Docker Engine API (v1.36)

Download OpenAPI (fka Swagger) specification: Download

The Engine API is an HTTP API served by Docker Engine. It is the API the Docker client uses to communicate with the Engine, so everything the Docker client can do can be done with the API.

Most of the client's commands map directly to API endpoints (e.g. docker ps is GET /containers/json). The notable exception is running containers, which consists of several API calls.

Errors

The API uses standard HTTP status codes to indicate the success or failure of the API call. The body of the response will be JSON in the following format:

{
  "message": "page not found"
}

Versioning

The API is usually changed in each release, so API calls are versioned to ensure that clients don't break. To lock to a specific version of the API, you prefix the URL with its version, for example, call /v1.30/info to use the v1.30 version of the /info endpoint. If the API version specified in the URL is not supported by the daemon, a HTTP 400 Bad Request error message is returned.

If you omit the version-prefix, the current version of the API (v1.36) is used. For example, calling /info is the same as calling /v1.36/info. Using the API without a version-prefix is deprecated and will be removed in a future release.

Engine releases in the near future should support this version of the API, so your client will continue to work even if it is talking to a newer Engine.

The API uses an open schema model, which means server may add extra properties to responses. Likewise, the server will ignore any extra query parameters and request body properties. When you write clients, you need to ignore additional properties in responses to ensure they do not break when talking to newer daemons.

Authentication

Authentication for registries is handled client side. The client has to send authentication details to various endpoints that need to communicate with registries, such as POST /images/(name)/push. These are sent as X-Registry-Auth header as a Base64 encoded (JSON) string with the following structure:

{
  "username": "string",
  "password": "string",
  "email": "string",
  "serveraddress": "string"
}

The serveraddress is a domain/IP without a protocol. Throughout this structure, double quotes are required.

If you have already got an identity token from the /auth endpoint, you can just pass this instead of credentials:

{
  "identitytoken": "9cbaf023786cd7..."
}

Containers

Create and manage containers.

Images

Networks

Networks are user-defined networks that containers can be attached to. See the networking documentation for more information.

Volumes

Create and manage persistent storage that can be attached to containers.

Exec

Run new commands inside running containers. See the command-line reference for more information.

To exec a command in a container, you first need to create an exec instance, then start it. These two API endpoints are wrapped up in a single command-line command, docker exec.

Swarm

Engines can be clustered together in a swarm. See the swarm mode documentation for more information.

Nodes

Nodes are instances of the Engine participating in a swarm. Swarm mode must be enabled for these endpoints to work.

Services

Services are the definitions of tasks to run on a swarm. Swarm mode must be enabled for these endpoints to work.

Tasks

A task is a container running on a swarm. It is the atomic scheduling unit of swarm. Swarm mode must be enabled for these endpoints to work.

Secrets

Secrets are sensitive data that can be used by services. Swarm mode must be enabled for these endpoints to work.

Configs

Configs are application configurations that can be used by services. Swarm mode must be enabled for these endpoints to work.

Plugins

System

Distribution

Session (experimental)