Tools (107)

Extracted live via the executor SDK.

• config.configCreate

  Create a config

• config.configDelete

  Delete a config

• config.configInspect

  Inspect a config

• config.configList

  List configs

• config.configUpdate

  Update a Config

• container.containerArchive

  Get a tar archive of a resource in the filesystem of container id.

• container.containerArchiveInfo

  A response header X-Docker-Container-Path-Stat is return containing a base64 - encoded JSON object with some filesystem header information about the path.

• container.containerAttach

  Attach to a container to read its output or send it input. You can attach to the same container multiple times and you can reattach to containers that have been detached.

  Either the stream or logs parameter must be true for this endpoint to do anything.

  See the documentation for the docker attach command for more details.

  Hijacking

  This endpoint hijacks the HTTP connection to transport stdin, stdout, and stderr on the same socket.

  This is the response from the daemon for an attach request:

  HTTP/1.1 200 OKContent-Type: application/vnd.docker.raw-stream
  [STREAM]

  After the headers and two new lines, the TCP connection can now be used for raw, bidirectional communication between the client and server.

  To hint potential proxies about connection hijacking, the Docker client can also optionally send connection upgrade headers.

  For example, the client sends this request to upgrade the connection:

  POST /containers/16253994b7c4/attach?stream=1&stdout=1 HTTP/1.1Upgrade: tcpConnection: Upgrade

  The Docker daemon will respond with a 101 UPGRADED response, and will similarly follow with the raw stream:

  HTTP/1.1 101 UPGRADEDContent-Type: application/vnd.docker.raw-streamConnection: UpgradeUpgrade: tcp
  [STREAM]

  Stream format

  When the TTY setting is disabled in POST /containers/create, the stream over the hijacked connected is multiplexed to separate out stdout and stderr. The stream consists of a series of frames, each containing a header and a payload.

  The header contains the information which the stream writes (stdout or stderr). It also contains the size of the associated frame encoded in the last four bytes (uint32).

  It is encoded on the first eight bytes like this:

  go

  header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}

  STREAM_TYPE can be:

  • 0: stdin (is written on stdout)
  • 1: stdout
  • 2: stderr

  SIZE1, SIZE2, SIZE3, SIZE4 are the four bytes of the uint32 size encoded as big endian.

  Following the header is the payload, which is the specified number of bytes of STREAM_TYPE.

  The simplest way to implement this protocol is the following:

  1. Read 8 bytes.
  2. Choose stdout or stderr depending on the first byte.
  3. Extract the frame size from the last four bytes.
  4. Read the extracted size and output it on the correct output.
  5. Goto 1.

  Stream format when using a TTY

  When the TTY setting is enabled in POST /containers/create, the stream is not multiplexed. The data exchanged over the hijacked connection is simply the raw data from the process PTY and client's stdin.

• container.containerAttachWebsocket

  Attach to a container via a websocket

• container.containerChanges

  Returns which files in a container's filesystem have been added, deleted, or modified. The Kind of modification can be one of:

  • 0: Modified
  • 1: Added
  • 2: Deleted
• container.containerCreate

  Create a container

• container.containerDelete

  Remove a container

• container.containerExport

  Export the contents of a container as a tarball.

• container.containerInspect

  Return low-level information about a container.

• container.containerKill

  Send a POSIX signal to a container, defaulting to killing to the container.

• container.containerList

  Returns a list of containers. For details on the format, see the inspect endpoint.

  Note that it uses a different, smaller representation of a container than inspecting a single container. For example, the list of linked containers is not propagated .

• container.containerLogs

  Get stdout and stderr logs from a container.

  Note: This endpoint works only for containers with the json-file or journald logging driver.

• container.containerPause

  Use the cgroups freezer to suspend all processes in a container.

  Traditionally, when suspending a process the SIGSTOP signal is used, which is observable by the process being suspended. With the cgroups freezer the process is unaware, and unable to capture, that it is being suspended, and subsequently resumed.

• container.containerPrune

  Delete stopped containers

• container.containerRename

  Rename a container

• container.containerResize

  Resize the TTY for a container. You must restart the container for the resize to take effect.

• container.containerRestart

  Restart a container

• container.containerStart

  Start a container

• container.containerStats

  This endpoint returns a live stream of a container’s resource usage statistics.

  The precpu_stats is the CPU statistic of last read, which is used for calculating the CPU usage percentage. It is not the same as the cpu_stats field.

  If either precpu_stats.online_cpus or cpu_stats.online_cpus is nil then for compatibility with older daemons the length of the corresponding cpu_usage.percpu_usage array should be used.

• container.containerStop

  Stop a container

• container.containerTop

  On Unix systems, this is done by running the ps command. This endpoint is not supported on Windows.

• container.containerUnpause

  Resume a container which has been paused.

• container.containerUpdate

  Change various configuration options of a container without having to recreate it.

• container.containerWait

  Block until a container stops, then returns the exit code.

• container.putContainerArchive

  Upload a tar archive to be extracted to a path in the filesystem of container id.

• distribution.distributionInspect

  Return image digest and platform information by contacting the registry.

• exec.containerExec

  Run a command inside a running container.

• exec.execInspect

  Return low-level information about an exec instance.

• exec.execResize

  Resize the TTY session used by an exec instance. This endpoint only works if tty was specified as part of creating and starting the exec instance.

• exec.execStart

  Starts a previously set up exec instance. If detach is true, this endpoint returns immediately after starting the command. Otherwise, it sets up an interactive session with the command.

• image.buildPrune

  Delete builder cache

• image.imageBuild

  Build an image from a tar archive with a Dockerfile in it.

  The Dockerfile specifies how the image is built from the tar archive. It is typically in the archive's root, but can be at a different path or have a different name by specifying the dockerfile parameter. See the Dockerfile reference for more information.

  The Docker daemon performs a preliminary validation of the Dockerfile before starting the build, and returns an error if the syntax is incorrect. After that, each instruction is run one-by-one until the ID of the new image is output.

  The build is canceled if the client drops the connection by quitting or being killed.

• image.imageCommit

  Create a new image from a container

• image.imageCreate

  Create an image by either pulling it from a registry or importing it.

• image.imageDelete

  Remove an image, along with any untagged parent images that were referenced by that image.

  Images can't be removed if they have descendant images, are being used by a running container or are being used by a build.

• image.imageGet

  Get a tarball containing all images and metadata for a repository.

  If name is a specific name and tag (e.g. ubuntu:latest), then only that image (and its parents) are returned. If name is an image ID, similarly only that image (and its parents) are returned, but with the exclusion of the repositories file in the tarball, as there were no image names referenced.

  Image tarball format

  An image tarball contains one directory per image layer (named using its long ID), each containing these files:

  • VERSION: currently 1.0 - the file format version
  • json: detailed layer information, similar to docker inspect layer_id
  • layer.tar: A tarfile containing the filesystem changes in this layer

  The layer.tar file contains aufs style .wh..wh.aufs files and directories for storing attribute changes and deletions.

  If the tarball defines a repository, the tarball should also include a repositories file at the root that contains a list of repository and tag names mapped to layer IDs.

  json

  {  "hello-world": {    "latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"  }}

• image.imageGetAll

  Get a tarball containing all images and metadata for several image repositories.

  For each value of the names parameter: if it is a specific name and tag (e.g. ubuntu:latest), then only that image (and its parents) are returned; if it is an image ID, similarly only that image (and its parents) are returned and there would be no names referenced in the 'repositories' file for this image ID.

  For details on the format, see the export image endpoint.

• image.imageHistory

  Return parent layers of an image.

• image.imageInspect

  Return low-level information about an image.

• image.imageList

  Returns a list of images on the server. Note that it uses a different, smaller representation of an image than inspecting a single image.

• image.imageLoad

  Load a set of images and tags into a repository.

  For details on the format, see the export image endpoint.

• image.imagePrune

  Delete unused images

• image.imagePush

  Push an image to a registry.

  If you wish to push an image on to a private registry, that image must already have a tag which references the registry. For example, registry.example.com/myimage:latest.

  The push is cancelled if the HTTP connection is closed.

• image.imageSearch

  Search for an image on Docker Hub.

• image.imageTag

  Tag an image so that it becomes part of a repository.

• network.networkConnect

  Connect a container to a network

• network.networkCreate

  Create a network

• network.networkDelete

  Remove a network

• network.networkDisconnect

  Disconnect a container from a network

• network.networkInspect

  Inspect a network

• network.networkList

  Returns a list of networks. For details on the format, see the network inspect endpoint.

  Note that it uses a different, smaller representation of a network than inspecting a single network. For example, the list of containers attached to the network is not propagated in API versions 1.28 and up.

• network.networkPrune

  Delete unused networks

• node.nodeDelete

  Delete a node

• node.nodeInspect

  Inspect a node

• node.nodeList

  List nodes

• node.nodeUpdate

  Update a node

• plugin.getPluginPrivileges

  Get plugin privileges

• plugin.pluginCreate

  Create a plugin

• plugin.pluginDelete

  Remove a plugin

• plugin.pluginDisable

  Disable a plugin

• plugin.pluginEnable

  Enable a plugin

• plugin.pluginInspect

  Inspect a plugin

• plugin.pluginList

  Returns information about installed plugins.

• plugin.pluginPull

  Pulls and installs a plugin. After the plugin is installed, it can be enabled using the POST /plugins/{name}/enable endpoint.

• plugin.pluginPush

  Push a plugin to the registry.

• plugin.pluginSet

  Configure a plugin

• plugin.pluginUpgrade

  Upgrade a plugin

• secret.secretCreate

  Create a secret

• secret.secretDelete

  Delete a secret

• secret.secretInspect

  Inspect a secret

• secret.secretList

  List secrets

• secret.secretUpdate

  Update a Secret

• service.serviceCreate

  Create a service

• service.serviceDelete

  Delete a service

• service.serviceInspect

  Inspect a service

• service.serviceList

  List services

• service.serviceLogs

  Get stdout and stderr logs from a service.

  Note: This endpoint works only for services with the json-file or journald logging drivers.

• service.serviceUpdate

  Update a service

• sessionExperimental.session

  Start a new interactive session with a server. Session allows server to call back to the client for advanced capabilities.

  Note: This endpoint is experimental and only available if the daemon is started with experimental features enabled. The specifications for this endpoint may still change in a future version of the API.

  Hijacking

  This endpoint hijacks the HTTP connection to HTTP2 transport that allows the client to expose gPRC services on that connection.

  For example, the client sends this request to upgrade the connection:

  POST /session HTTP/1.1Upgrade: h2cConnection: Upgrade

  The Docker daemon will respond with a 101 UPGRADED response follow with the raw stream:

  HTTP/1.1 101 UPGRADEDConnection: UpgradeUpgrade: h2c

• swarm.swarmInit

  Initialize a new swarm

• swarm.swarmInspect

  Inspect swarm

• swarm.swarmJoin

  Join an existing swarm

• swarm.swarmLeave

  Leave a swarm

• swarm.swarmUnlock

  Unlock a locked manager

• swarm.swarmUnlockkey

  Get the unlock key

• swarm.swarmUpdate

  Update a swarm

• system.systemAuth

  Validate credentials for a registry and, if available, get an identity token for accessing the registry without password.

• system.systemDataUsage

  Get data usage information

• system.systemEvents

  Stream real-time events from the server.

  Various objects within Docker report events when something happens to them.

  Containers report these events: attach, commit, copy, create, destroy, detach, die, exec_create, exec_detach, exec_start, export, health_status, kill, oom, pause, rename, resize, restart, start, stop, top, unpause, and update

  Images report these events: delete, import, load, pull, push, save, tag, and untag

  Volumes report these events: create, mount, unmount, and destroy

  Networks report these events: create, connect, disconnect, destroy, update, and remove

  The Docker daemon reports these events: reload

  Services report these events: create, update, and remove

  Nodes report these events: create, update, and remove

  Secrets report these events: create, update, and remove

  Configs report these events: create, update, and remove

• system.systemInfo

  Get system information

• system.systemPing

  This is a dummy endpoint you can use to test if the server is accessible.

• system.systemVersion

  Returns the version of Docker that is running and various information about the system that Docker is running on.

• task.taskInspect

  Inspect a task

• task.taskList

  List tasks

• tasks.taskLogs

  Get stdout and stderr logs from a task.

  Note: This endpoint works only for services with the json-file or journald logging drivers.

• volume.volumeCreate

  Create a volume

• volume.volumeDelete

  Instruct the driver to remove the volume.

• volume.volumeInspect

  Inspect a volume

• volume.volumeList

  List volumes

• volume.volumePrune

  Delete unused volumes

• openapi.previewSpec

  Preview an OpenAPI document before adding it as a source

• openapi.addSource

  Add an OpenAPI source and register its operations as tools