The Engine API is an HTTP API served by Docker Engine. It is the API the Docker client uses to communicate with the Engine, so everything the Docker client can do can be done with the API.
Most of the client's commands map directly to API endpoints (e.g. `docker ps` is `GET /containers/json`). The notable exception is running containers, which consists of several API calls.
# Errors
The API uses standard HTTP status codes to indicate the success or failure of the API call. The body of the response will be JSON in the following format:
```
{
"message": "page not found"
}
```
# Versioning
The API is usually changed in each release of Docker, so API calls are versioned to ensure that clients don't break.
For Docker Engine 17.10, the API version is 1.33. To lock to this version, you prefix the URL with `/v1.33`. For example, calling `/info` is the same as calling `/v1.33/info`.
Engine releases in the near future should support this version of the API, so your client will continue to work even if it is talking to a newer Engine.
In previous versions of Docker, it was possible to access the API without providing a version. This behaviour is now deprecated will be removed in a future version of Docker.
If the API version specified in the URL is not supported by the daemon, a HTTP `400 Bad Request` error message is returned.
The API uses an open schema model, which means server may add extra properties to responses. Likewise, the server will ignore any extra query parameters and request body properties. When you write clients, you need to ignore additional properties in responses to ensure they do not break when talking to newer Docker daemons.
This documentation is for version 1.34 of the API. Use this table to find documentation for previous versions of the API:
Authentication for registries is handled client side. The client has to send authentication details to various endpoints that need to communicate with registries, such as `POST /images/(name)/push`. These are sent as `X-Registry-Auth` header as a Base64 encoded (JSON) string with the following structure:
```
{
"username": "string",
"password": "string",
"email": "string",
"serveraddress": "string"
}
```
The `serveraddress` is a domain/IP without a protocol. Throughout this structure, double quotes are required.
If you have already got an identity token from the [`/auth` endpoint](#operation/SystemAuth), you can just pass this instead of credentials:
```
{
"identitytoken": "9cbaf023786cd7..."
}
```
# The tags on paths define the menu sections in the ReDoc documentation, so
# the usage of tags must make sense for that:
# - They should be singular, not plural.
# - There should not be too many tags, or the menu becomes unwieldy. For
# example, it is preferable to add a path to the "System" tag instead of
# creating a tag with a single path in it.
# - The order of tags in this list defines the order in the menu.
Networks are user-defined networks that containers can be attached to. See the [networking documentation](https://docs.docker.com/network/) for more information.
Create and manage persistent storage that can be attached to containers.
- name:"Exec"
x-displayName:"Exec"
description:|
Run new commands inside running containers. See the [command-line reference](https://docs.docker.com/engine/reference/commandline/exec/) for more information.
To exec a command in a container, you first need to create an exec instance, then start it. These two API endpoints are wrapped up in a single command-line command, `docker exec`.
# Swarm things
- name:"Swarm"
x-displayName:"Swarm"
description:|
Engines can be clustered together in a swarm. See [the swarm mode documentation](https://docs.docker.com/engine/swarm/) for more information.
- name:"Node"
x-displayName:"Nodes"
description:|
Nodes are instances of the Engine participating in a swarm. Swarm mode must be enabled for these endpoints to work.
- name:"Service"
x-displayName:"Services"
description:|
Services are the definitions of tasks to run on a swarm. Swarm mode must be enabled for these endpoints to work.
- name:"Task"
x-displayName:"Tasks"
description:|
A task is a container running on a swarm. It is the atomic scheduling unit of swarm. Swarm mode must be enabled for these endpoints to work.
- name:"Secret"
x-displayName:"Secrets"
description:|
Secrets are sensitive data that can be used by services. Swarm mode must be enabled for these endpoints to work.
- name:"Config"
x-displayName:"Configs"
description:|
Configs are application configurations that can be used by services. Swarm mode must be enabled for these endpoints to work.
description:"A device mapping between the host and container"
properties:
PathOnHost:
type:"string"
PathInContainer:
type:"string"
CgroupPermissions:
type:"string"
example:
PathOnHost:"/dev/deviceName"
PathInContainer:"/dev/deviceName"
CgroupPermissions:"mrw"
ThrottleDevice:
type:"object"
properties:
Path:
description:"Device path"
type:"string"
Rate:
description:"Rate"
type:"integer"
format:"int64"
minimum:0
Mount:
type:"object"
properties:
Target:
description:"Container path."
type:"string"
Source:
description:"Mount source (e.g. a volume name, a host path)."
type:"string"
Type:
description:|
The mount type. Available types:
- `bind` Mounts a file or directory from the host into the container. Must exist prior to creating the container.
- `volume` Creates a volume with the given name and options (or uses a pre-existing volume with the same name and options). These are **not** removed when the container is removed.
- `tmpfs` Create a tmpfs with the given options. The mount source cannot be specified for tmpfs.
type:"string"
enum:
- "bind"
- "volume"
- "tmpfs"
ReadOnly:
description:"Whether the mount should be read-only."
type:"boolean"
Consistency:
description:"The consistency requirement for the mount: `default`, `consistent`, `cached`, or `delegated`."
type:"string"
BindOptions:
description:"Optional configuration for the `bind` type."
type:"object"
properties:
Propagation:
description:"A propagation mode with the value `[r]private`, `[r]shared`, or `[r]slave`."
enum:
- "private"
- "rprivate"
- "shared"
- "rshared"
- "slave"
- "rslave"
VolumeOptions:
description:"Optional configuration for the `volume` type."
type:"object"
properties:
NoCopy:
description:"Populate volume with data from the target."
type:"boolean"
default:false
Labels:
description:"User-defined key/value metadata."
type:"object"
additionalProperties:
type:"string"
DriverConfig:
description:"Map of driver specific options"
type:"object"
properties:
Name:
description:"Name of the driver to use to create the volume."
type:"string"
Options:
description:"key/value map of driver specific options."
type:"object"
additionalProperties:
type:"string"
TmpfsOptions:
description:"Optional configuration for the `tmpfs` type."
type:"object"
properties:
SizeBytes:
description:"The size for the tmpfs mount in bytes."
type:"integer"
format:"int64"
Mode:
description:"The permission mode for the tmpfs mount in an integer."
type:"integer"
RestartPolicy:
description:|
The behavior to apply when the container exits. The default is not to restart.
An ever increasing delay (double the previous delay, starting at 100ms) is added before each restart to prevent flooding the server.
type:"object"
properties:
Name:
type:"string"
description:|
- Empty string means not to restart
- `always` Always restart
- `unless-stopped` Restart always except when the user has manually stopped the container
- `on-failure` Restart only when the container exit code is non-zero
enum:
- ""
- "always"
- "unless-stopped"
- "on-failure"
MaximumRetryCount:
type:"integer"
description:"If `on-failure` is used, the number of times to retry before giving up"
description:"An integer value representing this container's relative CPU weight versus other containers."
type:"integer"
Memory:
description:"Memory limit in bytes."
type:"integer"
default:0
# Applicable to UNIX platforms
CgroupParent:
description:"Path to `cgroups` under which the container's `cgroup` is created. If the path is not absolute, the path is considered to be relative to the `cgroups` path of the init process. Cgroups are created if they do not already exist."
type:"string"
BlkioWeight:
description:"Block IO weight (relative weight)."
type:"integer"
minimum:0
maximum:1000
BlkioWeightDevice:
description:|
Block IO weight (relative device weight) in the form `[{"Path": "device_path", "Weight": weight}]`.
type:"array"
items:
type:"object"
properties:
Path:
type:"string"
Weight:
type:"integer"
minimum:0
BlkioDeviceReadBps:
description:|
Limit read rate (bytes per second) from a device, in the form `[{"Path": "device_path", "Rate": rate}]`.
type:"array"
items:
$ref:"#/definitions/ThrottleDevice"
BlkioDeviceWriteBps:
description:|
Limit write rate (bytes per second) to a device, in the form `[{"Path": "device_path", "Rate": rate}]`.
type:"array"
items:
$ref:"#/definitions/ThrottleDevice"
BlkioDeviceReadIOps:
description:|
Limit read rate (IO per second) from a device, in the form `[{"Path": "device_path", "Rate": rate}]`.
type:"array"
items:
$ref:"#/definitions/ThrottleDevice"
BlkioDeviceWriteIOps:
description:|
Limit write rate (IO per second) to a device, in the form `[{"Path": "device_path", "Rate": rate}]`.
type:"array"
items:
$ref:"#/definitions/ThrottleDevice"
CpuPeriod:
description:"The length of a CPU period in microseconds."
type:"integer"
format:"int64"
CpuQuota:
description:"Microseconds of CPU time that the container can get in a CPU period."
type:"integer"
format:"int64"
CpuRealtimePeriod:
description:"The length of a CPU real-time period in microseconds. Set to 0 to allocate no time allocated to real-time tasks."
type:"integer"
format:"int64"
CpuRealtimeRuntime:
description:"The length of a CPU real-time runtime in microseconds. Set to 0 to allocate no time allocated to real-time tasks."
type:"integer"
format:"int64"
CpusetCpus:
description:"CPUs in which to allow execution (e.g., `0-3`, `0,1`)"
type:"string"
example:"0-3"
CpusetMems:
description:"Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems."
type:"string"
Devices:
description:"A list of devices to add to the container."
type:"array"
items:
$ref:"#/definitions/DeviceMapping"
DeviceCgroupRules:
description:"a list of cgroup rules to apply to the container"
type:"array"
items:
type:"string"
example:"c 13:* rwm"
DiskQuota:
description:"Disk limit (in bytes)."
type:"integer"
format:"int64"
KernelMemory:
description:"Kernel memory limit in bytes."
type:"integer"
format:"int64"
MemoryReservation:
description:"Memory soft limit in bytes."
type:"integer"
format:"int64"
MemorySwap:
description:"Total memory limit (memory + swap). Set as `-1` to enable unlimited swap."
type:"integer"
format:"int64"
MemorySwappiness:
description:"Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100."
description:"CPU quota in units of 10<sup>-9</sup> CPUs."
type:"integer"
format:"int64"
OomKillDisable:
description:"Disable OOM Killer for the container."
type:"boolean"
PidsLimit:
description:"Tune a container's pids limit. Set -1 for unlimited."
type:"integer"
format:"int64"
Ulimits:
description:|
A list of resource limits to set in the container. For example:`{"Name": "nofile", "Soft": 1024, "Hard": 2048}`"
type:"array"
items:
type:"object"
properties:
Name:
description:"Name of ulimit"
type:"string"
Soft:
description:"Soft limit"
type:"integer"
Hard:
description:"Hard limit"
type:"integer"
# Applicable to Windows
CpuCount:
description:|
The number of usable CPUs (Windows only).
OnWindows Server containers, the processor resource controls are mutually exclusive. The order of precedence is `CPUCount` first, then `CPUShares`, and `CPUPercent` last.
type:"integer"
format:"int64"
CpuPercent:
description:|
The usable percentage of the available CPUs (Windows only).
OnWindows Server containers, the processor resource controls are mutually exclusive. The order of precedence is `CPUCount` first, then `CPUShares`, and `CPUPercent` last.
type:"integer"
format:"int64"
IOMaximumIOps:
description:"Maximum IOps for the container system drive (Windows only)"
type:"integer"
format:"int64"
IOMaximumBandwidth:
description:"Maximum IO in bytes per second for the container system drive (Windows only)"
type:"integer"
format:"int64"
ResourceObject:
description:"An object describing the resources which can be advertised by a node and requested by a task"
type:"object"
properties:
NanoCPUs:
type:"integer"
format:"int64"
example:4000000000
MemoryBytes:
type:"integer"
format:"int64"
example:8272408576
GenericResources:
$ref:"#/definitions/GenericResources"
GenericResources:
description:"User-defined resources can be either Integer resources (e.g, `SSD=3`) or String resources (e.g, `GPU=UUID1`)"
type:"array"
items:
type:"object"
properties:
NamedResourceSpec:
type:"object"
properties:
Kind:
type:"string"
Value:
type:"string"
DiscreteResourceSpec:
type:"object"
properties:
Kind:
type:"string"
Value:
type:"integer"
format:"int64"
example:
- DiscreteResourceSpec:
Kind:"SSD"
Value:3
- NamedResourceSpec:
Kind:"GPU"
Value:"UUID1"
- NamedResourceSpec:
Kind:"GPU"
Value:"UUID2"
HealthConfig:
description:"A test to perform to check that the container is healthy."
type:"object"
properties:
Test:
description:|
The test to perform. Possible values are:
- `[]` inherit healthcheck from image or parent image
- `["NONE"]` disable healthcheck
- `["CMD", args...]` exec arguments directly
- `["CMD-SHELL", command]` run command with system's default shell
type:"array"
items:
type:"string"
Interval:
description:"The time to wait between checks in nanoseconds. It should be 0 or at least 1000000 (1 ms). 0 means inherit."
type:"integer"
Timeout:
description:"The time to wait before considering the check to have hung. It should be 0 or at least 1000000 (1 ms). 0 means inherit."
type:"integer"
Retries:
description:"The number of consecutive failures needed to consider a container as unhealthy. 0 means inherit."
type:"integer"
StartPeriod:
description:"Start period for the container to initialize before starting health-retries countdown in nanoseconds. It should be 0 or at least 1000000 (1 ms). 0 means inherit."
type:"integer"
HostConfig:
description:"Container configuration that depends on the host we are running on"
allOf:
- $ref:"#/definitions/Resources"
- type:"object"
properties:
# Applicable to all platforms
Binds:
type:"array"
description:|
A list of volume bindings for this container. Each volume binding is a string in one of these forms:
- `host-src:container-dest` to bind-mount a host path into the container. Both `host-src`, and `container-dest` must be an _absolute_ path.
- `host-src:container-dest:ro` to make the bind mount read-only inside the container. Both `host-src`, and `container-dest` must be an _absolute_ path.
- `volume-name:container-dest` to bind-mount a volume managed by a volume driver into the container. `container-dest` must be an _absolute_ path.
- `volume-name:container-dest:ro` to mount the volume read-only inside the container. `container-dest` must be an _absolute_ path.
items:
type:"string"
ContainerIDFile:
type:"string"
description:"Path to a file where the container ID is written"
LogConfig:
type:"object"
description:"The logging configuration for this container"
properties:
Type:
type:"string"
enum:
- "json-file"
- "syslog"
- "journald"
- "gelf"
- "fluentd"
- "awslogs"
- "splunk"
- "etwlogs"
- "none"
Config:
type:"object"
additionalProperties:
type:"string"
NetworkMode:
type:"string"
description:"Network mode to use for this container. Supported standard values are: `bridge`, `host`, `none`, and `container:<name|id>`. Any other value is taken
as a custom network's name to which this container should connect to."
PortBindings:
type:"object"
description:"A map of exposed container ports and the host port they should map to."
additionalProperties:
type:"object"
properties:
HostIp:
type:"string"
description:"The host IP address"
HostPort:
type:"string"
description:"The host port number, as a string"
RestartPolicy:
$ref:"#/definitions/RestartPolicy"
AutoRemove:
type:"boolean"
description:"Automatically remove the container when the container's process exits. This has no effect if `RestartPolicy` is set."
VolumeDriver:
type:"string"
description:"Driver that this container uses to mount volumes."
VolumesFrom:
type:"array"
description:"A list of volumes to inherit from another container, specified in the form `<container name>[:<ro|rw>]`."
items:
type:"string"
Mounts:
description:"Specification for mounts to be added to the container."
type:"array"
items:
$ref:"#/definitions/Mount"
# Applicable to UNIX platforms
CapAdd:
type:"array"
description:"A list of kernel capabilities to add to the container."
items:
type:"string"
CapDrop:
type:"array"
description:"A list of kernel capabilities to drop from the container."
items:
type:"string"
Dns:
type:"array"
description:"A list of DNS servers for the container to use."
items:
type:"string"
DnsOptions:
type:"array"
description:"A list of DNS options."
items:
type:"string"
DnsSearch:
type:"array"
description:"A list of DNS search domains."
items:
type:"string"
ExtraHosts:
type:"array"
description:|
A list of hostnames/IP mappings to add to the container's `/etc/hosts` file. Specified in the form `["hostname:IP"]`.
items:
type:"string"
GroupAdd:
type:"array"
description:"A list of additional groups that the container process will run as."
items:
type:"string"
IpcMode:
type:"string"
description:|
IPC sharing mode for the container. Possible values are:
- `"none"`: own private IPC namespace, with /dev/shm not mounted
- `"private"`: own private IPC namespace
- `"shareable"`: own private IPC namespace, with a possibility to share it with other containers
- `"container:<name|id>"`: join another (shareable) container's IPC namespace
- `"host"`: use the host system's IPC namespace
If not specified, daemon default is used, which can either be `"private"`
or `"shareable"`, depending on daemon version and configuration.
Cgroup:
type:"string"
description:"Cgroup to use for the container."
Links:
type:"array"
description:"A list of links for the container in the form `container_name:alias`."
items:
type:"string"
OomScoreAdj:
type:"integer"
description:"An integer value containing the score given to the container in order to tune OOM killer preferences."
example:500
PidMode:
type:"string"
description:|
Set the PID (Process) Namespace mode for the container. It can be either:
- `"container:<name|id>"`: joins another container's PID namespace
- `"host"`: use the host's PID namespace inside the container
Privileged:
type:"boolean"
description:"Gives the container full access to the host."
PublishAllPorts:
type:"boolean"
description:|
Allocates an ephemeral host port for all of a container's
exposed ports.
Ports are de-allocated when the container stops and allocated when the container starts.
The allocated port might be changed when restarting the container.
The port is selected from the ephemeral port range that depends on the kernel.
For example, on Linux the range is defined by `/proc/sys/net/ipv4/ip_local_port_range`.
ReadonlyRootfs:
type:"boolean"
description:"Mount the container's root filesystem as read only."
SecurityOpt:
type:"array"
description:"A list of string values to customize labels for MLS
systems, such as SELinux."
items:
type:"string"
StorageOpt:
type:"object"
description:|
Storage driver options for this container, in the form `{"size": "120G"}`.
additionalProperties:
type:"string"
Tmpfs:
type:"object"
description:|
A map of container directories which should be replaced by tmpfs mounts, and their corresponding mount options. For example:`{ "/run": "rw,noexec,nosuid,size=65536k" }`.
additionalProperties:
type:"string"
UTSMode:
type:"string"
description:"UTS namespace to use for the container."
UsernsMode:
type:"string"
description:"Sets the usernamespace mode for the container when usernamespace remapping option is enabled."
ShmSize:
type:"integer"
description:"Size of `/dev/shm` in bytes. If omitted, the system uses 64MB."
minimum:0
Sysctls:
type:"object"
description:|
A list of kernel parameters (sysctls) to set in the container. For example:`{"net.ipv4.ip_forward": "1"}`
additionalProperties:
type:"string"
Runtime:
type:"string"
description:"Runtime to use with this container."
# Applicable to Windows
ConsoleSize:
type:"array"
description:"Initial console size, as an `[height, width]` array. (Windows only)"
minItems:2
maxItems:2
items:
type:"integer"
minimum:0
Isolation:
type:"string"
description:"Isolation technology of the container. (Windows only)"
description:"The hostname to use for the container, as a valid RFC 1123 hostname."
type:"string"
Domainname:
description:"The domain name to use for the container."
type:"string"
User:
description:"The user that commands are run as inside the container."
type:"string"
AttachStdin:
description:"Whether to attach to `stdin`."
type:"boolean"
default:false
AttachStdout:
description:"Whether to attach to `stdout`."
type:"boolean"
default:true
AttachStderr:
description:"Whether to attach to `stderr`."
type:"boolean"
default:true
ExposedPorts:
description:|
An object mapping ports to an empty object in the form:
`{"<port>/<tcp|udp>": {}}`
type:"object"
additionalProperties:
type:"object"
enum:
- {}
default:{}
Tty:
description:"Attach standard streams to a TTY, including `stdin` if it is not closed."
type:"boolean"
default:false
OpenStdin:
description:"Open `stdin`"
type:"boolean"
default:false
StdinOnce:
description:"Close `stdin` after one attached client disconnects"
type:"boolean"
default:false
Env:
description:|
A list of environment variables to set inside the container in the form `["VAR=value", ...]`. A variable without `=` is removed from the environment, rather than to have an empty value.
type:"array"
items:
type:"string"
Cmd:
description:"Command to run specified as a string or an array of strings."
type:
- "array"
- "string"
items:
type:"string"
Healthcheck:
$ref:"#/definitions/HealthConfig"
ArgsEscaped:
description:"Command is already escaped (Windows only)"
type:"boolean"
Image:
description:"The name of the image to use when creating the container"
type:"string"
Volumes:
description:"An object mapping mount point paths inside the container to empty objects."
type:"object"
properties:
additionalProperties:
type:"object"
enum:
- {}
default:{}
WorkingDir:
description:"The working directory for commands to run in."
type:"string"
Entrypoint:
description:|
The entry point for the container as a string or an array of strings.
If the array consists of exactly one empty string (`[""]`) then the entry point is reset to system default (i.e., the entry point used by docker when there is no `ENTRYPOINT` instruction in the `Dockerfile`).
type:
- "array"
- "string"
items:
type:"string"
NetworkDisabled:
description:"Disable networking for the container."
type:"boolean"
MacAddress:
description:"MAC address of the container."
type:"string"
OnBuild:
description:"`ONBUILD` metadata that were defined in the image's `Dockerfile`."
type:"array"
items:
type:"string"
Labels:
description:"User-defined key/value metadata."
type:"object"
additionalProperties:
type:"string"
StopSignal:
description:"Signal to stop a container as a string or unsigned integer."
type:"string"
default:"SIGTERM"
StopTimeout:
description:"Timeout to stop a container in seconds."
type:"integer"
default:10
Shell:
description:"Shell for when `RUN`, `CMD`, and `ENTRYPOINT` uses a shell."
type:"array"
items:
type:"string"
NetworkSettings:
description:"NetworkSettings exposes the network settings in the API"
description:"The number of historic tasks to keep per instance or node. If negative, never remove completed or failed tasks."
type:"integer"
format:"int64"
example:10
Raft:
description:"Raft configuration."
type:"object"
properties:
SnapshotInterval:
description:"The number of log entries between snapshots."
type:"integer"
format:"uint64"
example:10000
KeepOldSnapshots:
description:"The number of snapshots to keep beyond the current snapshot."
type:"integer"
format:"uint64"
LogEntriesForSlowFollowers:
description:"The number of log entries to keep around to sync up slow followers after a snapshot is created."
type:"integer"
format:"uint64"
example:500
ElectionTick:
description:|
The number of ticks that a follower will wait for a message from the leader before becoming a candidate and starting an election. `ElectionTick` must be greater than `HeartbeatTick`.
A tick currently defaults to one second, so these translate directly to seconds currently, but this is NOT guaranteed.
type:"integer"
example:3
HeartbeatTick:
description:|
The number of ticks between heartbeats. Every HeartbeatTick ticks, the leader will send a heartbeat to the followers.
A tick currently defaults to one second, so these translate directly to seconds currently, but this is NOT guaranteed.
type:"integer"
example:1
Dispatcher:
description:"Dispatcher configuration."
type:"object"
x-nullable:true
properties:
HeartbeatPeriod:
description:"The delay for an agent to send a heartbeat to the dispatcher."
type:"integer"
format:"int64"
example:5000000000
CAConfig:
description:"CA configuration."
type:"object"
x-nullable:true
properties:
NodeCertExpiry:
description:"The duration node certificates are issued for."
type:"integer"
format:"int64"
example:7776000000000000
ExternalCAs:
description:"Configuration for forwarding signing requests to an external certificate authority."
type:"array"
items:
type:"object"
properties:
Protocol:
description:"Protocol for communication with the external CA (currently only `cfssl` is supported)."
type:"string"
enum:
- "cfssl"
default:"cfssl"
URL:
description:"URL where certificate signing requests should be sent."
type:"string"
Options:
description:"An object with key/value pairs that are interpreted as protocol-specific options for the external CA driver."
type:"object"
additionalProperties:
type:"string"
CACert:
description:"The root CA certificate (in PEM format) this external CA uses to issue TLS certificates (assumed to be to the current swarm root CA certificate if not provided)."
type:"string"
SigningCACert:
description:"The desired signing CA certificate for all swarm node TLS leaf certificates, in PEM format."
type:"string"
SigningCAKey:
description:"The desired signing CA key for all swarm node TLS leaf certificates, in PEM format."
type:"string"
ForceRotate:
description:"An integer whose purpose is to force swarm to generate a new signing CA certificate and key, if none have been specified in `SigningCACert` and `SigningCAKey`"
format:"uint64"
type:"integer"
EncryptionConfig:
description:"Parameters related to encryption-at-rest."
type:"object"
properties:
AutoLockManagers:
description:"If set, generate a key and use it to lock data stored on the managers."
type:"boolean"
example:false
TaskDefaults:
description:"Defaults for creating tasks in this cluster."
type:"object"
properties:
LogDriver:
description:|
The log driver to use for tasks created in the orchestrator if
unspecified by a service.
Updating this value only affects new tasks. Existing tasks continue
to use their previously configured log driver until recreated.
type:"object"
properties:
Name:
description:|
The log driver to use as a default for new tasks.
type:"string"
example:"json-file"
Options:
description:|
Driver-specific options for the selectd log driver, specified
as key/value pairs.
type:"object"
additionalProperties:
type:"string"
example:
"max-file": "10"
"max-size": "100m"
# The Swarm information for `GET /info`. It is the same as `GET /swarm`, but
# without `JoinTokens`.
ClusterInfo:
description:|
ClusterInfo represents information about the swarm as is returned by the
"/info"endpoint. Join-tokens are not included.
x-nullable:true
type:"object"
properties:
ID:
description:"The ID of the swarm."
type:"string"
example:"abajmipo7b4xz5ip2nrla6b11"
Version:
$ref:"#/definitions/ObjectVersion"
CreatedAt:
description:|
Date and time at which the swarm was initialised in
[RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds.
type:"string"
format:"dateTime"
example:"2016-08-18T10:44:24.496525531Z"
UpdatedAt:
description:|
Date and time at which the swarm was last updated in
[RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds.
type:"string"
format:"dateTime"
example:"2017-08-09T07:09:37.632105588Z"
Spec:
$ref:"#/definitions/SwarmSpec"
TLSInfo:
$ref:"#/definitions/TLSInfo"
RootRotationInProgress:
description:"Whether there is currently a root CA rotation in progress for the swarm"
type:"boolean"
example:false
JoinTokens:
description:|
JoinTokens contains the tokens workers and managers need to join the swarm.
description:"Specification for the restart policy which applies to containers created as part of this service."
type:"object"
properties:
Condition:
description:"Condition for restart."
type:"string"
enum:
- "none"
- "on-failure"
- "any"
Delay:
description:"Delay between restart attempts."
type:"integer"
format:"int64"
MaxAttempts:
description:"Maximum attempts to restart a given container before giving up (default value is 0, which is ignored)."
type:"integer"
format:"int64"
default:0
Window:
description:"Windows is the time window used to evaluate the restart policy (default value is 0, which is unbounded)."
type:"integer"
format:"int64"
default:0
Placement:
type:"object"
properties:
Constraints:
description:"An array of constraints."
type:"array"
items:
type:"string"
example:
- "node.hostname!=node3.corp.example.com"
- "node.role!=manager"
- "node.labels.type==production"
Preferences:
description:"Preferences provide a way to make the scheduler aware of factors such as topology. They are provided in order from highest to lowest precedence."
type:"array"
items:
type:"object"
properties:
Spread:
type:"object"
properties:
SpreadDescriptor:
description:"label descriptor, such as engine.labels.az"
type:"string"
example:
- Spread:
SpreadDescriptor:"node.labels.datacenter"
- Spread:
SpreadDescriptor:"node.labels.rack"
Platforms:
description:|
Platforms stores all the platforms that the service's image can
run on. This field is used in the platform filter for scheduling.
If empty, then the platform filter is off, meaning there are no
scheduling restrictions.
type:"array"
items:
$ref:"#/definitions/Platform"
ForceUpdate:
description:"A counter that triggers an update even if no relevant parameters have been changed."
type:"integer"
Runtime:
description:"Runtime is the type of runtime specified for the task executor."
type:"string"
Networks:
type:"array"
items:
type:"object"
properties:
Target:
type:"string"
Aliases:
type:"array"
items:
type:"string"
LogDriver:
description:"Specifies the log driver to use for tasks created from this spec. If not present, the default one for the swarm will be used, finally falling back to the engine default if not specified."
type:"object"
properties:
Name:
type:"string"
Options:
type:"object"
additionalProperties:
type:"string"
TaskState:
type:"string"
enum:
- "new"
- "allocated"
- "pending"
- "assigned"
- "accepted"
- "preparing"
- "ready"
- "starting"
- "running"
- "complete"
- "shutdown"
- "failed"
- "rejected"
Task:
type:"object"
properties:
ID:
description:"The ID of the task."
type:"string"
Version:
$ref:"#/definitions/ObjectVersion"
CreatedAt:
type:"string"
format:"dateTime"
UpdatedAt:
type:"string"
format:"dateTime"
Name:
description:"Name of the task."
type:"string"
Labels:
description:"User-defined key/value metadata."
type:"object"
additionalProperties:
type:"string"
Spec:
$ref:"#/definitions/TaskSpec"
ServiceID:
description:"The ID of the service this task is part of."
type:"string"
Slot:
type:"integer"
NodeID:
description:"The ID of the node that this task is on."
description:"Specification for the update strategy of the service."
type:"object"
properties:
Parallelism:
description:"Maximum number of tasks to be updated in one iteration (0 means unlimited parallelism)."
type:"integer"
format:"int64"
Delay:
description:"Amount of time between updates, in nanoseconds."
type:"integer"
format:"int64"
FailureAction:
description:"Action to take if an updated task fails to run, or stops running during the update."
type:"string"
enum:
- "continue"
- "pause"
- "rollback"
Monitor:
description:"Amount of time to monitor each updated task for failures, in nanoseconds."
type:"integer"
format:"int64"
MaxFailureRatio:
description:"The fraction of tasks that may fail during an update before the failure action is invoked, specified as a floating point number between 0 and 1."
type:"number"
default:0
Order:
description:"The order of operations when rolling out an updated task. Either the old task is shut down before the new task is started, or the new task is started before the old task is shut down."
type:"string"
enum:
- "stop-first"
- "start-first"
RollbackConfig:
description:"Specification for the rollback strategy of the service."
type:"object"
properties:
Parallelism:
description:"Maximum number of tasks to be rolled back in one iteration (0 means unlimited parallelism)."
type:"integer"
format:"int64"
Delay:
description:"Amount of time between rollback iterations, in nanoseconds."
type:"integer"
format:"int64"
FailureAction:
description:"Action to take if an rolled back task fails to run, or stops running during the rollback."
type:"string"
enum:
- "continue"
- "pause"
Monitor:
description:"Amount of time to monitor each rolled back task for failures, in nanoseconds."
type:"integer"
format:"int64"
MaxFailureRatio:
description:"The fraction of tasks that may fail during a rollback before the failure action is invoked, specified as a floating point number between 0 and 1."
type:"number"
default:0
Order:
description:"The order of operations when rolling back a task. Either the old task is shut down before the new task is started, or the new task is started before the old task is shut down."
type:"string"
enum:
- "stop-first"
- "start-first"
Networks:
description:"Array of network names or IDs to attach the service to."
type:"array"
items:
type:"object"
properties:
Target:
type:"string"
Aliases:
type:"array"
items:
type:"string"
EndpointSpec:
$ref:"#/definitions/EndpointSpec"
EndpointPortConfig:
type:"object"
properties:
Name:
type:"string"
Protocol:
type:"string"
enum:
- "tcp"
- "udp"
TargetPort:
description:"The port inside the container."
type:"integer"
PublishedPort:
description:"The port on the swarm hosts."
type:"integer"
PublishMode:
description:|
The mode in which port is published.
<p><br /></p>
- "ingress"makes the target port accessible on on every node,
regardless of whether there is a task for the service running on
that node or not.
- "host"bypasses the routing mesh and publish the port directly on
the swarm node where that service is running.
type:"string"
enum:
- "ingress"
- "host"
default:"ingress"
example:"ingress"
EndpointSpec:
description:"Properties that can be configured to access and load balance a service."
type:"object"
properties:
Mode:
description:"The mode of resolution to use for internal load balancing
between tasks."
type:"string"
enum:
- "vip"
- "dnsrr"
default:"vip"
Ports:
description:"List of exposed ports that this service is accessible on from the outside. Ports can only be provided if `vip` resolution mode is used."
type:"array"
items:
$ref:"#/definitions/EndpointPortConfig"
Service:
type:"object"
properties:
ID:
type:"string"
Version:
$ref:"#/definitions/ObjectVersion"
CreatedAt:
type:"string"
format:"dateTime"
UpdatedAt:
type:"string"
format:"dateTime"
Spec:
$ref:"#/definitions/ServiceSpec"
Endpoint:
type:"object"
properties:
Spec:
$ref:"#/definitions/EndpointSpec"
Ports:
type:"array"
items:
$ref:"#/definitions/EndpointPortConfig"
VirtualIPs:
type:"array"
items:
type:"object"
properties:
NetworkID:
type:"string"
Addr:
type:"string"
UpdateStatus:
description:"The status of a service update."
type:"object"
properties:
State:
type:"string"
enum:
- "updating"
- "paused"
- "completed"
StartedAt:
type:"string"
format:"dateTime"
CompletedAt:
type:"string"
format:"dateTime"
Message:
type:"string"
example:
ID:"9mnpnzenvg8p8tdbtq4wvbkcz"
Version:
Index:19
CreatedAt:"2016-06-07T21:05:51.880065305Z"
UpdatedAt:"2016-06-07T21:07:29.962229872Z"
Spec:
Name:"hopeful_cori"
TaskTemplate:
ContainerSpec:
Image:"redis"
Resources:
Limits:{}
Reservations:{}
RestartPolicy:
Condition:"any"
MaxAttempts:0
Placement:{}
ForceUpdate:0
Mode:
Replicated:
Replicas:1
UpdateConfig:
Parallelism:1
Delay:1000000000
FailureAction:"pause"
Monitor:15000000000
MaxFailureRatio:0.15
RollbackConfig:
Parallelism:1
Delay:1000000000
FailureAction:"pause"
Monitor:15000000000
MaxFailureRatio:0.15
EndpointSpec:
Mode:"vip"
Ports:
-
Protocol:"tcp"
TargetPort:6379
PublishedPort:30001
Endpoint:
Spec:
Mode:"vip"
Ports:
-
Protocol:"tcp"
TargetPort:6379
PublishedPort:30001
Ports:
-
Protocol:"tcp"
TargetPort:6379
PublishedPort:30001
VirtualIPs:
-
NetworkID:"4qvuz4ko70xaltuqbt8956gd1"
Addr:"10.255.0.2/16"
-
NetworkID:"4qvuz4ko70xaltuqbt8956gd1"
Addr:"10.255.0.3/16"
ImageDeleteResponseItem:
type:"object"
properties:
Untagged:
description:"The image ID of an image that was untagged"
type:"string"
Deleted:
description:"The image ID of an image that was deleted"
type:"string"
ServiceUpdateResponse:
type:"object"
properties:
Warnings:
description:"Optional warning messages"
type:"array"
items:
type:"string"
example:
Warning:"unable to pin image doesnotexist:latest to digest: image library/doesnotexist:latest not found"
ContainerSummary:
type:"array"
items:
type:"object"
properties:
Id:
description:"The ID of this container"
type:"string"
x-go-name:"ID"
Names:
description:"The names that this container has been given"
type:"array"
items:
type:"string"
Image:
description:"The name of the image used when creating this container"
type:"string"
ImageID:
description:"The ID of the image that this container was created from"
type:"string"
Command:
description:"Command to run when starting the container"
type:"string"
Created:
description:"When the container was created"
type:"integer"
format:"int64"
Ports:
description:"The ports exposed by this container"
type:"array"
items:
$ref:"#/definitions/Port"
SizeRw:
description:"The size of files that have been created or changed by this container"
type:"integer"
format:"int64"
SizeRootFs:
description:"The total size of all the files in this container"
type:"integer"
format:"int64"
Labels:
description:"User-defined key/value metadata."
type:"object"
additionalProperties:
type:"string"
State:
description:"The state of this container (e.g. `Exited`)"
type:"string"
Status:
description:"Additional human-readable status of this container (e.g. `Exit 0`)"
type:"string"
HostConfig:
type:"object"
properties:
NetworkMode:
type:"string"
NetworkSettings:
description:"A summary of the container's network settings"
description:"Unique identifier of for this node in the swarm."
type:"string"
Addr:
description:|
IP address and ports at which this node can be reached.
type:"string"
paths:
/containers/json:
get:
summary:"List containers"
description:|
Returns a list of containers. For details on the format, see [the inspect endpoint](#operation/ContainerInspect).
Note that it uses a different, smaller representation of a container than inspecting a single container. For example,
the list of linked containers is not propagated .
operationId:"ContainerList"
produces:
- "application/json"
parameters:
- name:"all"
in:"query"
description:"Return all containers. By default, only running containers are shown"
type:"boolean"
default:false
- name:"limit"
in:"query"
description:"Return this number of most recently created containers, including non-running ones."
type:"integer"
- name:"size"
in:"query"
description:"Return the size of container as fields `SizeRw` and `SizeRootFs`."
type:"boolean"
default:false
- name:"filters"
in:"query"
description:|
Filters to process on the container list, encoded as JSON (a `map[string][]string`). For example, `{"status": ["paused"]}` will only return paused containers. Available filters:
- `ancestor`=(`<image-name>[:<tag>]`, `<image id>`, or `<image@digest>`)
- `before`=(`<container id>` or `<container name>`)
description:"Return the size of container as fields `SizeRw` and `SizeRootFs`"
tags:["Container"]
/containers/{id}/top:
get:
summary:"List processes running inside a container"
description:"On Unix systems, this is done by running the `ps` command. This endpoint is not supported on Windows."
operationId:"ContainerTop"
responses:
200:
description:"no error"
schema:
type:"object"
properties:
Titles:
description:"The ps column titles"
type:"array"
items:
type:"string"
Processes:
description:"Each process running in the container, where each is process is an array of values corresponding to the titles"
type:"array"
items:
type:"array"
items:
type:"string"
examples:
application/json:
Titles:
- "UID"
- "PID"
- "PPID"
- "C"
- "STIME"
- "TTY"
- "TIME"
- "CMD"
Processes:
-
- "root"
- "13642"
- "882"
- "0"
- "17:03"
- "pts/0"
- "00:00:00"
- "/bin/bash"
-
- "root"
- "13735"
- "13642"
- "0"
- "17:06"
- "pts/0"
- "00:00:00"
- "sleep 10"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"ps_args"
in:"query"
description:"The arguments to pass to `ps`. For example, `aux`"
type:"string"
default:"-ef"
tags:["Container"]
/containers/{id}/logs:
get:
summary:"Get container logs"
description:|
Get `stdout` and `stderr` logs from a container.
Note:This endpoint works only for containers with the `json-file` or `journald` logging driver.
operationId:"ContainerLogs"
responses:
101:
description:"logs returned as a stream"
schema:
type:"string"
format:"binary"
200:
description:"logs returned as a string in response body"
schema:
type:"string"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"follow"
in:"query"
description:|
Return the logs as a stream.
This will return a `101` HTTP response with a `Connection:upgrade` header, then hijack the HTTP connection to send raw output. For more information about hijacking and the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach).
type:"boolean"
default:false
- name:"stdout"
in:"query"
description:"Return logs from `stdout`"
type:"boolean"
default:false
- name:"stderr"
in:"query"
description:"Return logs from `stderr`"
type:"boolean"
default:false
- name:"since"
in:"query"
description:"Only return logs since this time, as a UNIX timestamp"
type:"integer"
default:0
- name:"timestamps"
in:"query"
description:"Add timestamps to every log line"
type:"boolean"
default:false
- name:"tail"
in:"query"
description:"Only return this number of log lines from the end of the logs. Specify as an integer or `all` to output all log lines."
type:"string"
default:"all"
tags:["Container"]
/containers/{id}/changes:
get:
summary:"Get changes on a container’s filesystem"
description:|
Returns which files in a container's filesystem have been added, deleted,
or modified. The `Kind` of modification can be one of:
- `0`:Modified
- `1`:Added
- `2`:Deleted
operationId:"ContainerChanges"
produces:["application/json"]
responses:
200:
description:"The list of changes"
schema:
type:"array"
items:
type:"object"
x-go-name:"ContainerChangeResponseItem"
required:[Path, Kind]
properties:
Path:
description:"Path to file that has changed"
type:"string"
x-nullable:false
Kind:
description:"Kind of change"
type:"integer"
format:"uint8"
enum:[0,1,2]
x-nullable:false
examples:
application/json:
- Path:"/dev"
Kind:0
- Path:"/dev/kmsg"
Kind:1
- Path:"/test"
Kind:1
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
tags:["Container"]
/containers/{id}/export:
get:
summary:"Export a container"
description:"Export the contents of a container as a tarball."
operationId:"ContainerExport"
produces:
- "application/octet-stream"
responses:
200:
description:"no error"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
tags:["Container"]
/containers/{id}/stats:
get:
summary:"Get container stats based on resource usage"
description:|
This endpoint returns a live stream of a container’s resource usage
statistics.
The `precpu_stats` is the CPU statistic of last read, which is used
for calculating the CPU usage percentage. It is not the same as the
`cpu_stats` field.
If either `precpu_stats.online_cpus` or `cpu_stats.online_cpus` is
nil then for compatibility with older daemons the length of the
corresponding `cpu_usage.percpu_usage` array should be used.
operationId:"ContainerStats"
produces:["application/json"]
responses:
200:
description:"no error"
schema:
type:"object"
examples:
application/json:
read:"2015-01-08T22:57:31.547920715Z"
pids_stats:
current:3
networks:
eth0:
rx_bytes:5338
rx_dropped:0
rx_errors:0
rx_packets:36
tx_bytes:648
tx_dropped:0
tx_errors:0
tx_packets:8
eth5:
rx_bytes:4641
rx_dropped:0
rx_errors:0
rx_packets:26
tx_bytes:690
tx_dropped:0
tx_errors:0
tx_packets:9
memory_stats:
stats:
total_pgmajfault:0
cache:0
mapped_file:0
total_inactive_file:0
pgpgout:414
rss:6537216
total_mapped_file:0
writeback:0
unevictable:0
pgpgin:477
total_unevictable:0
pgmajfault:0
total_rss:6537216
total_rss_huge:6291456
total_writeback:0
total_inactive_anon:0
rss_huge:6291456
hierarchical_memory_limit:67108864
total_pgfault:964
total_active_file:0
active_anon:6537216
total_active_anon:6537216
total_pgpgout:414
total_cache:0
inactive_anon:0
active_file:0
pgfault:964
inactive_file:0
total_pgpgin:477
max_usage:6651904
usage:6537216
failcnt:0
limit:67108864
blkio_stats:{}
cpu_stats:
cpu_usage:
percpu_usage:
- 8646879
- 24472255
- 36438778
- 30657443
usage_in_usermode:50000000
total_usage:100215355
usage_in_kernelmode:30000000
system_cpu_usage:739306590000000
online_cpus:4
throttling_data:
periods:0
throttled_periods:0
throttled_time:0
precpu_stats:
cpu_usage:
percpu_usage:
- 8646879
- 24350896
- 36438778
- 30657443
usage_in_usermode:50000000
total_usage:100093996
usage_in_kernelmode:30000000
system_cpu_usage:9492140000000
online_cpus:4
throttling_data:
periods:0
throttled_periods:0
throttled_time:0
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"stream"
in:"query"
description:"Stream the output. If false, the stats will be output once and then it will disconnect."
type:"boolean"
default:true
tags:["Container"]
/containers/{id}/resize:
post:
summary:"Resize a container TTY"
description:"Resize the TTY for a container. You must restart the container for the resize to take effect."
operationId:"ContainerResize"
consumes:
- "application/octet-stream"
produces:
- "text/plain"
responses:
200:
description:"no error"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"cannot resize container"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"h"
in:"query"
description:"Height of the tty session in characters"
type:"integer"
- name:"w"
in:"query"
description:"Width of the tty session in characters"
type:"integer"
tags:["Container"]
/containers/{id}/start:
post:
summary:"Start a container"
operationId:"ContainerStart"
responses:
204:
description:"no error"
304:
description:"container already started"
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"detachKeys"
in:"query"
description:"Override the key sequence for detaching a container. Format is a single character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`."
type:"string"
tags:["Container"]
/containers/{id}/stop:
post:
summary:"Stop a container"
operationId:"ContainerStop"
responses:
204:
description:"no error"
304:
description:"container already stopped"
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"t"
in:"query"
description:"Number of seconds to wait before killing the container"
type:"integer"
tags:["Container"]
/containers/{id}/restart:
post:
summary:"Restart a container"
operationId:"ContainerRestart"
responses:
204:
description:"no error"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"t"
in:"query"
description:"Number of seconds to wait before killing the container"
type:"integer"
tags:["Container"]
/containers/{id}/kill:
post:
summary:"Kill a container"
description:"Send a POSIX signal to a container, defaulting to killing to the container."
operationId:"ContainerKill"
responses:
204:
description:"no error"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"signal"
in:"query"
description:"Signal to send to the container as an integer or string (e.g. `SIGINT`)"
type:"string"
default:"SIGKILL"
tags:["Container"]
/containers/{id}/update:
post:
summary:"Update a container"
description:"Change various configuration options of a container without having to recreate it."
operationId:"ContainerUpdate"
consumes:["application/json"]
produces:["application/json"]
responses:
200:
description:"The container has been updated."
schema:
type:"object"
properties:
Warnings:
type:"array"
items:
type:"string"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"update"
in:"body"
required:true
schema:
allOf:
- $ref:"#/definitions/Resources"
- type:"object"
properties:
RestartPolicy:
$ref:"#/definitions/RestartPolicy"
example:
BlkioWeight:300
CpuShares:512
CpuPeriod:100000
CpuQuota:50000
CpuRealtimePeriod:1000000
CpuRealtimeRuntime:10000
CpusetCpus:"0,1"
CpusetMems:"0"
Memory:314572800
MemorySwap:514288000
MemoryReservation:209715200
KernelMemory:52428800
RestartPolicy:
MaximumRetryCount:4
Name:"on-failure"
tags:["Container"]
/containers/{id}/rename:
post:
summary:"Rename a container"
operationId:"ContainerRename"
responses:
204:
description:"no error"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
409:
description:"name already in use"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"name"
in:"query"
required:true
description:"New name for the container"
type:"string"
tags:["Container"]
/containers/{id}/pause:
post:
summary:"Pause a container"
description:|
Use the cgroups freezer to suspend all processes in a container.
Traditionally, when suspending a process the `SIGSTOP` signal is used, which is observable by the process being suspended. With the cgroups freezer the process is unaware, and unable to capture, that it is being suspended, and subsequently resumed.
operationId:"ContainerPause"
responses:
204:
description:"no error"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
tags:["Container"]
/containers/{id}/unpause:
post:
summary:"Unpause a container"
description:"Resume a container which has been paused."
operationId:"ContainerUnpause"
responses:
204:
description:"no error"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
tags:["Container"]
/containers/{id}/attach:
post:
summary:"Attach to a container"
description:|
Attach to a container to read its output or send it input. You can attach to the same container multiple times and you can reattach to containers that have been detached.
Either the `stream` or `logs` parameter must be `true` for this endpoint to do anything.
See [the documentation for the `docker attach` command](https://docs.docker.com/engine/reference/commandline/attach/) for more details.
### Hijacking
This endpoint hijacks the HTTP connection to transport `stdin`, `stdout`, and `stderr` on the same socket.
This is the response from the daemon for an attach request:
```
HTTP/1.1 200 OK
Content-Type:application/vnd.docker.raw-stream
[STREAM]
```
After the headers and two new lines, the TCP connection can now be used for raw, bidirectional communication between the client and server.
To hint potential proxies about connection hijacking, the Docker client can also optionally send connection upgrade headers.
For example, the client sends this request to upgrade the connection:
```
POST /containers/16253994b7c4/attach?stream=1&stdout=1 HTTP/1.1
Upgrade:tcp
Connection:Upgrade
```
The Docker daemon will respond with a `101 UPGRADED` response, and will similarly follow with the raw stream:
```
HTTP/1.1 101 UPGRADED
Content-Type:application/vnd.docker.raw-stream
Connection:Upgrade
Upgrade:tcp
[STREAM]
```
### Stream format
When the TTY setting is disabled in [`POST /containers/create`](#operation/ContainerCreate), the stream over the hijacked connected is multiplexed to separate out `stdout` and `stderr`. The stream consists of a series of frames, each containing a header and a payload.
The header contains the information which the stream writes (`stdout` or `stderr`). It also contains the size of the associated frame encoded in the last four bytes (`uint32`).
`SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of the `uint32` size encoded as big endian.
Following the header is the payload, which is the specified number of bytes of `STREAM_TYPE`.
The simplest way to implement this protocol is the following:
1. Read 8 bytes.
2. Choose `stdout` or `stderr` depending on the first byte.
3. Extract the frame size from the last four bytes.
4. Read the extracted size and output it on the correct output.
5. Goto 1.
### Stream format when using a TTY
When the TTY setting is enabled in [`POST /containers/create`](#operation/ContainerCreate), the stream is not multiplexed. The data exchanged over the hijacked connection is simply the raw data from the process PTY and client's `stdin`.
operationId:"ContainerAttach"
produces:
- "application/vnd.docker.raw-stream"
responses:
101:
description:"no error, hints proxy about hijacking"
200:
description:"no error, no upgrade header found"
400:
description:"bad parameter"
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"detachKeys"
in:"query"
description:"Override the key sequence for detaching a container.Format is a single character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`."
type:"string"
- name:"logs"
in:"query"
description:|
Replay previous logs from the container.
This is useful for attaching to a container that has started and you want to output everything since the container started.
If `stream` is also enabled, once all the previous output has been returned, it will seamlessly transition into streaming current output.
type:"boolean"
default:false
- name:"stream"
in:"query"
description:"Stream attached streams from the time the request was made onwards"
type:"boolean"
default:false
- name:"stdin"
in:"query"
description:"Attach to `stdin`"
type:"boolean"
default:false
- name:"stdout"
in:"query"
description:"Attach to `stdout`"
type:"boolean"
default:false
- name:"stderr"
in:"query"
description:"Attach to `stderr`"
type:"boolean"
default:false
tags:["Container"]
/containers/{id}/attach/ws:
get:
summary:"Attach to a container via a websocket"
operationId:"ContainerAttachWebsocket"
responses:
101:
description:"no error, hints proxy about hijacking"
200:
description:"no error, no upgrade header found"
400:
description:"bad parameter"
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"detachKeys"
in:"query"
description:"Override the key sequence for detaching a container.Format is a single character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,`, or `_`."
type:"string"
- name:"logs"
in:"query"
description:"Return logs"
type:"boolean"
default:false
- name:"stream"
in:"query"
description:"Return stream"
type:"boolean"
default:false
tags:["Container"]
/containers/{id}/wait:
post:
summary:"Wait for a container"
description:"Block until a container stops, then returns the exit code."
description:"If the container is running, kill it before removing it."
type:"boolean"
default:false
- name:"link"
in:"query"
description:"Remove the specified link associated with the container."
type:"boolean"
default:false
tags:["Container"]
/containers/{id}/archive:
head:
summary:"Get information about files in a container"
description:"A response header `X-Docker-Container-Path-Stat` is return containing a base64 - encoded JSON object with some filesystem header information about the path."
description:"Permission denied, the volume or container rootfs is marked as read-only."
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"No such container or path does not exist inside the container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the container"
type:"string"
- name:"path"
in:"query"
required:true
description:"Path to a directory in the container to extract the archive’s contents into. "
type:"string"
- name:"noOverwriteDirNonDir"
in:"query"
description:"If “1”, “true”, or “True” then it will be an error if unpacking the given content would cause an existing directory to be replaced with a non-directory and vice versa."
type:"string"
- name:"inputStream"
in:"body"
required:true
description:"The input stream must be a tar archive compressed with one of the following algorithms: identity (no compression), gzip, bzip2, xz."
schema:
type:"string"
tags:["Container"]
/containers/prune:
post:
summary:"Delete stopped containers"
produces:
- "application/json"
operationId:"ContainerPrune"
parameters:
- name:"filters"
in:"query"
description:|
Filters to process on the prune list, encoded as JSON (a `map[string][]string`).
Available filters:
- `until=<timestamp>` Prune containers created before this timestamp. The `<timestamp>` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time.
- `label` (`label=<key>`, `label=<key>=<value>`, `label!=<key>`, or `label!=<key>=<value>`) Prune containers with (or without, in case `label!=...` is used) the specified labels.
type:"string"
responses:
200:
description:"No error"
schema:
type:"object"
properties:
ContainersDeleted:
description:"Container IDs that were deleted"
type:"array"
items:
type:"string"
SpaceReclaimed:
description:"Disk space reclaimed in bytes"
type:"integer"
format:"int64"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["Container"]
/images/json:
get:
summary:"List Images"
description:"Returns a list of images on the server. Note that it uses a different, smaller representation of an image than inspecting a single image."
operationId:"ImageList"
produces:
- "application/json"
responses:
200:
description:"Summary image data for the images matching the query"
description:"Show all images. Only images from a final layer (no children) are shown by default."
type:"boolean"
default:false
- name:"filters"
in:"query"
description:|
A JSON encoded value of the filters (a `map[string][]string`) to process on the images list. Available filters:
- `before`=(`<image-name>[:<tag>]`, `<image id>` or `<image@digest>`)
- `dangling=true`
- `label=key` or `label="key=value"` of an image label
- `reference`=(`<image-name>[:<tag>]`)
- `since`=(`<image-name>[:<tag>]`, `<image id>` or `<image@digest>`)
type:"string"
- name:"digests"
in:"query"
description:"Show digest information as a `RepoDigests` field on each image."
type:"boolean"
default:false
tags:["Image"]
/build:
post:
summary:"Build an image"
description:|
Build an image from a tar archive with a `Dockerfile` in it.
The `Dockerfile` specifies how the image is built from the tar archive. It is typically in the archive's root, but can be at a different path or have a different name by specifying the `dockerfile` parameter. [See the `Dockerfile` reference for more information](https://docs.docker.com/engine/reference/builder/).
The Docker daemon performs a preliminary validation of the `Dockerfile` before starting the build, and returns an error if the syntax is incorrect. After that, each instruction is run one-by-one until the ID of the new image is output.
The build is canceled if the client drops the connection by quitting or being killed.
operationId:"ImageBuild"
consumes:
- "application/octet-stream"
produces:
- "application/json"
parameters:
- name:"inputStream"
in:"body"
description:"A tar archive compressed with one of the following algorithms: identity (no compression), gzip, bzip2, xz."
schema:
type:"string"
format:"binary"
- name:"dockerfile"
in:"query"
description:"Path within the build context to the `Dockerfile`. This is ignored if `remote` is specified and points to an external `Dockerfile`."
type:"string"
default:"Dockerfile"
- name:"t"
in:"query"
description:"A name and optional tag to apply to the image in the `name:tag` format. If you omit the tag the default `latest` value is assumed. You can provide several `t` parameters."
type:"string"
- name:"extrahosts"
in:"query"
description:"Extra hosts to add to /etc/hosts"
type:"string"
- name:"remote"
in:"query"
description:"A Git repository URI or HTTP/HTTPS context URI. If the URI points to a single text file, the file’s contents are placed into a file called `Dockerfile` and the image is built from that file. If the URI points to a tarball, the file is downloaded by the daemon and the contents therein used as the context for the build. If the URI points to a tarball and the `dockerfile` parameter is also specified, there must be a file with the corresponding path inside the tarball."
type:"string"
- name:"q"
in:"query"
description:"Suppress verbose build output."
type:"boolean"
default:false
- name:"nocache"
in:"query"
description:"Do not use the cache when building the image."
type:"boolean"
default:false
- name:"cachefrom"
in:"query"
description:"JSON array of images used for build cache resolution."
type:"string"
- name:"pull"
in:"query"
description:"Attempt to pull the image even if an older image exists locally."
type:"string"
- name:"rm"
in:"query"
description:"Remove intermediate containers after a successful build."
type:"boolean"
default:true
- name:"forcerm"
in:"query"
description:"Always remove intermediate containers, even upon failure."
type:"boolean"
default:false
- name:"memory"
in:"query"
description:"Set memory limit for build."
type:"integer"
- name:"memswap"
in:"query"
description:"Total memory (memory + swap). Set as `-1` to disable swap."
type:"integer"
- name:"cpushares"
in:"query"
description:"CPU shares (relative weight)."
type:"integer"
- name:"cpusetcpus"
in:"query"
description:"CPUs in which to allow execution (e.g., `0-3`, `0,1`)."
type:"string"
- name:"cpuperiod"
in:"query"
description:"The length of a CPU period in microseconds."
type:"integer"
- name:"cpuquota"
in:"query"
description:"Microseconds of CPU time that the container can get in a CPU period."
type:"integer"
- name:"buildargs"
in:"query"
description:"JSON map of string pairs for build-time variables. Users pass these values at build-time. Docker uses the buildargs as the environment context for commands run via the `Dockerfile` RUN instruction, or for variable expansion in other `Dockerfile` instructions. This is not meant for passing secret values. [Read more about the buildargs instruction.](https://docs.docker.com/engine/reference/builder/#arg)"
type:"integer"
- name:"shmsize"
in:"query"
description:"Size of `/dev/shm` in bytes. The size must be greater than 0. If omitted the system uses 64MB."
type:"integer"
- name:"squash"
in:"query"
description:"Squash the resulting images layers into a single layer. *(Experimental release only.)*"
type:"boolean"
- name:"labels"
in:"query"
description:"Arbitrary key/value labels to set on the image, as a JSON map of string pairs."
type:"string"
- name:"networkmode"
in:"query"
description:"Sets the networking mode for the run commands during
build. Supported standard values are:`bridge`, `host`, `none`, and
`container:<name|id>`. Any other value is taken as a custom network's
name to which this container should connect to."
type:"string"
- name:"Content-type"
in:"header"
type:"string"
enum:
- "application/x-tar"
default:"application/x-tar"
- name:"X-Registry-Config"
in:"header"
description:|
This is a base64-encoded JSON object with auth configurations for multiple registries that a build may refer to.
The key is a registry URL, and the value is an auth configuration object, [as described in the authentication section](#section/Authentication). For example:
```
{
"docker.example.com": {
"username": "janedoe",
"password": "hunter2"
},
"https://index.docker.io/v1/": {
"username": "mobydock",
"password": "conta1n3rize14"
}
}
```
Only the registry domain name (and port if not the default 443) are required. However, for legacy reasons, the Docker Hub registry must be specified with both a `https://` prefix and a `/v1/` suffix even though Docker will prefer to use the v2 registry API.
type:"string"
- name:"platform"
in:"query"
description:"Platform in the format os[/arch[/variant]]"
type:"string"
default:""
responses:
200:
description:"no error"
400:
description:"Bad parameter"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["Image"]
/build/prune:
post:
summary:"Delete builder cache"
produces:
- "application/json"
operationId:"BuildPrune"
responses:
200:
description:"No error"
schema:
type:"object"
properties:
SpaceReclaimed:
description:"Disk space reclaimed in bytes"
type:"integer"
format:"int64"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["Image"]
/images/create:
post:
summary:"Create an image"
description:"Create an image by either pulling it from a registry or importing it."
operationId:"ImageCreate"
consumes:
- "text/plain"
- "application/octet-stream"
produces:
- "application/json"
responses:
200:
description:"no error"
404:
description:"repository does not exist or no read access"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"fromImage"
in:"query"
description:"Name of the image to pull. The name may include a tag or digest. This parameter may only be used when pulling an image. The pull is cancelled if the HTTP connection is closed."
type:"string"
- name:"fromSrc"
in:"query"
description:"Source to import. The value may be a URL from which the image can be retrieved or `-` to read the image from the request body. This parameter may only be used when importing an image."
type:"string"
- name:"repo"
in:"query"
description:"Repository name given to an image when it is imported. The repo may include a tag. This parameter may only be used when importing an image."
type:"string"
- name:"tag"
in:"query"
description:"Tag or digest. If empty when pulling an image, this causes all tags for the given image to be pulled."
type:"string"
- name:"inputImage"
in:"body"
description:"Image content if the value `-` has been specified in fromSrc query parameter"
schema:
type:"string"
required:false
- name:"X-Registry-Auth"
in:"header"
description:"A base64-encoded auth configuration. [See the authentication section for details.](#section/Authentication)"
type:"string"
- name:"platform"
in:"query"
description:"Platform in the format os[/arch[/variant]]"
type:"string"
default:""
tags:["Image"]
/images/{name}/json:
get:
summary:"Inspect an image"
description:"Return low-level information about an image."
If you wish to push an image on to a private registry, that image must already have a tag which references the registry. For example, `registry.example.com/myimage:latest`.
The push is cancelled if the HTTP connection is closed.
operationId:"ImagePush"
consumes:
- "application/octet-stream"
responses:
200:
description:"No error"
404:
description:"No such image"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"path"
description:"Image name or ID."
type:"string"
required:true
- name:"tag"
in:"query"
description:"The tag to associate with the image on the registry."
type:"string"
- name:"X-Registry-Auth"
in:"header"
description:"A base64-encoded auth configuration. [See the authentication section for details.](#section/Authentication)"
type:"string"
required:true
tags:["Image"]
/images/{name}/tag:
post:
summary:"Tag an image"
description:"Tag an image so that it becomes part of a repository."
operationId:"ImageTag"
responses:
201:
description:"No error"
400:
description:"Bad parameter"
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"No such image"
schema:
$ref:"#/definitions/ErrorResponse"
409:
description:"Conflict"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"path"
description:"Image name or ID to tag."
type:"string"
required:true
- name:"repo"
in:"query"
description:"The repository to tag in. For example, `someuser/someimage`."
type:"string"
- name:"tag"
in:"query"
description:"The name of the new tag."
type:"string"
tags:["Image"]
/images/{name}:
delete:
summary:"Remove an image"
description:|
Remove an image, along with any untagged parent images that were
referenced by that image.
Images can't be removed if they have descendant images, are being
used by a running container or are being used by a build.
operationId:"ImageDelete"
produces:["application/json"]
responses:
200:
description:"The image was deleted successfully"
schema:
type:"array"
items:
$ref:"#/definitions/ImageDeleteResponseItem"
examples:
application/json:
- Untagged:"3e2f21a89f"
- Deleted:"3e2f21a89f"
- Deleted:"53b4f83ac9"
404:
description:"No such image"
schema:
$ref:"#/definitions/ErrorResponse"
409:
description:"Conflict"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"path"
description:"Image name or ID"
type:"string"
required:true
- name:"force"
in:"query"
description:"Remove the image even if it is being used by stopped containers or has other tags"
type:"boolean"
default:false
- name:"noprune"
in:"query"
description:"Do not delete untagged parent images"
type:"boolean"
default:false
tags:["Image"]
/images/search:
get:
summary:"Search images"
description:"Search for an image on Docker Hub."
operationId:"ImageSearch"
produces:
- "application/json"
responses:
200:
description:"No error"
schema:
type:"array"
items:
type:"object"
properties:
description:
type:"string"
is_official:
type:"boolean"
is_automated:
type:"boolean"
name:
type:"string"
star_count:
type:"integer"
examples:
application/json:
- description:""
is_official:false
is_automated:false
name:"wma55/u1210sshd"
star_count:0
- description:""
is_official:false
is_automated:false
name:"jdswinbank/sshd"
star_count:0
- description:""
is_official:false
is_automated:false
name:"vgauthier/sshd"
star_count:0
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"term"
in:"query"
description:"Term to search"
type:"string"
required:true
- name:"limit"
in:"query"
description:"Maximum number of results to return"
type:"integer"
- name:"filters"
in:"query"
description:|
A JSON encoded value of the filters (a `map[string][]string`) to process on the images list. Available filters:
- `is-automated=(true|false)`
- `is-official=(true|false)`
- `stars=<number>` Matches images that has at least 'number' stars.
type:"string"
tags:["Image"]
/images/prune:
post:
summary:"Delete unused images"
produces:
- "application/json"
operationId:"ImagePrune"
parameters:
- name:"filters"
in:"query"
description:|
Filters to process on the prune list, encoded as JSON (a `map[string][]string`). Available filters:
- `dangling=<boolean>` When set to `true` (or `1`), prune only
unused *and* untagged images. When set to `false`
(or `0`), all unused images are pruned.
- `until=<string>` Prune images created before this timestamp. The `<timestamp>` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time.
- `label` (`label=<key>`, `label=<key>=<value>`, `label!=<key>`, or `label!=<key>=<value>`) Prune images with (or without, in case `label!=...` is used) the specified labels.
type:"string"
responses:
200:
description:"No error"
schema:
type:"object"
properties:
ImagesDeleted:
description:"Images that were deleted"
type:"array"
items:
$ref:"#/definitions/ImageDeleteResponseItem"
SpaceReclaimed:
description:"Disk space reclaimed in bytes"
type:"integer"
format:"int64"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["Image"]
/auth:
post:
summary:"Check auth configuration"
description:"Validate credentials for a registry and, if available, get an identity token for accessing the registry without password."
operationId:"SystemAuth"
consumes:["application/json"]
produces:["application/json"]
responses:
200:
description:"An identity token was generated successfully."
schema:
type:"object"
required:[Status]
properties:
Status:
description:"The status of the authentication"
type:"string"
x-nullable:false
IdentityToken:
description:"An opaque token used to authenticate a user after a successful login"
type:"string"
x-nullable:false
examples:
application/json:
Status:"Login Succeeded"
IdentityToken:"9cbaf023786cd7..."
204:
description:"No error"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"authConfig"
in:"body"
description:"Authentication to check"
schema:
$ref:"#/definitions/AuthConfig"
tags:["System"]
/info:
get:
summary:"Get system information"
operationId:"SystemInfo"
produces:
- "application/json"
responses:
200:
description:"No error"
schema:
$ref:"#/definitions/SystemInfo"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["System"]
/version:
get:
summary:"Get version"
description:"Returns the version of Docker that is running and various information about the system that Docker is running on."
operationId:"SystemVersion"
produces:["application/json"]
responses:
200:
description:"no error"
schema:
type:"object"
properties:
Version:
type:"string"
ApiVersion:
type:"string"
MinAPIVersion:
type:"string"
GitCommit:
type:"string"
GoVersion:
type:"string"
Os:
type:"string"
Arch:
type:"string"
KernelVersion:
type:"string"
Experimental:
type:"boolean"
BuildTime:
type:"string"
examples:
application/json:
Version:"17.04.0"
Os:"linux"
KernelVersion:"3.19.0-23-generic"
GoVersion:"go1.7.5"
GitCommit:"deadbee"
Arch:"amd64"
ApiVersion:"1.27"
MinAPIVersion:"1.12"
BuildTime:"2016-06-14T07:09:13.444803460+00:00"
Experimental:true
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["System"]
/_ping:
get:
summary:"Ping"
description:"This is a dummy endpoint you can use to test if the server is accessible."
operationId:"SystemPing"
produces:["text/plain"]
responses:
200:
description:"no error"
schema:
type:"string"
example:"OK"
headers:
API-Version:
type:"string"
description:"Max API Version the server supports"
Docker-Experimental:
type:"boolean"
description:"If the server is running with experimental mode enabled"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["System"]
/commit:
post:
summary:"Create a new image from a container"
operationId:"ImageCommit"
consumes:
- "application/json"
produces:
- "application/json"
responses:
201:
description:"no error"
schema:
$ref:"#/definitions/IdResponse"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"containerConfig"
in:"body"
description:"The container configuration"
schema:
$ref:"#/definitions/ContainerConfig"
- name:"container"
in:"query"
description:"The ID or name of the container to commit"
type:"string"
- name:"repo"
in:"query"
description:"Repository name for the created image"
type:"string"
- name:"tag"
in:"query"
description:"Tag name for the create image"
type:"string"
- name:"comment"
in:"query"
description:"Commit message"
type:"string"
- name:"author"
in:"query"
description:"Author of the image (e.g., `John Hannibal Smith <hannibal@a-team.com>`)"
type:"string"
- name:"pause"
in:"query"
description:"Whether to pause the container before committing"
type:"boolean"
default:true
- name:"changes"
in:"query"
description:"`Dockerfile` instructions to apply while committing"
type:"string"
tags:["Image"]
/events:
get:
summary:"Monitor events"
description:|
Stream real-time events from the server.
Various objects within Docker report events when something happens to them.
Get a tarball containing all images and metadata for a repository.
If `name` is a specific name and tag (e.g. `ubuntu:latest`), then only that image (and its parents) are returned. If `name` is an image ID, similarly only that image (and its parents) are returned, but with the exclusion of the `repositories` file in the tarball, as there were no image names referenced.
### Image tarball format
An image tarball contains one directory per image layer (named using its long ID), each containing these files:
- `VERSION`:currently `1.0` - the file format version
- `json`:detailed layer information, similar to `docker inspect layer_id`
- `layer.tar`:A tarfile containing the filesystem changes in this layer
The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories for storing attribute changes and deletions.
If the tarball defines a repository, the tarball should also include a `repositories` file at the root that contains a list of repository and tag names mapped to layer IDs.
Get a tarball containing all images and metadata for several image repositories.
For each value of the `names` parameter:if it is a specific name and tag (e.g. `ubuntu:latest`), then only that image (and its parents) are returned; if it is an image ID, similarly only that image (and its parents) are returned and there would be no names referenced in the 'repositories' file for this image ID.
For details on the format, see [the export image endpoint](#operation/ImageGet).
operationId:"ImageGetAll"
produces:
- "application/x-tar"
responses:
200:
description:"no error"
schema:
type:"string"
format:"binary"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"names"
in:"query"
description:"Image names to filter by"
type:"array"
items:
type:"string"
tags:["Image"]
/images/load:
post:
summary:"Import images"
description:|
Load a set of images and tags into a repository.
For details on the format, see [the export image endpoint](#operation/ImageGet).
operationId:"ImageLoad"
consumes:
- "application/x-tar"
produces:
- "application/json"
responses:
200:
description:"no error"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"imagesTarball"
in:"body"
description:"Tar archive containing images"
schema:
type:"string"
format:"binary"
- name:"quiet"
in:"query"
description:"Suppress progress details during load."
type:"boolean"
default:false
tags:["Image"]
/containers/{id}/exec:
post:
summary:"Create an exec instance"
description:"Run a command inside a running container."
operationId:"ContainerExec"
consumes:
- "application/json"
produces:
- "application/json"
responses:
201:
description:"no error"
schema:
$ref:"#/definitions/IdResponse"
404:
description:"no such container"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such container: c2ada9df5af8"
409:
description:"container is paused"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"execConfig"
in:"body"
description:"Exec configuration"
schema:
type:"object"
properties:
AttachStdin:
type:"boolean"
description:"Attach to `stdin` of the exec command."
AttachStdout:
type:"boolean"
description:"Attach to `stdout` of the exec command."
AttachStderr:
type:"boolean"
description:"Attach to `stderr` of the exec command."
DetachKeys:
type:"string"
description:"Override the key sequence for detaching a container. Format is a single character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`."
Tty:
type:"boolean"
description:"Allocate a pseudo-TTY."
Env:
description:"A list of environment variables in the form `[\"VAR=value\", ...]`."
type:"array"
items:
type:"string"
Cmd:
type:"array"
description:"Command to run, as a string or array of strings."
items:
type:"string"
Privileged:
type:"boolean"
description:"Runs the exec process with extended privileges."
default:false
User:
type:"string"
description:"The user, and optionally, group to run the exec process inside the container. Format is one of: `user`, `user:group`, `uid`, or `uid:gid`."
example:
AttachStdin:false
AttachStdout:true
AttachStderr:true
DetachKeys:"ctrl-p,ctrl-q"
Tty:false
Cmd:
- "date"
Env:
- "FOO=bar"
- "BAZ=quux"
required:true
- name:"id"
in:"path"
description:"ID or name of container"
type:"string"
required:true
tags:["Exec"]
/exec/{id}/start:
post:
summary:"Start an exec instance"
description:"Starts a previously set up exec instance. If detach is true, this endpoint returns immediately after starting the command. Otherwise, it sets up an interactive session with the command."
operationId:"ExecStart"
consumes:
- "application/json"
produces:
- "application/vnd.docker.raw-stream"
responses:
200:
description:"No error"
404:
description:"No such exec instance"
schema:
$ref:"#/definitions/ErrorResponse"
409:
description:"Container is stopped or paused"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"execStartConfig"
in:"body"
schema:
type:"object"
properties:
Detach:
type:"boolean"
description:"Detach from the command."
Tty:
type:"boolean"
description:"Allocate a pseudo-TTY."
example:
Detach:false
Tty:false
- name:"id"
in:"path"
description:"Exec instance ID"
required:true
type:"string"
tags:["Exec"]
/exec/{id}/resize:
post:
summary:"Resize an exec instance"
description:"Resize the TTY session used by an exec instance. This endpoint only works if `tty` was specified as part of creating and starting the exec instance."
description:"Summary volume data that matches the query"
schema:
type:"object"
required:[Volumes, Warnings]
properties:
Volumes:
type:"array"
x-nullable:false
description:"List of volumes"
items:
$ref:"#/definitions/Volume"
Warnings:
type:"array"
x-nullable:false
description:"Warnings that occurred when fetching the list of volumes"
items:
type:"string"
examples:
application/json:
Volumes:
- CreatedAt:"2017-07-19T12:00:26Z"
Name:"tardis"
Driver:"local"
Mountpoint:"/var/lib/docker/volumes/tardis"
Labels:
com.example.some-label:"some-value"
com.example.some-other-label:"some-other-value"
Scope:"local"
Options:
device:"tmpfs"
o:"size=100m,uid=1000"
type:"tmpfs"
Warnings:[]
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"filters"
in:"query"
description:|
JSON encoded value of the filters (a `map[string][]string`) to
process on the volumes list. Available filters:
- `dangling=<boolean>` When set to `true` (or `1`), returns all
volumes that are not in use by a container. When set to `false`
(or `0`), only volumes that are in use by one or more
containers are returned.
- `driver=<volume-driver-name>` Matches volumes based on their driver.
- `label=<key>` or `label=<key>:<value>` Matches volumes based on
the presence of a `label` alone or a `label` and a value.
- `name=<volume-name>` Matches all or part of a volume name.
type:"string"
format:"json"
tags:["Volume"]
/volumes/create:
post:
summary:"Create a volume"
operationId:"VolumeCreate"
consumes:["application/json"]
produces:["application/json"]
responses:
201:
description:"The volume was created successfully"
schema:
$ref:"#/definitions/Volume"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"volumeConfig"
in:"body"
required:true
description:"Volume configuration"
schema:
type:"object"
properties:
Name:
description:"The new volume's name. If not specified, Docker generates a name."
type:"string"
x-nullable:false
Driver:
description:"Name of the volume driver to use."
type:"string"
default:"local"
x-nullable:false
DriverOpts:
description:"A mapping of driver options and values. These options are passed directly to the driver and are driver specific."
type:"object"
additionalProperties:
type:"string"
Labels:
description:"User-defined key/value metadata."
type:"object"
additionalProperties:
type:"string"
example:
Name:"tardis"
Labels:
com.example.some-label:"some-value"
com.example.some-other-label:"some-other-value"
Driver:"custom"
tags:["Volume"]
/volumes/{name}:
get:
summary:"Inspect a volume"
operationId:"VolumeInspect"
produces:["application/json"]
responses:
200:
description:"No error"
schema:
$ref:"#/definitions/Volume"
404:
description:"No such volume"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"path"
required:true
description:"Volume name or ID"
type:"string"
tags:["Volume"]
delete:
summary:"Remove a volume"
description:"Instruct the driver to remove the volume."
operationId:"VolumeDelete"
responses:
204:
description:"The volume was removed"
404:
description:"No such volume or volume driver"
schema:
$ref:"#/definitions/ErrorResponse"
409:
description:"Volume is in use and cannot be removed"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"path"
required:true
description:"Volume name or ID"
type:"string"
- name:"force"
in:"query"
description:"Force the removal of the volume"
type:"boolean"
default:false
tags:["Volume"]
/volumes/prune:
post:
summary:"Delete unused volumes"
produces:
- "application/json"
operationId:"VolumePrune"
parameters:
- name:"filters"
in:"query"
description:|
Filters to process on the prune list, encoded as JSON (a `map[string][]string`).
Available filters:
- `label` (`label=<key>`, `label=<key>=<value>`, `label!=<key>`, or `label!=<key>=<value>`) Prune volumes with (or without, in case `label!=...` is used) the specified labels.
type:"string"
responses:
200:
description:"No error"
schema:
type:"object"
properties:
VolumesDeleted:
description:"Volumes that were deleted"
type:"array"
items:
type:"string"
SpaceReclaimed:
description:"Disk space reclaimed in bytes"
type:"integer"
format:"int64"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["Volume"]
/networks:
get:
summary:"List networks"
description:|
Returns a list of networks. For details on the format, see [the network inspect endpoint](#operation/NetworkInspect).
Note that it uses a different, smaller representation of a network than inspecting a single network. For example,
the list of containers attached to the network is not propagated in API versions 1.28 and up.
description:"operation not supported for pre-defined networks"
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"plugin not found"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"networkConfig"
in:"body"
description:"Network configuration"
required:true
schema:
type:"object"
required:["Name"]
properties:
Name:
description:"The network's name."
type:"string"
CheckDuplicate:
description:"Check for networks with duplicate names. Since Network is primarily keyed based on a random ID and not on the name, and network name is strictly a user-friendly alias to the network which is uniquely identified using ID, there is no guaranteed way to check for duplicates. CheckDuplicate is there to provide a best effort checking of any networks which has the same name but it is not guaranteed to catch all name collisions."
type:"boolean"
Driver:
description:"Name of the network driver plugin to use."
type:"string"
default:"bridge"
Internal:
description:"Restrict external access to the network."
type:"boolean"
Attachable:
description:"Globally scoped network is manually attachable by regular containers from workers in swarm mode."
type:"boolean"
Ingress:
description:"Ingress network is the network which provides the routing-mesh in swarm mode."
type:"boolean"
IPAM:
description:"Optional custom IP scheme for the network."
$ref:"#/definitions/IPAM"
EnableIPv6:
description:"Enable IPv6 on the network."
type:"boolean"
Options:
description:"Network specific options to be used by the drivers."
description:"Operation not supported for swarm scoped networks"
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"Network or container not found"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
description:"Network ID or name"
required:true
type:"string"
- name:"container"
in:"body"
required:true
schema:
type:"object"
properties:
Container:
type:"string"
description:"The ID or name of the container to connect to the network."
EndpointConfig:
$ref:"#/definitions/EndpointSettings"
example:
Container:"3613f73ba0e4"
EndpointConfig:
IPAMConfig:
IPv4Address:"172.24.56.89"
IPv6Address:"2001:db8::5689"
tags:["Network"]
/networks/{id}/disconnect:
post:
summary:"Disconnect a container from a network"
operationId:"NetworkDisconnect"
consumes:
- "application/json"
responses:
200:
description:"No error"
403:
description:"Operation not supported for swarm scoped networks"
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"Network or container not found"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
description:"Network ID or name"
required:true
type:"string"
- name:"container"
in:"body"
required:true
schema:
type:"object"
properties:
Container:
type:"string"
description:"The ID or name of the container to disconnect from the network."
Force:
type:"boolean"
description:"Force the container to disconnect from the network."
tags:["Network"]
/networks/prune:
post:
summary:"Delete unused networks"
produces:
- "application/json"
operationId:"NetworkPrune"
parameters:
- name:"filters"
in:"query"
description:|
Filters to process on the prune list, encoded as JSON (a `map[string][]string`).
Available filters:
- `until=<timestamp>` Prune networks created before this timestamp. The `<timestamp>` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time.
- `label` (`label=<key>`, `label=<key>=<value>`, `label!=<key>`, or `label!=<key>=<value>`) Prune networks with (or without, in case `label!=...` is used) the specified labels.
type:"string"
responses:
200:
description:"No error"
schema:
type:"object"
properties:
NetworksDeleted:
description:"Networks that were deleted"
type:"array"
items:
type:"string"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["Network"]
/plugins:
get:
summary:"List plugins"
operationId:"PluginList"
description:"Returns information about installed plugins."
produces:["application/json"]
responses:
200:
description:"No error"
schema:
type:"array"
items:
$ref:"#/definitions/Plugin"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"filters"
in:"query"
type:"string"
description:|
A JSON encoded value of the filters (a `map[string][]string`) to process on the plugin list. Available filters:
- `capability=<capability name>`
- `enable=<true>|<false>`
tags:["Plugin"]
/plugins/privileges:
get:
summary:"Get plugin privileges"
operationId:"GetPluginPrivileges"
responses:
200:
description:"no error"
schema:
type:"array"
items:
description:"Describes a permission the user has to accept upon installing the plugin."
type:"object"
properties:
Name:
type:"string"
Description:
type:"string"
Value:
type:"array"
items:
type:"string"
example:
- Name:"network"
Description:""
Value:
- "host"
- Name:"mount"
Description:""
Value:
- "/data"
- Name:"device"
Description:""
Value:
- "/dev/cpu_dma_latency"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"remote"
in:"query"
description:"The name of the plugin. The `:latest` tag is optional, and is the default if omitted."
required:true
type:"string"
tags:
- "Plugin"
/plugins/pull:
post:
summary:"Install a plugin"
operationId:"PluginPull"
description:|
Pulls and installs a plugin. After the plugin is installed, it can be enabled using the [`POST /plugins/{name}/enable` endpoint](#operation/PostPluginsEnable).
produces:
- "application/json"
responses:
204:
description:"no error"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"remote"
in:"query"
description:|
Remote reference for plugin to install.
The `:latest` tag is optional, and is used as the default if omitted.
required:true
type:"string"
- name:"name"
in:"query"
description:|
Local name for the pulled plugin.
The `:latest` tag is optional, and is used as the default if omitted.
required:false
type:"string"
- name:"X-Registry-Auth"
in:"header"
description:"A base64-encoded auth configuration to use when pulling a plugin from a registry. [See the authentication section for details.](#section/Authentication)"
type:"string"
- name:"body"
in:"body"
schema:
type:"array"
items:
description:"Describes a permission accepted by the user upon installing the plugin."
type:"object"
properties:
Name:
type:"string"
Description:
type:"string"
Value:
type:"array"
items:
type:"string"
example:
- Name:"network"
Description:""
Value:
- "host"
- Name:"mount"
Description:""
Value:
- "/data"
- Name:"device"
Description:""
Value:
- "/dev/cpu_dma_latency"
tags:["Plugin"]
/plugins/{name}/json:
get:
summary:"Inspect a plugin"
operationId:"PluginInspect"
responses:
200:
description:"no error"
schema:
$ref:"#/definitions/Plugin"
404:
description:"plugin is not installed"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"path"
description:"The name of the plugin. The `:latest` tag is optional, and is the default if omitted."
required:true
type:"string"
tags:["Plugin"]
/plugins/{name}:
delete:
summary:"Remove a plugin"
operationId:"PluginDelete"
responses:
200:
description:"no error"
schema:
$ref:"#/definitions/Plugin"
404:
description:"plugin is not installed"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"path"
description:"The name of the plugin. The `:latest` tag is optional, and is the default if omitted."
required:true
type:"string"
- name:"force"
in:"query"
description:"Disable the plugin before removing. This may result in issues if the plugin is in use by a container."
type:"boolean"
default:false
tags:["Plugin"]
/plugins/{name}/enable:
post:
summary:"Enable a plugin"
operationId:"PluginEnable"
responses:
200:
description:"no error"
404:
description:"plugin is not installed"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"path"
description:"The name of the plugin. The `:latest` tag is optional, and is the default if omitted."
required:true
type:"string"
- name:"timeout"
in:"query"
description:"Set the HTTP client timeout (in seconds)"
type:"integer"
default:0
tags:["Plugin"]
/plugins/{name}/disable:
post:
summary:"Disable a plugin"
operationId:"PluginDisable"
responses:
200:
description:"no error"
404:
description:"plugin is not installed"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"path"
description:"The name of the plugin. The `:latest` tag is optional, and is the default if omitted."
required:true
type:"string"
tags:["Plugin"]
/plugins/{name}/upgrade:
post:
summary:"Upgrade a plugin"
operationId:"PluginUpgrade"
responses:
204:
description:"no error"
404:
description:"plugin not installed"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"path"
description:"The name of the plugin. The `:latest` tag is optional, and is the default if omitted."
required:true
type:"string"
- name:"remote"
in:"query"
description:|
Remote reference to upgrade to.
The `:latest` tag is optional, and is used as the default if omitted.
required:true
type:"string"
- name:"X-Registry-Auth"
in:"header"
description:"A base64-encoded auth configuration to use when pulling a plugin from a registry. [See the authentication section for details.](#section/Authentication)"
type:"string"
- name:"body"
in:"body"
schema:
type:"array"
items:
description:"Describes a permission accepted by the user upon installing the plugin."
type:"object"
properties:
Name:
type:"string"
Description:
type:"string"
Value:
type:"array"
items:
type:"string"
example:
- Name:"network"
Description:""
Value:
- "host"
- Name:"mount"
Description:""
Value:
- "/data"
- Name:"device"
Description:""
Value:
- "/dev/cpu_dma_latency"
tags:["Plugin"]
/plugins/create:
post:
summary:"Create a plugin"
operationId:"PluginCreate"
consumes:
- "application/x-tar"
responses:
204:
description:"no error"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"name"
in:"query"
description:"The name of the plugin. The `:latest` tag is optional, and is the default if omitted."
required:true
type:"string"
- name:"tarContext"
in:"body"
description:"Path to tar containing plugin rootfs and manifest"
schema:
type:"string"
format:"binary"
tags:["Plugin"]
/plugins/{name}/push:
post:
summary:"Push a plugin"
operationId:"PluginPush"
description:|
Push a plugin to the registry.
parameters:
- name:"name"
in:"path"
description:"The name of the plugin. The `:latest` tag is optional, and is the default if omitted."
required:true
type:"string"
responses:
200:
description:"no error"
404:
description:"plugin not installed"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["Plugin"]
/plugins/{name}/set:
post:
summary:"Configure a plugin"
operationId:"PluginSet"
consumes:
- "application/json"
parameters:
- name:"name"
in:"path"
description:"The name of the plugin. The `:latest` tag is optional, and is the default if omitted."
required:true
type:"string"
- name:"body"
in:"body"
schema:
type:"array"
items:
type:"string"
example:["DEBUG=1"]
responses:
204:
description:"No error"
404:
description:"Plugin not installed"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"Server error"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["Plugin"]
/nodes:
get:
summary:"List nodes"
operationId:"NodeList"
responses:
200:
description:"no error"
schema:
type:"array"
items:
$ref:"#/definitions/Node"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"filters"
in:"query"
description:|
Filters to process on the nodes list, encoded as JSON (a `map[string][]string`).
Available filters:
- `id=<node id>`
- `label=<engine label>`
- `membership=`(`accepted`|`pending`)`
- `name=<node name>`
- `role=`(`manager`|`worker`)`
type:"string"
tags:["Node"]
/nodes/{id}:
get:
summary:"Inspect a node"
operationId:"NodeInspect"
responses:
200:
description:"no error"
schema:
$ref:"#/definitions/Node"
404:
description:"no such node"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
description:"The ID or name of the node"
type:"string"
required:true
tags:["Node"]
delete:
summary:"Delete a node"
operationId:"NodeDelete"
responses:
200:
description:"no error"
404:
description:"no such node"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
description:"The ID or name of the node"
type:"string"
required:true
- name:"force"
in:"query"
description:"Force remove a node from the swarm"
default:false
type:"boolean"
tags:["Node"]
/nodes/{id}/update:
post:
summary:"Update a node"
operationId:"NodeUpdate"
responses:
200:
description:"no error"
400:
description:"bad parameter"
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"no such node"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
description:"The ID of the node"
type:"string"
required:true
- name:"body"
in:"body"
schema:
$ref:"#/definitions/NodeSpec"
- name:"version"
in:"query"
description:"The version number of the node object being updated. This is required to avoid conflicting writes."
type:"integer"
format:"int64"
required:true
tags:["Node"]
/swarm:
get:
summary:"Inspect swarm"
operationId:"SwarmInspect"
responses:
200:
description:"no error"
schema:
$ref:"#/definitions/Swarm"
404:
description:"no such swarm"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
tags:["Swarm"]
/swarm/init:
post:
summary:"Initialize a new swarm"
operationId:"SwarmInit"
produces:
- "application/json"
- "text/plain"
responses:
200:
description:"no error"
schema:
description:"The node ID"
type:"string"
example:"7v2t30z9blmxuhnyo6s4cpenp"
400:
description:"bad parameter"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is already part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"body"
in:"body"
required:true
schema:
type:"object"
properties:
ListenAddr:
description:"Listen address used for inter-manager communication, as well as determining the networking interface used for the VXLAN Tunnel Endpoint (VTEP). This can either be an address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port number, like `eth0:4567`. If the port number is omitted, the default swarm listening port is used."
type:"string"
AdvertiseAddr:
description:"Externally reachable address advertised to other nodes. This can either be an address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port number, like `eth0:4567`. If the port number is omitted, the port number from the listen address is used. If `AdvertiseAddr` is not specified, it will be automatically detected when possible."
type:"string"
DataPathAddr:
description:|
Address or interface to use for data path traffic (format:`<ip|interface>`), for example, `192.168.1.1`,
or an interface, like `eth0`. If `DataPathAddr` is unspecified, the same address as `AdvertiseAddr`
is used.
The `DataPathAddr` specifies the address that global scope network drivers will publish towards other
nodes in order to reach the containers running on this node. Using this parameter it is possible to
separate the container data traffic from the management traffic of the cluster.
type:"string"
ForceNewCluster:
description:"Force creation of a new swarm."
type:"boolean"
Spec:
$ref:"#/definitions/SwarmSpec"
example:
ListenAddr:"0.0.0.0:2377"
AdvertiseAddr:"192.168.1.1:2377"
ForceNewCluster:false
Spec:
Orchestration:{}
Raft:{}
Dispatcher:{}
CAConfig:{}
EncryptionConfig:
AutoLockManagers:false
tags:["Swarm"]
/swarm/join:
post:
summary:"Join an existing swarm"
operationId:"SwarmJoin"
responses:
200:
description:"no error"
400:
description:"bad parameter"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is already part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"body"
in:"body"
required:true
schema:
type:"object"
properties:
ListenAddr:
description:"Listen address used for inter-manager communication if the node gets promoted to manager, as well as determining the networking interface used for the VXLAN Tunnel Endpoint (VTEP)."
type:"string"
AdvertiseAddr:
description:"Externally reachable address advertised to other nodes. This can either be an address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port number, like `eth0:4567`. If the port number is omitted, the port number from the listen address is used. If `AdvertiseAddr` is not specified, it will be automatically detected when possible."
type:"string"
DataPathAddr:
description:|
Address or interface to use for data path traffic (format:`<ip|interface>`), for example, `192.168.1.1`,
or an interface, like `eth0`. If `DataPathAddr` is unspecified, the same address as `AdvertiseAddr`
is used.
The `DataPathAddr` specifies the address that global scope network drivers will publish towards other
nodes in order to reach the containers running on this node. Using this parameter it is possible to
separate the container data traffic from the management traffic of the cluster.
type:"string"
RemoteAddrs:
description:"Addresses of manager nodes already participating in the swarm."
type:"string"
JoinToken:
description:"Secret token for joining this swarm."
description:"A base64-encoded auth configuration for pulling from private registries. [See the authentication section for details.](#section/Authentication)"
type:"string"
tags:["Service"]
/services/{id}:
get:
summary:"Inspect a service"
operationId:"ServiceInspect"
responses:
200:
description:"no error"
schema:
$ref:"#/definitions/Service"
404:
description:"no such service"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
description:"ID or name of service."
required:true
type:"string"
- name:"insertDefaults"
in:"query"
description:"Fill empty fields with default values."
type:"boolean"
default:false
tags:["Service"]
delete:
summary:"Delete a service"
operationId:"ServiceDelete"
responses:
200:
description:"no error"
404:
description:"no such service"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
description:"ID or name of service."
required:true
type:"string"
tags:["Service"]
/services/{id}/update:
post:
summary:"Update a service"
operationId:"ServiceUpdate"
consumes:["application/json"]
produces:["application/json"]
responses:
200:
description:"no error"
schema:
$ref:"#/definitions/ServiceUpdateResponse"
400:
description:"bad parameter"
schema:
$ref:"#/definitions/ErrorResponse"
404:
description:"no such service"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
description:"ID or name of service."
required:true
type:"string"
- name:"body"
in:"body"
required:true
schema:
allOf:
- $ref:"#/definitions/ServiceSpec"
- type:"object"
example:
Name:"top"
TaskTemplate:
ContainerSpec:
Image:"busybox"
Args:
- "top"
Resources:
Limits:{}
Reservations:{}
RestartPolicy:
Condition:"any"
MaxAttempts:0
Placement:{}
ForceUpdate:0
Mode:
Replicated:
Replicas:1
UpdateConfig:
Parallelism:2
Delay:1000000000
FailureAction:"pause"
Monitor:15000000000
MaxFailureRatio:0.15
RollbackConfig:
Parallelism:1
Delay:1000000000
FailureAction:"pause"
Monitor:15000000000
MaxFailureRatio:0.15
EndpointSpec:
Mode:"vip"
- name:"version"
in:"query"
description:"The version number of the service object being updated. This is required to avoid conflicting writes."
required:true
type:"integer"
- name:"registryAuthFrom"
in:"query"
type:"string"
description:"If the X-Registry-Auth header is not specified, this
parameter indicates where to find registry authorization credentials. The
valid values are `spec` and `previous-spec`."
default:"spec"
- name:"rollback"
in:"query"
type:"string"
description:"Set to this parameter to `previous` to cause a
server-side rollback to the previous service spec. The supplied spec will be
ignored in this case."
- name:"X-Registry-Auth"
in:"header"
description:"A base64-encoded auth configuration for pulling from private registries. [See the authentication section for details.](#section/Authentication)"
type:"string"
tags:["Service"]
/services/{id}/logs:
get:
summary:"Get service logs"
description:|
Get `stdout` and `stderr` logs from a service.
**Note**:This endpoint works only for services with the `json-file` or `journald` logging drivers.
operationId:"ServiceLogs"
produces:
- "application/vnd.docker.raw-stream"
- "application/json"
responses:
101:
description:"logs returned as a stream"
schema:
type:"string"
format:"binary"
200:
description:"logs returned as a string in response body"
schema:
type:"string"
404:
description:"no such service"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such service: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID or name of the service"
type:"string"
- name:"details"
in:"query"
description:"Show service context and extra details provided to logs."
type:"boolean"
default:false
- name:"follow"
in:"query"
description:|
Return the logs as a stream.
This will return a `101` HTTP response with a `Connection:upgrade` header, then hijack the HTTP connection to send raw output. For more information about hijacking and the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach).
type:"boolean"
default:false
- name:"stdout"
in:"query"
description:"Return logs from `stdout`"
type:"boolean"
default:false
- name:"stderr"
in:"query"
description:"Return logs from `stderr`"
type:"boolean"
default:false
- name:"since"
in:"query"
description:"Only return logs since this time, as a UNIX timestamp"
type:"integer"
default:0
- name:"timestamps"
in:"query"
description:"Add timestamps to every log line"
type:"boolean"
default:false
- name:"tail"
in:"query"
description:"Only return this number of log lines from the end of the logs. Specify as an integer or `all` to output all log lines."
A JSON encoded value of the filters (a `map[string][]string`) to process on the tasks list. Available filters:
- `desired-state=(running | shutdown | accepted)`
- `id=<task id>`
- `label=key` or `label="key=value"`
- `name=<task name>`
- `node=<node id or name>`
- `service=<service name>`
tags:["Task"]
/tasks/{id}:
get:
summary:"Inspect a task"
operationId:"TaskInspect"
produces:
- "application/json"
responses:
200:
description:"no error"
schema:
$ref:"#/definitions/Task"
404:
description:"no such task"
schema:
$ref:"#/definitions/ErrorResponse"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
description:"ID of the task"
required:true
type:"string"
tags:["Task"]
/tasks/{id}/logs:
get:
summary:"Get task logs"
description:|
Get `stdout` and `stderr` logs from a task.
**Note**:This endpoint works only for services with the `json-file` or `journald` logging drivers.
operationId:"TaskLogs"
produces:
- "application/vnd.docker.raw-stream"
- "application/json"
responses:
101:
description:"logs returned as a stream"
schema:
type:"string"
format:"binary"
200:
description:"logs returned as a string in response body"
schema:
type:"string"
404:
description:"no such task"
schema:
$ref:"#/definitions/ErrorResponse"
examples:
application/json:
message:"No such task: c2ada9df5af8"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"id"
in:"path"
required:true
description:"ID of the task"
type:"string"
- name:"details"
in:"query"
description:"Show task context and extra details provided to logs."
type:"boolean"
default:false
- name:"follow"
in:"query"
description:|
Return the logs as a stream.
This will return a `101` HTTP response with a `Connection:upgrade` header, then hijack the HTTP connection to send raw output. For more information about hijacking and the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach).
type:"boolean"
default:false
- name:"stdout"
in:"query"
description:"Return logs from `stdout`"
type:"boolean"
default:false
- name:"stderr"
in:"query"
description:"Return logs from `stderr`"
type:"boolean"
default:false
- name:"since"
in:"query"
description:"Only return logs since this time, as a UNIX timestamp"
type:"integer"
default:0
- name:"timestamps"
in:"query"
description:"Add timestamps to every log line"
type:"boolean"
default:false
- name:"tail"
in:"query"
description:"Only return this number of log lines from the end of the logs. Specify as an integer or `all` to output all log lines."
type:"string"
default:"all"
/secrets:
get:
summary:"List secrets"
operationId:"SecretList"
produces:
- "application/json"
responses:
200:
description:"no error"
schema:
type:"array"
items:
$ref:"#/definitions/Secret"
example:
- ID:"blt1owaxmitz71s9v5zh81zun"
Version:
Index:85
CreatedAt:"2017-07-20T13:55:28.678958722Z"
UpdatedAt:"2017-07-20T13:55:28.678958722Z"
Spec:
Name:"mysql-passwd"
Labels:
some.label:"some.value"
Driver:
Name:"secret-bucket"
Options:
OptionA:"value for driver option A"
OptionB:"value for driver option B"
- ID:"ktnbjxoalbkvbvedmg1urrz8h"
Version:
Index:11
CreatedAt:"2016-11-05T01:20:17.327670065Z"
UpdatedAt:"2016-11-05T01:20:17.327670065Z"
Spec:
Name:"app-dev.crt"
Labels:
foo:"bar"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"filters"
in:"query"
type:"string"
description:|
A JSON encoded value of the filters (a `map[string][]string`) to process on the secrets list. Available filters:
- `id=<secret id>`
- `label=<key> or label=<key>=value`
- `name=<secret name>`
- `names=<secret name>`
tags:["Secret"]
/secrets/create:
post:
summary:"Create a secret"
operationId:"SecretCreate"
consumes:
- "application/json"
produces:
- "application/json"
responses:
201:
description:"no error"
schema:
type:"object"
properties:
ID:
description:"The ID of the created secret."
type:"string"
example:
ID:"ktnbjxoalbkvbvedmg1urrz8h"
409:
description:"name conflicts with an existing object"
description:"The spec of the secret to update. Currently, only the Labels field can be updated. All other fields must remain unchanged from the [SecretInspect endpoint](#operation/SecretInspect) response values."
- name:"version"
in:"query"
description:"The version number of the secret object being updated. This is required to avoid conflicting writes."
type:"integer"
format:"int64"
required:true
tags:["Secret"]
/configs:
get:
summary:"List configs"
operationId:"ConfigList"
produces:
- "application/json"
responses:
200:
description:"no error"
schema:
type:"array"
items:
$ref:"#/definitions/Config"
example:
- ID:"ktnbjxoalbkvbvedmg1urrz8h"
Version:
Index:11
CreatedAt:"2016-11-05T01:20:17.327670065Z"
UpdatedAt:"2016-11-05T01:20:17.327670065Z"
Spec:
Name:"server.conf"
500:
description:"server error"
schema:
$ref:"#/definitions/ErrorResponse"
503:
description:"node is not part of a swarm"
schema:
$ref:"#/definitions/ErrorResponse"
parameters:
- name:"filters"
in:"query"
type:"string"
description:|
A JSON encoded value of the filters (a `map[string][]string`) to process on the configs list. Available filters:
- `id=<config id>`
- `label=<key> or label=<key>=value`
- `name=<config name>`
- `names=<config name>`
tags:["Config"]
/configs/create:
post:
summary:"Create a config"
operationId:"ConfigCreate"
consumes:
- "application/json"
produces:
- "application/json"
responses:
201:
description:"no error"
schema:
type:"object"
properties:
ID:
description:"The ID of the created config."
type:"string"
example:
ID:"ktnbjxoalbkvbvedmg1urrz8h"
409:
description:"name conflicts with an existing object"
description:"The spec of the config to update. Currently, only the Labels field can be updated. All other fields must remain unchanged from the [ConfigInspect endpoint](#operation/ConfigInspect) response values."
- name:"version"
in:"query"
description:"The version number of the config object being updated. This is required to avoid conflicting writes."
type:"integer"
format:"int64"
required:true
tags:["Config"]
/distribution/{name}/json:
get:
summary:"Get image information from the registry"
description:"Return image digest and platform information by contacting the registry."
operationId:"DistributionInspect"
produces:
- "application/json"
responses:
200:
description:"descriptor and platform information"
schema:
type:"object"
x-go-name:DistributionInspect
required:[Descriptor, Platforms]
properties:
Descriptor:
type:"object"
description:"A descriptor struct containing digest, media type, and size"
properties:
MediaType:
type:"string"
Size:
type:"integer"
format:"int64"
Digest:
type:"string"
URLs:
type:"array"
items:
type:"string"
Platforms:
type:"array"
description:"An array containing all platforms supported by the image"