| in: "query" |
| description: "Remove the image even if it is being used by stopped containers or has other tags" |
| type: "boolean" |
| default: false |
| - name: "noprune" |
| in: "query" |
| description: "Do not delete untagged parent images" |
| type: "boolean" |
| default: false |
| tags: ["Image"] |
| /images/search: |
| get: |
| summary: "Search images" |
| description: "Search for an image on Docker Hub." |
| operationId: "ImageSearch" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| type: "array" |
| items: |
| type: "object" |
| title: "ImageSearchResponseItem" |
| properties: |
| description: |
| type: "string" |
| is_official: |
| type: "boolean" |
| is_automated: |
| type: "boolean" |
| name: |
| type: "string" |
| star_count: |
| type: "integer" |
| examples: |
| application/json: |
| - description: "" |
| is_official: false |
| is_automated: false |
| name: "wma55/u1210sshd" |
| star_count: 0 |
| - description: "" |
| is_official: false |
| is_automated: false |
| name: "jdswinbank/sshd" |
| star_count: 0 |
| - description: "" |
| is_official: false |
| is_automated: false |
| name: "vgauthier/sshd" |
| star_count: 0 |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "term" |
| in: "query" |
| description: "Term to search" |
| type: "string" |
| required: true |
| - name: "limit" |
| in: "query" |
| description: "Maximum number of results to return" |
| type: "integer" |
| - name: "filters" |
| in: "query" |
| description: | |
| A JSON encoded value of the filters (a `map[string][]string`) to process on the images list. Available filters: |
| |
| - `is-automated=(true|false)` |
| - `is-official=(true|false)` |
| - `stars=<number>` Matches images that has at least 'number' stars. |
| type: "string" |
| tags: ["Image"] |
| /images/prune: |
| post: |
| summary: "Delete unused images" |
| produces: |
| - "application/json" |
| operationId: "ImagePrune" |
| parameters: |
| - name: "filters" |
| in: "query" |
| description: | |
| Filters to process on the prune list, encoded as JSON (a `map[string][]string`). Available filters: |
| |
| - `dangling=<boolean>` When set to `true` (or `1`), prune only |
| unused *and* untagged images. When set to `false` |
| (or `0`), all unused images are pruned. |
| - `until=<string>` Prune images created before this timestamp. The `<timestamp>` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. |
| - `label` (`label=<key>`, `label=<key>=<value>`, `label!=<key>`, or `label!=<key>=<value>`) Prune images with (or without, in case `label!=...` is used) the specified labels. |
| type: "string" |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| type: "object" |
| title: "ImagePruneResponse" |
| properties: |
| ImagesDeleted: |
| description: "Images that were deleted" |
| type: "array" |
| items: |
| $ref: "#/definitions/ImageDeleteResponseItem" |
| SpaceReclaimed: |
| description: "Disk space reclaimed in bytes" |
| type: "integer" |
| format: "int64" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Image"] |
| /auth: |
| post: |
| summary: "Check auth configuration" |
| description: | |
| Validate credentials for a registry and, if available, get an identity |
| token for accessing the registry without password. |
| operationId: "SystemAuth" |
| consumes: ["application/json"] |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "An identity token was generated successfully." |
| schema: |
| type: "object" |
| title: "SystemAuthResponse" |
| required: [Status] |
| properties: |
| Status: |
| description: "The status of the authentication" |
| type: "string" |
| x-nullable: false |
| IdentityToken: |
| description: "An opaque token used to authenticate a user after a successful login" |
| type: "string" |
| x-nullable: false |
| examples: |
| application/json: |
| Status: "Login Succeeded" |
| IdentityToken: "9cbaf023786cd7..." |
| 204: |
| description: "No error" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "authConfig" |
| in: "body" |
| description: "Authentication to check" |
| schema: |
| $ref: "#/definitions/AuthConfig" |
| tags: ["System"] |
| /info: |
| get: |
| summary: "Get system information" |
| operationId: "SystemInfo" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| $ref: "#/definitions/SystemInfo" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["System"] |
| /version: |
| get: |
| summary: "Get version" |
| description: "Returns the version of Docker that is running and various information about the system that Docker is running on." |
| operationId: "SystemVersion" |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/SystemVersion" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["System"] |
| /_ping: |
| get: |
| summary: "Ping" |
| description: "This is a dummy endpoint you can use to test if the server is accessible." |
| operationId: "SystemPing" |
| produces: ["text/plain"] |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "string" |
| example: "OK" |
| headers: |
| API-Version: |
| type: "string" |
| description: "Max API Version the server supports" |
| Builder-Version: |
| type: "string" |
| description: | |
| Default version of docker image builder |
| |
| The default on Linux is version "2" (BuildKit), but the daemon |
| can be configured to recommend version "1" (classic Builder). |
| Windows does not yet support BuildKit for native Windows images, |
| and uses "1" (classic builder) as a default. |
| |
| This value is a recommendation as advertised by the daemon, and |
| it is up to the client to choose which builder to use. |
| default: "2" |
| Docker-Experimental: |
| type: "boolean" |
| description: "If the server is running with experimental mode enabled" |
| Swarm: |
| type: "string" |
| enum: ["inactive", "pending", "error", "locked", "active/worker", "active/manager"] |
| description: | |
| Contains information about Swarm status of the daemon, |
| and if the daemon is acting as a manager or worker node. |
| default: "inactive" |
| Cache-Control: |
| type: "string" |
| default: "no-cache, no-store, must-revalidate" |
| Pragma: |
| type: "string" |
| default: "no-cache" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| headers: |
| Cache-Control: |
| type: "string" |
| default: "no-cache, no-store, must-revalidate" |
| Pragma: |
| type: "string" |
| default: "no-cache" |
| tags: ["System"] |
| head: |
| summary: "Ping" |
| description: "This is a dummy endpoint you can use to test if the server is accessible." |
| operationId: "SystemPingHead" |
| produces: ["text/plain"] |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "string" |
| example: "(empty)" |
| headers: |
| API-Version: |
| type: "string" |
| description: "Max API Version the server supports" |
| Builder-Version: |
| type: "string" |
| description: "Default version of docker image builder" |
| Docker-Experimental: |
| type: "boolean" |
| description: "If the server is running with experimental mode enabled" |
| Swarm: |
| type: "string" |
| enum: ["inactive", "pending", "error", "locked", "active/worker", "active/manager"] |
| description: | |
| Contains information about Swarm status of the daemon, |
| and if the daemon is acting as a manager or worker node. |
| default: "inactive" |
| Cache-Control: |
| type: "string" |
| default: "no-cache, no-store, must-revalidate" |
| Pragma: |
| type: "string" |
| default: "no-cache" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["System"] |
| /commit: |
| post: |
| summary: "Create a new image from a container" |
| operationId: "ImageCommit" |
| consumes: |
| - "application/json" |
| produces: |
| - "application/json" |
| responses: |
| 201: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/IdResponse" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "containerConfig" |
| in: "body" |
| description: "The container configuration" |
| schema: |
| $ref: "#/definitions/ContainerConfig" |
| - name: "container" |
| in: "query" |
| description: "The ID or name of the container to commit" |
| type: "string" |
| - name: "repo" |
| in: "query" |
| description: "Repository name for the created image" |
| type: "string" |
| - name: "tag" |
| in: "query" |
| description: "Tag name for the create image" |
| type: "string" |
| - name: "comment" |
| in: "query" |
| description: "Commit message" |
| type: "string" |
| - name: "author" |
| in: "query" |
| description: "Author of the image (e.g., `John Hannibal Smith <hannibal@a-team.com>`)" |
| type: "string" |
| - name: "pause" |
| in: "query" |
| description: "Whether to pause the container before committing" |
| type: "boolean" |
| default: true |
| - name: "changes" |
| in: "query" |
| description: "`Dockerfile` instructions to apply while committing" |
| type: "string" |
| tags: ["Image"] |
| /events: |
| get: |
| summary: "Monitor events" |
| description: | |
| Stream real-time events from the server. |
| |
| Various objects within Docker report events when something happens to them. |
| |
| Containers report these events: `attach`, `commit`, `copy`, `create`, `destroy`, `detach`, `die`, `exec_create`, `exec_detach`, `exec_start`, `exec_die`, `export`, `health_status`, `kill`, `oom`, `pause`, `rename`, `resize`, `restart`, `start`, `stop`, `top`, `unpause`, `update`, and `prune` |
| |
| Images report these events: `delete`, `import`, `load`, `pull`, `push`, `save`, `tag`, `untag`, and `prune` |
| |
| Volumes report these events: `create`, `mount`, `unmount`, `destroy`, and `prune` |
| |
| Networks report these events: `create`, `connect`, `disconnect`, `destroy`, `update`, `remove`, and `prune` |
| |
| The Docker daemon reports these events: `reload` |
| |
| Services report these events: `create`, `update`, and `remove` |
| |
| Nodes report these events: `create`, `update`, and `remove` |
| |
| Secrets report these events: `create`, `update`, and `remove` |
| |
| Configs report these events: `create`, `update`, and `remove` |
| |
| The Builder reports `prune` events |
| |
| operationId: "SystemEvents" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/EventMessage" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "since" |
| in: "query" |
| description: "Show events created since this timestamp then stream new events." |
| type: "string" |
| - name: "until" |
| in: "query" |
| description: "Show events created until this timestamp then stop streaming." |
| type: "string" |
| - name: "filters" |
| in: "query" |
| description: | |
| A JSON encoded value of filters (a `map[string][]string`) to process on the event list. Available filters: |
| |
| - `config=<string>` config name or ID |
| - `container=<string>` container name or ID |
| - `daemon=<string>` daemon name or ID |
| - `event=<string>` event type |
| - `image=<string>` image name or ID |
| - `label=<string>` image or container label |
| - `network=<string>` network name or ID |
| - `node=<string>` node ID |
| - `plugin`=<string> plugin name or ID |
| - `scope`=<string> local or swarm |
| - `secret=<string>` secret name or ID |
| - `service=<string>` service name or ID |
| - `type=<string>` object to filter by, one of `container`, `image`, `volume`, `network`, `daemon`, `plugin`, `node`, `service`, `secret` or `config` |
| - `volume=<string>` volume name |
| type: "string" |
| tags: ["System"] |
| /system/df: |
| get: |
| summary: "Get data usage information" |
| operationId: "SystemDataUsage" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "object" |
| title: "SystemDataUsageResponse" |
| properties: |
| LayersSize: |
| type: "integer" |
| format: "int64" |
| Images: |
| type: "array" |
| items: |
| $ref: "#/definitions/ImageSummary" |
| Containers: |
| type: "array" |
| items: |
| $ref: "#/definitions/ContainerSummary" |
| Volumes: |
| type: "array" |
| items: |
| $ref: "#/definitions/Volume" |
| BuildCache: |
| type: "array" |
| items: |
| $ref: "#/definitions/BuildCache" |
| example: |
| LayersSize: 1092588 |
| Images: |
| - |
| Id: "sha256:2b8fd9751c4c0f5dd266fcae00707e67a2545ef34f9a29354585f93dac906749" |
| ParentId: "" |
| RepoTags: |
| - "busybox:latest" |
| RepoDigests: |
| - "busybox@sha256:a59906e33509d14c036c8678d687bd4eec81ed7c4b8ce907b888c607f6a1e0e6" |
| Created: 1466724217 |
| Size: 1092588 |
| SharedSize: 0 |
| VirtualSize: 1092588 |
| Labels: {} |
| Containers: 1 |
| Containers: |
| - |
| Id: "e575172ed11dc01bfce087fb27bee502db149e1a0fad7c296ad300bbff178148" |
| Names: |
| - "/top" |
| Image: "busybox" |
| ImageID: "sha256:2b8fd9751c4c0f5dd266fcae00707e67a2545ef34f9a29354585f93dac906749" |
| Command: "top" |
| Created: 1472592424 |
| Ports: [] |
| SizeRootFs: 1092588 |
| Labels: {} |
| State: "exited" |
| Status: "Exited (0) 56 minutes ago" |
| HostConfig: |
| NetworkMode: "default" |
| NetworkSettings: |
| Networks: |
| bridge: |
| IPAMConfig: null |
| Links: null |
| Aliases: null |
| NetworkID: "d687bc59335f0e5c9ee8193e5612e8aee000c8c62ea170cfb99c098f95899d92" |
| EndpointID: "8ed5115aeaad9abb174f68dcf135b49f11daf597678315231a32ca28441dec6a" |
| Gateway: "172.18.0.1" |
| IPAddress: "172.18.0.2" |
| IPPrefixLen: 16 |
| IPv6Gateway: "" |
| GlobalIPv6Address: "" |
| GlobalIPv6PrefixLen: 0 |
| MacAddress: "02:42:ac:12:00:02" |
| Mounts: [] |
| Volumes: |
| - |
| Name: "my-volume" |
| Driver: "local" |
| Mountpoint: "/var/lib/docker/volumes/my-volume/_data" |
| Labels: null |
| Scope: "local" |
| Options: null |
| UsageData: |
| Size: 10920104 |
| RefCount: 2 |
| BuildCache: |
| - |
| ID: "hw53o5aio51xtltp5xjp8v7fx" |
| Parents: [] |
| Type: "regular" |
| Description: "pulled from docker.io/library/debian@sha256:234cb88d3020898631af0ccbbcca9a66ae7306ecd30c9720690858c1b007d2a0" |
| InUse: false |
| Shared: true |
| Size: 0 |
| CreatedAt: "2021-06-28T13:31:01.474619385Z" |
| LastUsedAt: "2021-07-07T22:02:32.738075951Z" |
| UsageCount: 26 |
| - |
| ID: "ndlpt0hhvkqcdfkputsk4cq9c" |
| Parents: ["ndlpt0hhvkqcdfkputsk4cq9c"] |
| Type: "regular" |
| Description: "mount / from exec /bin/sh -c echo 'Binary::apt::APT::Keep-Downloaded-Packages \"true\";' > /etc/apt/apt.conf.d/keep-cache" |
| InUse: false |
| Shared: true |
| Size: 51 |
| CreatedAt: "2021-06-28T13:31:03.002625487Z" |
| LastUsedAt: "2021-07-07T22:02:32.773909517Z" |
| UsageCount: 26 |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "type" |
| in: "query" |
| description: | |
| Object types, for which to compute and return data. |
| type: "array" |
| collectionFormat: multi |
| items: |
| type: "string" |
| enum: ["container", "image", "volume", "build-cache"] |
| tags: ["System"] |
| /images/{name}/get: |
| get: |
| summary: "Export an image" |
| description: | |
| Get a tarball containing all images and metadata for a repository. |
| |
| If `name` is a specific name and tag (e.g. `ubuntu:latest`), then only that image (and its parents) are returned. If `name` is an image ID, similarly only that image (and its parents) are returned, but with the exclusion of the `repositories` file in the tarball, as there were no image names referenced. |
| |
| ### Image tarball format |
| |
| An image tarball contains one directory per image layer (named using its long ID), each containing these files: |
| |
| - `VERSION`: currently `1.0` - the file format version |
| - `json`: detailed layer information, similar to `docker inspect layer_id` |
| - `layer.tar`: A tarfile containing the filesystem changes in this layer |
| |
| The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories for storing attribute changes and deletions. |
| |
| If the tarball defines a repository, the tarball should also include a `repositories` file at the root that contains a list of repository and tag names mapped to layer IDs. |
| |
| ```json |
| { |
| "hello-world": { |
| "latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1" |
| } |
| } |
| ``` |
| operationId: "ImageGet" |
| produces: |
| - "application/x-tar" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "string" |
| format: "binary" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: "Image name or ID" |
| type: "string" |
| required: true |
| tags: ["Image"] |
| /images/get: |
| get: |
| summary: "Export several images" |
| description: | |
| Get a tarball containing all images and metadata for several image |
| repositories. |
| |
| For each value of the `names` parameter: if it is a specific name and |
| tag (e.g. `ubuntu:latest`), then only that image (and its parents) are |
| returned; if it is an image ID, similarly only that image (and its parents) |
| are returned and there would be no names referenced in the 'repositories' |
| file for this image ID. |
| |
| For details on the format, see the [export image endpoint](#operation/ImageGet). |
| operationId: "ImageGetAll" |
| produces: |
| - "application/x-tar" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "string" |
| format: "binary" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "names" |
| in: "query" |
| description: "Image names to filter by" |
| type: "array" |
| items: |
| type: "string" |
| tags: ["Image"] |
| /images/load: |
| post: |
| summary: "Import images" |
| description: | |
| Load a set of images and tags into a repository. |
| |
| For details on the format, see the [export image endpoint](#operation/ImageGet). |
| operationId: "ImageLoad" |
| consumes: |
| - "application/x-tar" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "imagesTarball" |
| in: "body" |
| description: "Tar archive containing images" |
| schema: |
| type: "string" |
| format: "binary" |
| - name: "quiet" |
| in: "query" |
| description: "Suppress progress details during load." |
| type: "boolean" |
| default: false |
| tags: ["Image"] |
| /containers/{id}/exec: |
| post: |
| summary: "Create an exec instance" |
| description: "Run a command inside a running container." |
| operationId: "ContainerExec" |
| consumes: |
| - "application/json" |
| produces: |
| - "application/json" |
| responses: |
| 201: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/IdResponse" |
| 404: |
| description: "no such container" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such container: c2ada9df5af8" |
| 409: |
| description: "container is paused" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "execConfig" |
| in: "body" |
| description: "Exec configuration" |
| schema: |
| type: "object" |
| title: "ExecConfig" |
| properties: |
| AttachStdin: |
| type: "boolean" |
| description: "Attach to `stdin` of the exec command." |
| AttachStdout: |
| type: "boolean" |
| description: "Attach to `stdout` of the exec command." |
| AttachStderr: |
| type: "boolean" |
| description: "Attach to `stderr` of the exec command." |
| ConsoleSize: |
| type: "array" |
| description: "Initial console size, as an `[height, width]` array." |
| x-nullable: true |
| minItems: 2 |
| maxItems: 2 |
| items: |
| type: "integer" |
| minimum: 0 |
| DetachKeys: |
| type: "string" |
| description: | |
| Override the key sequence for detaching a container. Format is |
| a single character `[a-Z]` or `ctrl-<value>` where `<value>` |
| is one of: `a-z`, `@`, `^`, `[`, `,` or `_`. |
| Tty: |
| type: "boolean" |
| description: "Allocate a pseudo-TTY." |
| Env: |
| description: | |
| A list of environment variables in the form `["VAR=value", ...]`. |
| type: "array" |
| items: |
| type: "string" |
| Cmd: |
| type: "array" |
| description: "Command to run, as a string or array of strings." |
| items: |
| type: "string" |
| Privileged: |
| type: "boolean" |
| description: "Runs the exec process with extended privileges." |
| default: false |
| User: |
| type: "string" |
| description: | |
| The user, and optionally, group to run the exec process inside |
| the container. Format is one of: `user`, `user:group`, `uid`, |
| or `uid:gid`. |
| WorkingDir: |
| type: "string" |
| description: | |
| The working directory for the exec process inside the container. |
| example: |
| AttachStdin: false |
| AttachStdout: true |
| AttachStderr: true |
| DetachKeys: "ctrl-p,ctrl-q" |
| Tty: false |
| Cmd: |
| - "date" |
| Env: |
| - "FOO=bar" |
| - "BAZ=quux" |
| required: true |
| - name: "id" |
| in: "path" |
| description: "ID or name of container" |
| type: "string" |
| required: true |
| tags: ["Exec"] |
| /exec/{id}/start: |
| post: |
| summary: "Start an exec instance" |
| description: | |
| Starts a previously set up exec instance. If detach is true, this endpoint |
| returns immediately after starting the command. Otherwise, it sets up an |
| interactive session with the command. |
| operationId: "ExecStart" |
| consumes: |
| - "application/json" |
| produces: |
| - "application/vnd.docker.raw-stream" |
| - "application/vnd.docker.multiplexed-stream" |
| responses: |
| 200: |
| description: "No error" |
| 404: |
| description: "No such exec instance" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 409: |
| description: "Container is stopped or paused" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "execStartConfig" |
| in: "body" |
| schema: |
| type: "object" |
| title: "ExecStartConfig" |
| properties: |
| Detach: |
| type: "boolean" |
| description: "Detach from the command." |
| Tty: |
| type: "boolean" |
| description: "Allocate a pseudo-TTY." |
| ConsoleSize: |
| type: "array" |
| description: "Initial console size, as an `[height, width]` array." |
| x-nullable: true |
| minItems: 2 |
| maxItems: 2 |
| items: |
| type: "integer" |
| minimum: 0 |
| example: |
| Detach: false |
| Tty: true |
| ConsoleSize: [80, 64] |
| - name: "id" |
| in: "path" |
| description: "Exec instance ID" |
| required: true |
| type: "string" |
| tags: ["Exec"] |
| /exec/{id}/resize: |
| post: |
| summary: "Resize an exec instance" |
| description: | |
| Resize the TTY session used by an exec instance. This endpoint only works |
| if `tty` was specified as part of creating and starting the exec instance. |
| operationId: "ExecResize" |
| responses: |
| 200: |
| description: "No error" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "No such exec instance" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "Exec instance ID" |
| required: true |
| type: "string" |
| - name: "h" |
| in: "query" |
| description: "Height of the TTY session in characters" |
| type: "integer" |
| - name: "w" |
| in: "query" |
| description: "Width of the TTY session in characters" |
| type: "integer" |
| tags: ["Exec"] |
| /exec/{id}/json: |
| get: |
| summary: "Inspect an exec instance" |
| description: "Return low-level information about an exec instance." |
| operationId: "ExecInspect" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| type: "object" |
| title: "ExecInspectResponse" |
| properties: |
| CanRemove: |
| type: "boolean" |
| DetachKeys: |
| type: "string" |
| ID: |
| type: "string" |
| Running: |
| type: "boolean" |
| ExitCode: |
| type: "integer" |
| ProcessConfig: |
| $ref: "#/definitions/ProcessConfig" |
| OpenStdin: |
| type: "boolean" |
| OpenStderr: |
| type: "boolean" |
| OpenStdout: |
| type: "boolean" |
| ContainerID: |
| type: "string" |
| Pid: |
| type: "integer" |
| description: "The system process ID for the exec process." |
| examples: |
| application/json: |
| CanRemove: false |
| ContainerID: "b53ee82b53a40c7dca428523e34f741f3abc51d9f297a14ff874bf761b995126" |
| DetachKeys: "" |
| ExitCode: 2 |
| ID: "f33bbfb39f5b142420f4759b2348913bd4a8d1a6d7fd56499cb41a1bb91d7b3b" |
| OpenStderr: true |
| OpenStdin: true |
| OpenStdout: true |
| ProcessConfig: |
| arguments: |
| - "-c" |
| - "exit 2" |
| entrypoint: "sh" |
| privileged: false |
| tty: true |
| user: "1000" |
| Running: false |
| Pid: 42000 |
| 404: |
| description: "No such exec instance" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "Exec instance ID" |
| required: true |
| type: "string" |
| tags: ["Exec"] |
| |
| /volumes: |
| get: |
| summary: "List volumes" |
| operationId: "VolumeList" |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "Summary volume data that matches the query" |
| schema: |
| $ref: "#/definitions/VolumeListResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "filters" |
| in: "query" |
| description: | |
| JSON encoded value of the filters (a `map[string][]string`) to |
| process on the volumes list. Available filters: |
| |
| - `dangling=<boolean>` When set to `true` (or `1`), returns all |
| volumes that are not in use by a container. When set to `false` |
| (or `0`), only volumes that are in use by one or more |
| containers are returned. |
| - `driver=<volume-driver-name>` Matches volumes based on their driver. |
| - `label=<key>` or `label=<key>:<value>` Matches volumes based on |
| the presence of a `label` alone or a `label` and a value. |
| - `name=<volume-name>` Matches all or part of a volume name. |
| type: "string" |
| format: "json" |
| tags: ["Volume"] |
| |
| /volumes/create: |
| post: |
| summary: "Create a volume" |
| operationId: "VolumeCreate" |
| consumes: ["application/json"] |
| produces: ["application/json"] |
| responses: |
| 201: |
| description: "The volume was created successfully" |
| schema: |
| $ref: "#/definitions/Volume" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "volumeConfig" |
| in: "body" |
| required: true |
| description: "Volume configuration" |
| schema: |
| $ref: "#/definitions/VolumeCreateOptions" |
| tags: ["Volume"] |
| |
| /volumes/{name}: |
| get: |
| summary: "Inspect a volume" |
| operationId: "VolumeInspect" |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| $ref: "#/definitions/Volume" |
| 404: |
| description: "No such volume" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| required: true |
| description: "Volume name or ID" |
| type: "string" |
| tags: ["Volume"] |
| |
| put: |
| summary: | |
| "Update a volume. Valid only for Swarm cluster volumes" |
| operationId: "VolumeUpdate" |
| consumes: ["application/json"] |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "no error" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such volume" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: "The name or ID of the volume" |
| type: "string" |
| required: true |
| - name: "body" |
| in: "body" |
| schema: |
| # though the schema for is an object that contains only a |
| # ClusterVolumeSpec, wrapping the ClusterVolumeSpec in this object |
| # means that if, later on, we support things like changing the |
| # labels, we can do so without duplicating that information to the |
| # ClusterVolumeSpec. |
| type: "object" |
| description: "Volume configuration" |
| properties: |
| Spec: |
| $ref: "#/definitions/ClusterVolumeSpec" |
| description: | |
| The spec of the volume to update. Currently, only Availability may |
| change. All other fields must remain unchanged. |
| - name: "version" |
| in: "query" |
| description: | |
| The version number of the volume being updated. This is required to |
| avoid conflicting writes. Found in the volume's `ClusterVolume` |
| field. |
| type: "integer" |
| format: "int64" |
| required: true |
| tags: ["Volume"] |
| |
| delete: |
| summary: "Remove a volume" |
| description: "Instruct the driver to remove the volume." |
| operationId: "VolumeDelete" |
| responses: |
| 204: |
| description: "The volume was removed" |
| 404: |
| description: "No such volume or volume driver" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 409: |
| description: "Volume is in use and cannot be removed" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| required: true |
| description: "Volume name or ID" |
| type: "string" |
| - name: "force" |
| in: "query" |
| description: "Force the removal of the volume" |
| type: "boolean" |
| default: false |
| tags: ["Volume"] |
| |
| /volumes/prune: |
| post: |
| summary: "Delete unused volumes" |
| produces: |
| - "application/json" |
| operationId: "VolumePrune" |
| parameters: |
| - name: "filters" |
| in: "query" |
| description: | |
| Filters to process on the prune list, encoded as JSON (a `map[string][]string`). |
| |
| Available filters: |
| - `label` (`label=<key>`, `label=<key>=<value>`, `label!=<key>`, or `label!=<key>=<value>`) Prune volumes with (or without, in case `label!=...` is used) the specified labels. |
| - `all` (`all=true`) - Consider all (local) volumes for pruning and not just anonymous volumes. |
| type: "string" |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| type: "object" |
| title: "VolumePruneResponse" |
| properties: |
| VolumesDeleted: |
| description: "Volumes that were deleted" |
| type: "array" |
| items: |
| type: "string" |
| SpaceReclaimed: |
| description: "Disk space reclaimed in bytes" |
| type: "integer" |
| format: "int64" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Volume"] |
| /networks: |
| get: |
| summary: "List networks" |
| description: | |
| Returns a list of networks. For details on the format, see the |
| [network inspect endpoint](#operation/NetworkInspect). |
| |
| Note that it uses a different, smaller representation of a network than |
| inspecting a single network. For example, the list of containers attached |
| to the network is not propagated in API versions 1.28 and up. |
| operationId: "NetworkList" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/Network" |
| examples: |
| application/json: |
| - Name: "bridge" |
| Id: "f2de39df4171b0dc801e8002d1d999b77256983dfc63041c0f34030aa3977566" |
| Created: "2016-10-19T06:21:00.416543526Z" |
| Scope: "local" |
| Driver: "bridge" |
| EnableIPv6: false |
| Internal: false |
| Attachable: false |
| Ingress: false |
| IPAM: |
| Driver: "default" |
| Config: |
| - |
| Subnet: "172.17.0.0/16" |
| Options: |
| com.docker.network.bridge.default_bridge: "true" |
| com.docker.network.bridge.enable_icc: "true" |
| com.docker.network.bridge.enable_ip_masquerade: "true" |
| com.docker.network.bridge.host_binding_ipv4: "0.0.0.0" |
| com.docker.network.bridge.name: "docker0" |
| com.docker.network.driver.mtu: "1500" |
| - Name: "none" |
| Id: "e086a3893b05ab69242d3c44e49483a3bbbd3a26b46baa8f61ab797c1088d794" |
| Created: "0001-01-01T00:00:00Z" |
| Scope: "local" |
| Driver: "null" |
| EnableIPv6: false |
| Internal: false |
| Attachable: false |
| Ingress: false |
| IPAM: |
| Driver: "default" |
| Config: [] |
| Containers: {} |
| Options: {} |
| - Name: "host" |
| Id: "13e871235c677f196c4e1ecebb9dc733b9b2d2ab589e30c539efeda84a24215e" |
| Created: "0001-01-01T00:00:00Z" |
| Scope: "local" |
| Driver: "host" |
| EnableIPv6: false |
| Internal: false |
| Attachable: false |
| Ingress: false |
| IPAM: |
| Driver: "default" |
| Config: [] |
| Containers: {} |
| Options: {} |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "filters" |
| in: "query" |
| description: | |
| JSON encoded value of the filters (a `map[string][]string`) to process |
| on the networks list. |
| |
| Available filters: |
| |
| - `dangling=<boolean>` When set to `true` (or `1`), returns all |
| networks that are not in use by a container. When set to `false` |
| (or `0`), only networks that are in use by one or more |
| containers are returned. |
| - `driver=<driver-name>` Matches a network's driver. |
| - `id=<network-id>` Matches all or part of a network ID. |
| - `label=<key>` or `label=<key>=<value>` of a network label. |
| - `name=<network-name>` Matches all or part of a network name. |
| - `scope=["swarm"|"global"|"local"]` Filters networks by scope (`swarm`, `global`, or `local`). |
| - `type=["custom"|"builtin"]` Filters networks by type. The `custom` keyword returns all user-defined networks. |
| type: "string" |
| tags: ["Network"] |
| |
| /networks/{id}: |
| get: |
| summary: "Inspect a network" |
| operationId: "NetworkInspect" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| $ref: "#/definitions/Network" |
| 404: |
| description: "Network not found" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "Network ID or name" |
| required: true |
| type: "string" |
| - name: "verbose" |
| in: "query" |
| description: "Detailed inspect output for troubleshooting" |
| type: "boolean" |
| default: false |
| - name: "scope" |
| in: "query" |
| description: "Filter the network by scope (swarm, global, or local)" |
| type: "string" |
| tags: ["Network"] |
| |
| delete: |
| summary: "Remove a network" |
| operationId: "NetworkDelete" |
| responses: |
| 204: |
| description: "No error" |
| 403: |
| description: "operation not supported for pre-defined networks" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such network" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "Network ID or name" |
| required: true |
| type: "string" |
| tags: ["Network"] |
| |
| /networks/create: |
| post: |
| summary: "Create a network" |
| operationId: "NetworkCreate" |
| consumes: |
| - "application/json" |
| produces: |
| - "application/json" |
| responses: |
| 201: |
| description: "No error" |
| schema: |
| type: "object" |
| title: "NetworkCreateResponse" |
| properties: |
| Id: |
| description: "The ID of the created network." |
| type: "string" |
| Warning: |
| type: "string" |
| example: |
| Id: "22be93d5babb089c5aab8dbc369042fad48ff791584ca2da2100db837a1c7c30" |
| Warning: "" |
| 403: |
| description: "operation not supported for pre-defined networks" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "plugin not found" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "networkConfig" |
| in: "body" |
| description: "Network configuration" |
| required: true |
| schema: |
| type: "object" |
| title: "NetworkCreateRequest" |
| required: ["Name"] |
| properties: |
| Name: |
| description: "The network's name." |
| type: "string" |
| CheckDuplicate: |
| description: | |
| Check for networks with duplicate names. Since Network is |
| primarily keyed based on a random ID and not on the name, and |
| network name is strictly a user-friendly alias to the network |
| which is uniquely identified using ID, there is no guaranteed |
| way to check for duplicates. CheckDuplicate is there to provide |
| a best effort checking of any networks which has the same name |
| but it is not guaranteed to catch all name collisions. |
| type: "boolean" |
| Driver: |
| description: "Name of the network driver plugin to use." |
| type: "string" |
| default: "bridge" |
| Internal: |
| description: "Restrict external access to the network." |
| type: "boolean" |
| Attachable: |
| description: | |
| Globally scoped network is manually attachable by regular |
| containers from workers in swarm mode. |
| type: "boolean" |
| Ingress: |
| description: | |
| Ingress network is the network which provides the routing-mesh |
| in swarm mode. |
| type: "boolean" |
| IPAM: |
| description: "Optional custom IP scheme for the network." |
| $ref: "#/definitions/IPAM" |
| EnableIPv6: |
| description: "Enable IPv6 on the network." |
| type: "boolean" |
| Options: |
| description: "Network specific options to be used by the drivers." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| Labels: |
| description: "User-defined key/value metadata." |
| type: "object" |
| additionalProperties: |
| type: "string" |
| example: |
| Name: "isolated_nw" |
| CheckDuplicate: false |
| Driver: "bridge" |
| EnableIPv6: true |
| IPAM: |
| Driver: "default" |
| Config: |
| - Subnet: "172.20.0.0/16" |
| IPRange: "172.20.10.0/24" |
| Gateway: "172.20.10.11" |
| - Subnet: "2001:db8:abcd::/64" |
| Gateway: "2001:db8:abcd::1011" |
| Options: |
| foo: "bar" |
| Internal: true |
| Attachable: false |
| Ingress: false |
| Options: |
| com.docker.network.bridge.default_bridge: "true" |
| com.docker.network.bridge.enable_icc: "true" |
| com.docker.network.bridge.enable_ip_masquerade: "true" |
| com.docker.network.bridge.host_binding_ipv4: "0.0.0.0" |
| com.docker.network.bridge.name: "docker0" |
| com.docker.network.driver.mtu: "1500" |
| Labels: |
| com.example.some-label: "some-value" |
| com.example.some-other-label: "some-other-value" |
| tags: ["Network"] |
| |
| /networks/{id}/connect: |
| post: |
| summary: "Connect a container to a network" |
| operationId: "NetworkConnect" |
| consumes: |
| - "application/json" |
| responses: |
| 200: |
| description: "No error" |
| 403: |
| description: "Operation not supported for swarm scoped networks" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "Network or container not found" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "Network ID or name" |
| required: true |
| type: "string" |
| - name: "container" |
| in: "body" |
| required: true |
| schema: |
| type: "object" |
| title: "NetworkConnectRequest" |
| properties: |
| Container: |
| type: "string" |
| description: "The ID or name of the container to connect to the network." |
| EndpointConfig: |
| $ref: "#/definitions/EndpointSettings" |
| example: |
| Container: "3613f73ba0e4" |
| EndpointConfig: |
| IPAMConfig: |
| IPv4Address: "172.24.56.89" |
| IPv6Address: "2001:db8::5689" |
| tags: ["Network"] |
| |
| /networks/{id}/disconnect: |
| post: |
| summary: "Disconnect a container from a network" |
| operationId: "NetworkDisconnect" |
| consumes: |
| - "application/json" |
| responses: |
| 200: |
| description: "No error" |
| 403: |
| description: "Operation not supported for swarm scoped networks" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "Network or container not found" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "Network ID or name" |
| required: true |
| type: "string" |
| - name: "container" |
| in: "body" |
| required: true |
| schema: |
| type: "object" |
| title: "NetworkDisconnectRequest" |
| properties: |
| Container: |
| type: "string" |
| description: | |
| The ID or name of the container to disconnect from the network. |
| Force: |
| type: "boolean" |
| description: | |
| Force the container to disconnect from the network. |
| tags: ["Network"] |
| /networks/prune: |
| post: |
| summary: "Delete unused networks" |
| produces: |
| - "application/json" |
| operationId: "NetworkPrune" |
| parameters: |
| - name: "filters" |
| in: "query" |
| description: | |
| Filters to process on the prune list, encoded as JSON (a `map[string][]string`). |
| |
| Available filters: |
| - `until=<timestamp>` Prune networks created before this timestamp. The `<timestamp>` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. |
| - `label` (`label=<key>`, `label=<key>=<value>`, `label!=<key>`, or `label!=<key>=<value>`) Prune networks with (or without, in case `label!=...` is used) the specified labels. |
| type: "string" |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| type: "object" |
| title: "NetworkPruneResponse" |
| properties: |
| NetworksDeleted: |
| description: "Networks that were deleted" |
| type: "array" |
| items: |
| type: "string" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Network"] |
| /plugins: |
| get: |
| summary: "List plugins" |
| operationId: "PluginList" |
| description: "Returns information about installed plugins." |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "No error" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/Plugin" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "filters" |
| in: "query" |
| type: "string" |
| description: | |
| A JSON encoded value of the filters (a `map[string][]string`) to |
| process on the plugin list. |
| |
| Available filters: |
| |
| - `capability=<capability name>` |
| - `enable=<true>|<false>` |
| tags: ["Plugin"] |
| |
| /plugins/privileges: |
| get: |
| summary: "Get plugin privileges" |
| operationId: "GetPluginPrivileges" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/PluginPrivilege" |
| example: |
| - Name: "network" |
| Description: "" |
| Value: |
| - "host" |
| - Name: "mount" |
| Description: "" |
| Value: |
| - "/data" |
| - Name: "device" |
| Description: "" |
| Value: |
| - "/dev/cpu_dma_latency" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "remote" |
| in: "query" |
| description: | |
| The name of the plugin. The `:latest` tag is optional, and is the |
| default if omitted. |
| required: true |
| type: "string" |
| tags: |
| - "Plugin" |
| |
| /plugins/pull: |
| post: |
| summary: "Install a plugin" |
| operationId: "PluginPull" |
| description: | |
| Pulls and installs a plugin. After the plugin is installed, it can be |
| enabled using the [`POST /plugins/{name}/enable` endpoint](#operation/PostPluginsEnable). |
| produces: |
| - "application/json" |
| responses: |
| 204: |
| description: "no error" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "remote" |
| in: "query" |
| description: | |
| Remote reference for plugin to install. |
| |
| The `:latest` tag is optional, and is used as the default if omitted. |
| required: true |
| type: "string" |
| - name: "name" |
| in: "query" |
| description: | |
| Local name for the pulled plugin. |
| |
| The `:latest` tag is optional, and is used as the default if omitted. |
| required: false |
| type: "string" |
| - name: "X-Registry-Auth" |
| in: "header" |
| description: | |
| A base64url-encoded auth configuration to use when pulling a plugin |
| from a registry. |
| |
| Refer to the [authentication section](#section/Authentication) for |
| details. |
| type: "string" |
| - name: "body" |
| in: "body" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/PluginPrivilege" |
| example: |
| - Name: "network" |
| Description: "" |
| Value: |
| - "host" |
| - Name: "mount" |
| Description: "" |
| Value: |
| - "/data" |
| - Name: "device" |
| Description: "" |
| Value: |
| - "/dev/cpu_dma_latency" |
| tags: ["Plugin"] |
| /plugins/{name}/json: |
| get: |
| summary: "Inspect a plugin" |
| operationId: "PluginInspect" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/Plugin" |
| 404: |
| description: "plugin is not installed" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: | |
| The name of the plugin. The `:latest` tag is optional, and is the |
| default if omitted. |
| required: true |
| type: "string" |
| tags: ["Plugin"] |
| /plugins/{name}: |
| delete: |
| summary: "Remove a plugin" |
| operationId: "PluginDelete" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/Plugin" |
| 404: |
| description: "plugin is not installed" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: | |
| The name of the plugin. The `:latest` tag is optional, and is the |
| default if omitted. |
| required: true |
| type: "string" |
| - name: "force" |
| in: "query" |
| description: | |
| Disable the plugin before removing. This may result in issues if the |
| plugin is in use by a container. |
| type: "boolean" |
| default: false |
| tags: ["Plugin"] |
| /plugins/{name}/enable: |
| post: |
| summary: "Enable a plugin" |
| operationId: "PluginEnable" |
| responses: |
| 200: |
| description: "no error" |
| 404: |
| description: "plugin is not installed" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: | |
| The name of the plugin. The `:latest` tag is optional, and is the |
| default if omitted. |
| required: true |
| type: "string" |
| - name: "timeout" |
| in: "query" |
| description: "Set the HTTP client timeout (in seconds)" |
| type: "integer" |
| default: 0 |
| tags: ["Plugin"] |
| /plugins/{name}/disable: |
| post: |
| summary: "Disable a plugin" |
| operationId: "PluginDisable" |
| responses: |
| 200: |
| description: "no error" |
| 404: |
| description: "plugin is not installed" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: | |
| The name of the plugin. The `:latest` tag is optional, and is the |
| default if omitted. |
| required: true |
| type: "string" |
| tags: ["Plugin"] |
| /plugins/{name}/upgrade: |
| post: |
| summary: "Upgrade a plugin" |
| operationId: "PluginUpgrade" |
| responses: |
| 204: |
| description: "no error" |
| 404: |
| description: "plugin not installed" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: | |
| The name of the plugin. The `:latest` tag is optional, and is the |
| default if omitted. |
| required: true |
| type: "string" |
| - name: "remote" |
| in: "query" |
| description: | |
| Remote reference to upgrade to. |
| |
| The `:latest` tag is optional, and is used as the default if omitted. |
| required: true |
| type: "string" |
| - name: "X-Registry-Auth" |
| in: "header" |
| description: | |
| A base64url-encoded auth configuration to use when pulling a plugin |
| from a registry. |
| |
| Refer to the [authentication section](#section/Authentication) for |
| details. |
| type: "string" |
| - name: "body" |
| in: "body" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/PluginPrivilege" |
| example: |
| - Name: "network" |
| Description: "" |
| Value: |
| - "host" |
| - Name: "mount" |
| Description: "" |
| Value: |
| - "/data" |
| - Name: "device" |
| Description: "" |
| Value: |
| - "/dev/cpu_dma_latency" |
| tags: ["Plugin"] |
| /plugins/create: |
| post: |
| summary: "Create a plugin" |
| operationId: "PluginCreate" |
| consumes: |
| - "application/x-tar" |
| responses: |
| 204: |
| description: "no error" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "query" |
| description: | |
| The name of the plugin. The `:latest` tag is optional, and is the |
| default if omitted. |
| required: true |
| type: "string" |
| - name: "tarContext" |
| in: "body" |
| description: "Path to tar containing plugin rootfs and manifest" |
| schema: |
| type: "string" |
| format: "binary" |
| tags: ["Plugin"] |
| /plugins/{name}/push: |
| post: |
| summary: "Push a plugin" |
| operationId: "PluginPush" |
| description: | |
| Push a plugin to the registry. |
| parameters: |
| - name: "name" |
| in: "path" |
| description: | |
| The name of the plugin. The `:latest` tag is optional, and is the |
| default if omitted. |
| required: true |
| type: "string" |
| responses: |
| 200: |
| description: "no error" |
| 404: |
| description: "plugin not installed" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Plugin"] |
| /plugins/{name}/set: |
| post: |
| summary: "Configure a plugin" |
| operationId: "PluginSet" |
| consumes: |
| - "application/json" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: | |
| The name of the plugin. The `:latest` tag is optional, and is the |
| default if omitted. |
| required: true |
| type: "string" |
| - name: "body" |
| in: "body" |
| schema: |
| type: "array" |
| items: |
| type: "string" |
| example: ["DEBUG=1"] |
| responses: |
| 204: |
| description: "No error" |
| 404: |
| description: "Plugin not installed" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Plugin"] |
| /nodes: |
| get: |
| summary: "List nodes" |
| operationId: "NodeList" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/Node" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "filters" |
| in: "query" |
| description: | |
| Filters to process on the nodes list, encoded as JSON (a `map[string][]string`). |
| |
| Available filters: |
| - `id=<node id>` |
| - `label=<engine label>` |
| - `membership=`(`accepted`|`pending`)` |
| - `name=<node name>` |
| - `node.label=<node label>` |
| - `role=`(`manager`|`worker`)` |
| type: "string" |
| tags: ["Node"] |
| /nodes/{id}: |
| get: |
| summary: "Inspect a node" |
| operationId: "NodeInspect" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/Node" |
| 404: |
| description: "no such node" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "The ID or name of the node" |
| type: "string" |
| required: true |
| tags: ["Node"] |
| delete: |
| summary: "Delete a node" |
| operationId: "NodeDelete" |
| responses: |
| 200: |
| description: "no error" |
| 404: |
| description: "no such node" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "The ID or name of the node" |
| type: "string" |
| required: true |
| - name: "force" |
| in: "query" |
| description: "Force remove a node from the swarm" |
| default: false |
| type: "boolean" |
| tags: ["Node"] |
| /nodes/{id}/update: |
| post: |
| summary: "Update a node" |
| operationId: "NodeUpdate" |
| responses: |
| 200: |
| description: "no error" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such node" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "The ID of the node" |
| type: "string" |
| required: true |
| - name: "body" |
| in: "body" |
| schema: |
| $ref: "#/definitions/NodeSpec" |
| - name: "version" |
| in: "query" |
| description: | |
| The version number of the node object being updated. This is required |
| to avoid conflicting writes. |
| type: "integer" |
| format: "int64" |
| required: true |
| tags: ["Node"] |
| /swarm: |
| get: |
| summary: "Inspect swarm" |
| operationId: "SwarmInspect" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/Swarm" |
| 404: |
| description: "no such swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Swarm"] |
| /swarm/init: |
| post: |
| summary: "Initialize a new swarm" |
| operationId: "SwarmInit" |
| produces: |
| - "application/json" |
| - "text/plain" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| description: "The node ID" |
| type: "string" |
| example: "7v2t30z9blmxuhnyo6s4cpenp" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is already part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "body" |
| in: "body" |
| required: true |
| schema: |
| type: "object" |
| title: "SwarmInitRequest" |
| properties: |
| ListenAddr: |
| description: | |
| Listen address used for inter-manager communication, as well |
| as determining the networking interface used for the VXLAN |
| Tunnel Endpoint (VTEP). This can either be an address/port |
| combination in the form `192.168.1.1:4567`, or an interface |
| followed by a port number, like `eth0:4567`. If the port number |
| is omitted, the default swarm listening port is used. |
| type: "string" |
| AdvertiseAddr: |
| description: | |
| Externally reachable address advertised to other nodes. This |
| can either be an address/port combination in the form |
| `192.168.1.1:4567`, or an interface followed by a port number, |
| like `eth0:4567`. If the port number is omitted, the port |
| number from the listen address is used. If `AdvertiseAddr` is |
| not specified, it will be automatically detected when possible. |
| type: "string" |
| DataPathAddr: |
| description: | |
| Address or interface to use for data path traffic (format: |
| `<ip|interface>`), for example, `192.168.1.1`, or an interface, |
| like `eth0`. If `DataPathAddr` is unspecified, the same address |
| as `AdvertiseAddr` is used. |
| |
| The `DataPathAddr` specifies the address that global scope |
| network drivers will publish towards other nodes in order to |
| reach the containers running on this node. Using this parameter |
| it is possible to separate the container data traffic from the |
| management traffic of the cluster. |
| type: "string" |
| DataPathPort: |
| description: | |
| DataPathPort specifies the data path port number for data traffic. |
| Acceptable port range is 1024 to 49151. |
| if no port is set or is set to 0, default port 4789 will be used. |
| type: "integer" |
| format: "uint32" |
| DefaultAddrPool: |
| description: | |
| Default Address Pool specifies default subnet pools for global |
| scope networks. |
| type: "array" |
| items: |
| type: "string" |
| example: ["10.10.0.0/16", "20.20.0.0/16"] |
| ForceNewCluster: |
| description: "Force creation of a new swarm." |
| type: "boolean" |
| SubnetSize: |
| description: | |
| SubnetSize specifies the subnet size of the networks created |
| from the default subnet pool. |
| type: "integer" |
| format: "uint32" |
| Spec: |
| $ref: "#/definitions/SwarmSpec" |
| example: |
| ListenAddr: "0.0.0.0:2377" |
| AdvertiseAddr: "192.168.1.1:2377" |
| DataPathPort: 4789 |
| DefaultAddrPool: ["10.10.0.0/8", "20.20.0.0/8"] |
| SubnetSize: 24 |
| ForceNewCluster: false |
| Spec: |
| Orchestration: {} |
| Raft: {} |
| Dispatcher: {} |
| CAConfig: {} |
| EncryptionConfig: |
| AutoLockManagers: false |
| tags: ["Swarm"] |
| /swarm/join: |
| post: |
| summary: "Join an existing swarm" |
| operationId: "SwarmJoin" |
| responses: |
| 200: |
| description: "no error" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is already part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "body" |
| in: "body" |
| required: true |
| schema: |
| type: "object" |
| title: "SwarmJoinRequest" |
| properties: |
| ListenAddr: |
| description: | |
| Listen address used for inter-manager communication if the node |
| gets promoted to manager, as well as determining the networking |
| interface used for the VXLAN Tunnel Endpoint (VTEP). |
| type: "string" |
| AdvertiseAddr: |
| description: | |
| Externally reachable address advertised to other nodes. This |
| can either be an address/port combination in the form |
| `192.168.1.1:4567`, or an interface followed by a port number, |
| like `eth0:4567`. If the port number is omitted, the port |
| number from the listen address is used. If `AdvertiseAddr` is |
| not specified, it will be automatically detected when possible. |
| type: "string" |
| DataPathAddr: |
| description: | |
| Address or interface to use for data path traffic (format: |
| `<ip|interface>`), for example, `192.168.1.1`, or an interface, |
| like `eth0`. If `DataPathAddr` is unspecified, the same address |
| as `AdvertiseAddr` is used. |
| |
| The `DataPathAddr` specifies the address that global scope |
| network drivers will publish towards other nodes in order to |
| reach the containers running on this node. Using this parameter |
| it is possible to separate the container data traffic from the |
| management traffic of the cluster. |
| |
| type: "string" |
| RemoteAddrs: |
| description: | |
| Addresses of manager nodes already participating in the swarm. |
| type: "array" |
| items: |
| type: "string" |
| JoinToken: |
| description: "Secret token for joining this swarm." |
| type: "string" |
| example: |
| ListenAddr: "0.0.0.0:2377" |
| AdvertiseAddr: "192.168.1.1:2377" |
| RemoteAddrs: |
| - "node1:2377" |
| JoinToken: "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2" |
| tags: ["Swarm"] |
| /swarm/leave: |
| post: |
| summary: "Leave a swarm" |
| operationId: "SwarmLeave" |
| responses: |
| 200: |
| description: "no error" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "force" |
| description: | |
| Force leave swarm, even if this is the last manager or that it will |
| break the cluster. |
| in: "query" |
| type: "boolean" |
| default: false |
| tags: ["Swarm"] |
| /swarm/update: |
| post: |
| summary: "Update a swarm" |
| operationId: "SwarmUpdate" |
| responses: |
| 200: |
| description: "no error" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "body" |
| in: "body" |
| required: true |
| schema: |
| $ref: "#/definitions/SwarmSpec" |
| - name: "version" |
| in: "query" |
| description: | |
| The version number of the swarm object being updated. This is |
| required to avoid conflicting writes. |
| type: "integer" |
| format: "int64" |
| required: true |
| - name: "rotateWorkerToken" |
| in: "query" |
| description: "Rotate the worker join token." |
| type: "boolean" |
| default: false |
| - name: "rotateManagerToken" |
| in: "query" |
| description: "Rotate the manager join token." |
| type: "boolean" |
| default: false |
| - name: "rotateManagerUnlockKey" |
| in: "query" |
| description: "Rotate the manager unlock key." |
| type: "boolean" |
| default: false |
| tags: ["Swarm"] |
| /swarm/unlockkey: |
| get: |
| summary: "Get the unlock key" |
| operationId: "SwarmUnlockkey" |
| consumes: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "object" |
| title: "UnlockKeyResponse" |
| properties: |
| UnlockKey: |
| description: "The swarm's unlock key." |
| type: "string" |
| example: |
| UnlockKey: "SWMKEY-1-7c37Cc8654o6p38HnroywCi19pllOnGtbdZEgtKxZu8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Swarm"] |
| /swarm/unlock: |
| post: |
| summary: "Unlock a locked manager" |
| operationId: "SwarmUnlock" |
| consumes: |
| - "application/json" |
| produces: |
| - "application/json" |
| parameters: |
| - name: "body" |
| in: "body" |
| required: true |
| schema: |
| type: "object" |
| title: "SwarmUnlockRequest" |
| properties: |
| UnlockKey: |
| description: "The swarm's unlock key." |
| type: "string" |
| example: |
| UnlockKey: "SWMKEY-1-7c37Cc8654o6p38HnroywCi19pllOnGtbdZEgtKxZu8" |
| responses: |
| 200: |
| description: "no error" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Swarm"] |
| /services: |
| get: |
| summary: "List services" |
| operationId: "ServiceList" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/Service" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "filters" |
| in: "query" |
| type: "string" |
| description: | |
| A JSON encoded value of the filters (a `map[string][]string`) to |
| process on the services list. |
| |
| Available filters: |
| |
| - `id=<service id>` |
| - `label=<service label>` |
| - `mode=["replicated"|"global"]` |
| - `name=<service name>` |
| - name: "status" |
| in: "query" |
| type: "boolean" |
| description: | |
| Include service status, with count of running and desired tasks. |
| tags: ["Service"] |
| /services/create: |
| post: |
| summary: "Create a service" |
| operationId: "ServiceCreate" |
| consumes: |
| - "application/json" |
| produces: |
| - "application/json" |
| responses: |
| 201: |
| description: "no error" |
| schema: |
| type: "object" |
| title: "ServiceCreateResponse" |
| properties: |
| ID: |
| description: "The ID of the created service." |
| type: "string" |
| Warning: |
| description: "Optional warning message" |
| type: "string" |
| example: |
| ID: "ak7w3gjqoa3kuz8xcpnyy0pvl" |
| Warning: "unable to pin image doesnotexist:latest to digest: image library/doesnotexist:latest not found" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 403: |
| description: "network is not eligible for services" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 409: |
| description: "name conflicts with an existing service" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "body" |
| in: "body" |
| required: true |
| schema: |
| allOf: |
| - $ref: "#/definitions/ServiceSpec" |
| - type: "object" |
| example: |
| Name: "web" |
| TaskTemplate: |
| ContainerSpec: |
| Image: "nginx:alpine" |
| Mounts: |
| - |
| ReadOnly: true |
| Source: "web-data" |
| Target: "/usr/share/nginx/html" |
| Type: "volume" |
| VolumeOptions: |
| DriverConfig: {} |
| Labels: |
| com.example.something: "something-value" |
| Hosts: ["10.10.10.10 host1", "ABCD:EF01:2345:6789:ABCD:EF01:2345:6789 host2"] |
| User: "33" |
| DNSConfig: |
| Nameservers: ["8.8.8.8"] |
| Search: ["example.org"] |
| Options: ["timeout:3"] |
| Secrets: |
| - |
| File: |
| Name: "www.example.org.key" |
| UID: "33" |
| GID: "33" |
| Mode: 384 |
| SecretID: "fpjqlhnwb19zds35k8wn80lq9" |
| SecretName: "example_org_domain_key" |
| LogDriver: |
| Name: "json-file" |
| Options: |
| max-file: "3" |
| max-size: "10M" |
| Placement: {} |
| Resources: |
| Limits: |
| MemoryBytes: 104857600 |
| Reservations: {} |
| RestartPolicy: |
| Condition: "on-failure" |
| Delay: 10000000000 |
| MaxAttempts: 10 |
| Mode: |
| Replicated: |
| Replicas: 4 |
| UpdateConfig: |
| Parallelism: 2 |
| Delay: 1000000000 |
| FailureAction: "pause" |
| Monitor: 15000000000 |
| MaxFailureRatio: 0.15 |
| RollbackConfig: |
| Parallelism: 1 |
| Delay: 1000000000 |
| FailureAction: "pause" |
| Monitor: 15000000000 |
| MaxFailureRatio: 0.15 |
| EndpointSpec: |
| Ports: |
| - |
| Protocol: "tcp" |
| PublishedPort: 8080 |
| TargetPort: 80 |
| Labels: |
| foo: "bar" |
| - name: "X-Registry-Auth" |
| in: "header" |
| description: | |
| A base64url-encoded auth configuration for pulling from private |
| registries. |
| |
| Refer to the [authentication section](#section/Authentication) for |
| details. |
| type: "string" |
| tags: ["Service"] |
| /services/{id}: |
| get: |
| summary: "Inspect a service" |
| operationId: "ServiceInspect" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/Service" |
| 404: |
| description: "no such service" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "ID or name of service." |
| required: true |
| type: "string" |
| - name: "insertDefaults" |
| in: "query" |
| description: "Fill empty fields with default values." |
| type: "boolean" |
| default: false |
| tags: ["Service"] |
| delete: |
| summary: "Delete a service" |
| operationId: "ServiceDelete" |
| responses: |
| 200: |
| description: "no error" |
| 404: |
| description: "no such service" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "ID or name of service." |
| required: true |
| type: "string" |
| tags: ["Service"] |
| /services/{id}/update: |
| post: |
| summary: "Update a service" |
| operationId: "ServiceUpdate" |
| consumes: ["application/json"] |
| produces: ["application/json"] |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/ServiceUpdateResponse" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such service" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "ID or name of service." |
| required: true |
| type: "string" |
| - name: "body" |
| in: "body" |
| required: true |
| schema: |
| allOf: |
| - $ref: "#/definitions/ServiceSpec" |
| - type: "object" |
| example: |
| Name: "top" |
| TaskTemplate: |
| ContainerSpec: |
| Image: "busybox" |
| Args: |
| - "top" |
| Resources: |
| Limits: {} |
| Reservations: {} |
| RestartPolicy: |
| Condition: "any" |
| MaxAttempts: 0 |
| Placement: {} |
| ForceUpdate: 0 |
| Mode: |
| Replicated: |
| Replicas: 1 |
| UpdateConfig: |
| Parallelism: 2 |
| Delay: 1000000000 |
| FailureAction: "pause" |
| Monitor: 15000000000 |
| MaxFailureRatio: 0.15 |
| RollbackConfig: |
| Parallelism: 1 |
| Delay: 1000000000 |
| FailureAction: "pause" |
| Monitor: 15000000000 |
| MaxFailureRatio: 0.15 |
| EndpointSpec: |
| Mode: "vip" |
| |
| - name: "version" |
| in: "query" |
| description: | |
| The version number of the service object being updated. This is |
| required to avoid conflicting writes. |
| This version number should be the value as currently set on the |
| service *before* the update. You can find the current version by |
| calling `GET /services/{id}` |
| required: true |
| type: "integer" |
| - name: "registryAuthFrom" |
| in: "query" |
| description: | |
| If the `X-Registry-Auth` header is not specified, this parameter |
| indicates where to find registry authorization credentials. |
| type: "string" |
| enum: ["spec", "previous-spec"] |
| default: "spec" |
| - name: "rollback" |
| in: "query" |
| description: | |
| Set to this parameter to `previous` to cause a server-side rollback |
| to the previous service spec. The supplied spec will be ignored in |
| this case. |
| type: "string" |
| - name: "X-Registry-Auth" |
| in: "header" |
| description: | |
| A base64url-encoded auth configuration for pulling from private |
| registries. |
| |
| Refer to the [authentication section](#section/Authentication) for |
| details. |
| type: "string" |
| |
| tags: ["Service"] |
| /services/{id}/logs: |
| get: |
| summary: "Get service logs" |
| description: | |
| Get `stdout` and `stderr` logs from a service. See also |
| [`/containers/{id}/logs`](#operation/ContainerLogs). |
| |
| **Note**: This endpoint works only for services with the `local`, |
| `json-file` or `journald` logging drivers. |
| produces: |
| - "application/vnd.docker.raw-stream" |
| - "application/vnd.docker.multiplexed-stream" |
| operationId: "ServiceLogs" |
| responses: |
| 200: |
| description: "logs returned as a stream in response body" |
| schema: |
| type: "string" |
| format: "binary" |
| 404: |
| description: "no such service" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such service: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID or name of the service" |
| type: "string" |
| - name: "details" |
| in: "query" |
| description: "Show service context and extra details provided to logs." |
| type: "boolean" |
| default: false |
| - name: "follow" |
| in: "query" |
| description: "Keep connection after returning logs." |
| type: "boolean" |
| default: false |
| - name: "stdout" |
| in: "query" |
| description: "Return logs from `stdout`" |
| type: "boolean" |
| default: false |
| - name: "stderr" |
| in: "query" |
| description: "Return logs from `stderr`" |
| type: "boolean" |
| default: false |
| - name: "since" |
| in: "query" |
| description: "Only return logs since this time, as a UNIX timestamp" |
| type: "integer" |
| default: 0 |
| - name: "timestamps" |
| in: "query" |
| description: "Add timestamps to every log line" |
| type: "boolean" |
| default: false |
| - name: "tail" |
| in: "query" |
| description: | |
| Only return this number of log lines from the end of the logs. |
| Specify as an integer or `all` to output all log lines. |
| type: "string" |
| default: "all" |
| tags: ["Service"] |
| /tasks: |
| get: |
| summary: "List tasks" |
| operationId: "TaskList" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/Task" |
| example: |
| - ID: "0kzzo1i0y4jz6027t0k7aezc7" |
| Version: |
| Index: 71 |
| CreatedAt: "2016-06-07T21:07:31.171892745Z" |
| UpdatedAt: "2016-06-07T21:07:31.376370513Z" |
| Spec: |
| ContainerSpec: |
| Image: "redis" |
| Resources: |
| Limits: {} |
| Reservations: {} |
| RestartPolicy: |
| Condition: "any" |
| MaxAttempts: 0 |
| Placement: {} |
| ServiceID: "9mnpnzenvg8p8tdbtq4wvbkcz" |
| Slot: 1 |
| NodeID: "60gvrl6tm78dmak4yl7srz94v" |
| Status: |
| Timestamp: "2016-06-07T21:07:31.290032978Z" |
| State: "running" |
| Message: "started" |
| ContainerStatus: |
| ContainerID: "e5d62702a1b48d01c3e02ca1e0212a250801fa8d67caca0b6f35919ebc12f035" |
| PID: 677 |
| DesiredState: "running" |
| NetworksAttachments: |
| - Network: |
| ID: "4qvuz4ko70xaltuqbt8956gd1" |
| Version: |
| Index: 18 |
| CreatedAt: "2016-06-07T20:31:11.912919752Z" |
| UpdatedAt: "2016-06-07T21:07:29.955277358Z" |
| Spec: |
| Name: "ingress" |
| Labels: |
| com.docker.swarm.internal: "true" |
| DriverConfiguration: {} |
| IPAMOptions: |
| Driver: {} |
| Configs: |
| - Subnet: "10.255.0.0/16" |
| Gateway: "10.255.0.1" |
| DriverState: |
| Name: "overlay" |
| Options: |
| com.docker.network.driver.overlay.vxlanid_list: "256" |
| IPAMOptions: |
| Driver: |
| Name: "default" |
| Configs: |
| - Subnet: "10.255.0.0/16" |
| Gateway: "10.255.0.1" |
| Addresses: |
| - "10.255.0.10/16" |
| - ID: "1yljwbmlr8er2waf8orvqpwms" |
| Version: |
| Index: 30 |
| CreatedAt: "2016-06-07T21:07:30.019104782Z" |
| UpdatedAt: "2016-06-07T21:07:30.231958098Z" |
| Name: "hopeful_cori" |
| Spec: |
| ContainerSpec: |
| Image: "redis" |
| Resources: |
| Limits: {} |
| Reservations: {} |
| RestartPolicy: |
| Condition: "any" |
| MaxAttempts: 0 |
| Placement: {} |
| ServiceID: "9mnpnzenvg8p8tdbtq4wvbkcz" |
| Slot: 1 |
| NodeID: "60gvrl6tm78dmak4yl7srz94v" |
| Status: |
| Timestamp: "2016-06-07T21:07:30.202183143Z" |
| State: "shutdown" |
| Message: "shutdown" |
| ContainerStatus: |
| ContainerID: "1cf8d63d18e79668b0004a4be4c6ee58cddfad2dae29506d8781581d0688a213" |
| DesiredState: "shutdown" |
| NetworksAttachments: |
| - Network: |
| ID: "4qvuz4ko70xaltuqbt8956gd1" |
| Version: |
| Index: 18 |
| CreatedAt: "2016-06-07T20:31:11.912919752Z" |
| UpdatedAt: "2016-06-07T21:07:29.955277358Z" |
| Spec: |
| Name: "ingress" |
| Labels: |
| com.docker.swarm.internal: "true" |
| DriverConfiguration: {} |
| IPAMOptions: |
| Driver: {} |
| Configs: |
| - Subnet: "10.255.0.0/16" |
| Gateway: "10.255.0.1" |
| DriverState: |
| Name: "overlay" |
| Options: |
| com.docker.network.driver.overlay.vxlanid_list: "256" |
| IPAMOptions: |
| Driver: |
| Name: "default" |
| Configs: |
| - Subnet: "10.255.0.0/16" |
| Gateway: "10.255.0.1" |
| Addresses: |
| - "10.255.0.5/16" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "filters" |
| in: "query" |
| type: "string" |
| description: | |
| A JSON encoded value of the filters (a `map[string][]string`) to |
| process on the tasks list. |
| |
| Available filters: |
| |
| - `desired-state=(running | shutdown | accepted)` |
| - `id=<task id>` |
| - `label=key` or `label="key=value"` |
| - `name=<task name>` |
| - `node=<node id or name>` |
| - `service=<service name>` |
| tags: ["Task"] |
| /tasks/{id}: |
| get: |
| summary: "Inspect a task" |
| operationId: "TaskInspect" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/Task" |
| 404: |
| description: "no such task" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "ID of the task" |
| required: true |
| type: "string" |
| tags: ["Task"] |
| /tasks/{id}/logs: |
| get: |
| summary: "Get task logs" |
| description: | |
| Get `stdout` and `stderr` logs from a task. |
| See also [`/containers/{id}/logs`](#operation/ContainerLogs). |
| |
| **Note**: This endpoint works only for services with the `local`, |
| `json-file` or `journald` logging drivers. |
| operationId: "TaskLogs" |
| produces: |
| - "application/vnd.docker.raw-stream" |
| - "application/vnd.docker.multiplexed-stream" |
| responses: |
| 200: |
| description: "logs returned as a stream in response body" |
| schema: |
| type: "string" |
| format: "binary" |
| 404: |
| description: "no such task" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such task: c2ada9df5af8" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| description: "ID of the task" |
| type: "string" |
| - name: "details" |
| in: "query" |
| description: "Show task context and extra details provided to logs." |
| type: "boolean" |
| default: false |
| - name: "follow" |
| in: "query" |
| description: "Keep connection after returning logs." |
| type: "boolean" |
| default: false |
| - name: "stdout" |
| in: "query" |
| description: "Return logs from `stdout`" |
| type: "boolean" |
| default: false |
| - name: "stderr" |
| in: "query" |
| description: "Return logs from `stderr`" |
| type: "boolean" |
| default: false |
| - name: "since" |
| in: "query" |
| description: "Only return logs since this time, as a UNIX timestamp" |
| type: "integer" |
| default: 0 |
| - name: "timestamps" |
| in: "query" |
| description: "Add timestamps to every log line" |
| type: "boolean" |
| default: false |
| - name: "tail" |
| in: "query" |
| description: | |
| Only return this number of log lines from the end of the logs. |
| Specify as an integer or `all` to output all log lines. |
| type: "string" |
| default: "all" |
| tags: ["Task"] |
| /secrets: |
| get: |
| summary: "List secrets" |
| operationId: "SecretList" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/Secret" |
| example: |
| - ID: "blt1owaxmitz71s9v5zh81zun" |
| Version: |
| Index: 85 |
| CreatedAt: "2017-07-20T13:55:28.678958722Z" |
| UpdatedAt: "2017-07-20T13:55:28.678958722Z" |
| Spec: |
| Name: "mysql-passwd" |
| Labels: |
| some.label: "some.value" |
| Driver: |
| Name: "secret-bucket" |
| Options: |
| OptionA: "value for driver option A" |
| OptionB: "value for driver option B" |
| - ID: "ktnbjxoalbkvbvedmg1urrz8h" |
| Version: |
| Index: 11 |
| CreatedAt: "2016-11-05T01:20:17.327670065Z" |
| UpdatedAt: "2016-11-05T01:20:17.327670065Z" |
| Spec: |
| Name: "app-dev.crt" |
| Labels: |
| foo: "bar" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "filters" |
| in: "query" |
| type: "string" |
| description: | |
| A JSON encoded value of the filters (a `map[string][]string`) to |
| process on the secrets list. |
| |
| Available filters: |
| |
| - `id=<secret id>` |
| - `label=<key> or label=<key>=value` |
| - `name=<secret name>` |
| - `names=<secret name>` |
| tags: ["Secret"] |
| /secrets/create: |
| post: |
| summary: "Create a secret" |
| operationId: "SecretCreate" |
| consumes: |
| - "application/json" |
| produces: |
| - "application/json" |
| responses: |
| 201: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/IdResponse" |
| 409: |
| description: "name conflicts with an existing object" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "body" |
| in: "body" |
| schema: |
| allOf: |
| - $ref: "#/definitions/SecretSpec" |
| - type: "object" |
| example: |
| Name: "app-key.crt" |
| Labels: |
| foo: "bar" |
| Data: "VEhJUyBJUyBOT1QgQSBSRUFMIENFUlRJRklDQVRFCg==" |
| Driver: |
| Name: "secret-bucket" |
| Options: |
| OptionA: "value for driver option A" |
| OptionB: "value for driver option B" |
| tags: ["Secret"] |
| /secrets/{id}: |
| get: |
| summary: "Inspect a secret" |
| operationId: "SecretInspect" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/Secret" |
| examples: |
| application/json: |
| ID: "ktnbjxoalbkvbvedmg1urrz8h" |
| Version: |
| Index: 11 |
| CreatedAt: "2016-11-05T01:20:17.327670065Z" |
| UpdatedAt: "2016-11-05T01:20:17.327670065Z" |
| Spec: |
| Name: "app-dev.crt" |
| Labels: |
| foo: "bar" |
| Driver: |
| Name: "secret-bucket" |
| Options: |
| OptionA: "value for driver option A" |
| OptionB: "value for driver option B" |
| |
| 404: |
| description: "secret not found" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| type: "string" |
| description: "ID of the secret" |
| tags: ["Secret"] |
| delete: |
| summary: "Delete a secret" |
| operationId: "SecretDelete" |
| produces: |
| - "application/json" |
| responses: |
| 204: |
| description: "no error" |
| 404: |
| description: "secret not found" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| type: "string" |
| description: "ID of the secret" |
| tags: ["Secret"] |
| /secrets/{id}/update: |
| post: |
| summary: "Update a Secret" |
| operationId: "SecretUpdate" |
| responses: |
| 200: |
| description: "no error" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such secret" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "The ID or name of the secret" |
| type: "string" |
| required: true |
| - name: "body" |
| in: "body" |
| schema: |
| $ref: "#/definitions/SecretSpec" |
| description: | |
| The spec of the secret to update. Currently, only the Labels field |
| can be updated. All other fields must remain unchanged from the |
| [SecretInspect endpoint](#operation/SecretInspect) response values. |
| - name: "version" |
| in: "query" |
| description: | |
| The version number of the secret object being updated. This is |
| required to avoid conflicting writes. |
| type: "integer" |
| format: "int64" |
| required: true |
| tags: ["Secret"] |
| /configs: |
| get: |
| summary: "List configs" |
| operationId: "ConfigList" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| type: "array" |
| items: |
| $ref: "#/definitions/Config" |
| example: |
| - ID: "ktnbjxoalbkvbvedmg1urrz8h" |
| Version: |
| Index: 11 |
| CreatedAt: "2016-11-05T01:20:17.327670065Z" |
| UpdatedAt: "2016-11-05T01:20:17.327670065Z" |
| Spec: |
| Name: "server.conf" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "filters" |
| in: "query" |
| type: "string" |
| description: | |
| A JSON encoded value of the filters (a `map[string][]string`) to |
| process on the configs list. |
| |
| Available filters: |
| |
| - `id=<config id>` |
| - `label=<key> or label=<key>=value` |
| - `name=<config name>` |
| - `names=<config name>` |
| tags: ["Config"] |
| /configs/create: |
| post: |
| summary: "Create a config" |
| operationId: "ConfigCreate" |
| consumes: |
| - "application/json" |
| produces: |
| - "application/json" |
| responses: |
| 201: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/IdResponse" |
| 409: |
| description: "name conflicts with an existing object" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "body" |
| in: "body" |
| schema: |
| allOf: |
| - $ref: "#/definitions/ConfigSpec" |
| - type: "object" |
| example: |
| Name: "server.conf" |
| Labels: |
| foo: "bar" |
| Data: "VEhJUyBJUyBOT1QgQSBSRUFMIENFUlRJRklDQVRFCg==" |
| tags: ["Config"] |
| /configs/{id}: |
| get: |
| summary: "Inspect a config" |
| operationId: "ConfigInspect" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "no error" |
| schema: |
| $ref: "#/definitions/Config" |
| examples: |
| application/json: |
| ID: "ktnbjxoalbkvbvedmg1urrz8h" |
| Version: |
| Index: 11 |
| CreatedAt: "2016-11-05T01:20:17.327670065Z" |
| UpdatedAt: "2016-11-05T01:20:17.327670065Z" |
| Spec: |
| Name: "app-dev.crt" |
| 404: |
| description: "config not found" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| type: "string" |
| description: "ID of the config" |
| tags: ["Config"] |
| delete: |
| summary: "Delete a config" |
| operationId: "ConfigDelete" |
| produces: |
| - "application/json" |
| responses: |
| 204: |
| description: "no error" |
| 404: |
| description: "config not found" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| required: true |
| type: "string" |
| description: "ID of the config" |
| tags: ["Config"] |
| /configs/{id}/update: |
| post: |
| summary: "Update a Config" |
| operationId: "ConfigUpdate" |
| responses: |
| 200: |
| description: "no error" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 404: |
| description: "no such config" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 503: |
| description: "node is not part of a swarm" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "id" |
| in: "path" |
| description: "The ID or name of the config" |
| type: "string" |
| required: true |
| - name: "body" |
| in: "body" |
| schema: |
| $ref: "#/definitions/ConfigSpec" |
| description: | |
| The spec of the config to update. Currently, only the Labels field |
| can be updated. All other fields must remain unchanged from the |
| [ConfigInspect endpoint](#operation/ConfigInspect) response values. |
| - name: "version" |
| in: "query" |
| description: | |
| The version number of the config object being updated. This is |
| required to avoid conflicting writes. |
| type: "integer" |
| format: "int64" |
| required: true |
| tags: ["Config"] |
| /distribution/{name}/json: |
| get: |
| summary: "Get image information from the registry" |
| description: | |
| Return image digest and platform information by contacting the registry. |
| operationId: "DistributionInspect" |
| produces: |
| - "application/json" |
| responses: |
| 200: |
| description: "descriptor and platform information" |
| schema: |
| $ref: "#/definitions/DistributionInspect" |
| 401: |
| description: "Failed authentication or no image found" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| examples: |
| application/json: |
| message: "No such image: someimage (tag: latest)" |
| 500: |
| description: "Server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| parameters: |
| - name: "name" |
| in: "path" |
| description: "Image name or id" |
| type: "string" |
| required: true |
| tags: ["Distribution"] |
| /session: |
| post: |
| summary: "Initialize interactive session" |
| description: | |
| Start a new interactive session with a server. Session allows server to |
| call back to the client for advanced capabilities. |
| |
| ### Hijacking |
| |
| This endpoint hijacks the HTTP connection to HTTP2 transport that allows |
| the client to expose gPRC services on that connection. |
| |
| For example, the client sends this request to upgrade the connection: |
| |
| ``` |
| POST /session HTTP/1.1 |
| Upgrade: h2c |
| Connection: Upgrade |
| ``` |
| |
| The Docker daemon responds with a `101 UPGRADED` response follow with |
| the raw stream: |
| |
| ``` |
| HTTP/1.1 101 UPGRADED |
| Connection: Upgrade |
| Upgrade: h2c |
| ``` |
| operationId: "Session" |
| produces: |
| - "application/vnd.docker.raw-stream" |
| responses: |
| 101: |
| description: "no error, hijacking successful" |
| 400: |
| description: "bad parameter" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| 500: |
| description: "server error" |
| schema: |
| $ref: "#/definitions/ErrorResponse" |
| tags: ["Session"] |