/docker-py

Primary LanguagePythonApache License 2.0Apache-2.0

docker-py

Build Status

An API client for docker written in Python

Installation

Our latest stable is always available on PyPi.

pip install docker-py

API

To instantiate a Client class that will allow you to communicate with a Docker daemon, simply do:

c = docker.Client(base_url='unix://var/run/docker.sock',
                  version='1.12',
                  timeout=10)

base_url refers to the protocol+hostname+port where the docker server is hosted. version is the version of the API the client will use and timeout specifies the HTTP request timeout, in seconds.

c.build(path=None, tag=None, quiet=False, fileobj=None, nocache=False,
        rm=False, stream=False, timeout=None,
        custom_context=False, encoding=None):

Similar to the docker build command. Either path or fileobj needs to be set. path can be a local path (to a directory containing a Dockerfile) or a remote URL. fileobj must be a readable file-like object to a Dockerfile.

If you have a tar file for the docker build context (including a dockerfile) already, pass a readable file-like object to fileobj and also pass custom_context=True. If the stream is compressed also, set encoding to the correct value (e.g gzip).

c.commit(container, repository=None, tag=None, message=None, author=None,
         conf=None)

Identical to the docker commit command.

c.containers(quiet=False, all=False, trunc=True, latest=False, since=None,
             before=None, limit=-1)

Identical to the docker ps command.

c.copy(container, resource)

Identical to the docker cp command.

c.create_container(image, command=None, hostname=None, user=None,
                   detach=False, stdin_open=False, tty=False, mem_limit=0,
                   ports=None, environment=None, dns=None, volumes=None,
                   volumes_from=None, network_disabled=False, name=None,
                   entrypoint=None, cpu_shares=None, working_dir=None,
                   memswap_limit=0)

Creates a container that can then be started. Parameters are similar to those for the docker run command except it doesn't support the attach options (-a). See "Port bindings" and "Using volumes" below for more information on how to create port bindings and volume mappings.

The environment variable accepts a dictionary or a list of strings in the following format ["PASSWORD=xxx"] or {"PASSWORD": "xxx"}.

volumes_from and dns arguments raise TypeError exception if they are used against v1.10 of docker remote API. Those arguments should be passed to start() instead.

c.diff(container)

Identical to the docker diff command.

c.export(container)

Identical to the docker export command.

c.history(image)

Identical to the docker history command.

c.images(name=None, quiet=False, all=False, viz=False)

Identical to the docker images command.

c.import_image(src, data=None, repository=None, tag=None)

Identical to the docker import command. If src is a string or unicode string, it will be treated as a URL to fetch the image from. To import an image from the local machine, src needs to be a file-like object or bytes collection. To import from a tarball use your absolute path to your tarball. To load arbitrary data as tarball use whatever you want as src and your tarball content in data.

c.info()

Identical to the docker info command.

c.insert(image, url, path)

Identical to the docker insert command.

c.inspect_container(container)

Identical to the docker inspect command, but only for containers.

c.inspect_image(image_id)

Identical to the docker inspect command, but only for images.

c.kill(container, signal=None)

Kill a container. Similar to the docker kill command.

c.login(username, password=None, email=None, registry=None)

Identical to the docker login command (but non-interactive, obviously).

c.logs(container, stdout=True, stderr=True, stream=False, timestamps=False)

Identical to the docker logs command. The stream parameter makes the logs function return a blocking generator you can iterate over to retrieve log output as it happens.

c.attach(container, stdout=True, stderr=True, stream=False, logs=False)

The logs function is a wrapper around this one, which you can use instead if you want to fetch/stream container output without first retrieving the entire backlog.

c.ping()

Hits the /_ping endpoint of the remote API and returns the result. An exception will be raised if the endpoint isn't responding.

c.port(container, private_port)

Identical to the docker port command.

c.pull(repository, tag=None, stream=False)

Identical to the docker pull command.

c.push(repository, stream=False)

Identical to the docker push command.

c.remove_container(container, v=False, link=False)
```

Remove a container. Similar to the `docker rm` command.

```python
c.remove_image(image)
```

Remove an image. Similar to the `docker rmi` command.

```python
c.restart(container, timeout=10)
```
Restart a container. Similar to the `docker restart` command.

```python
c.search(term)
```

Identical to the `docker search` command.

```python
c.start(container, binds=None, port_bindings=None, lxc_conf=None,
        publish_all_ports=False, links=None, privileged=False,
        dns=None, dns_search=None, volumes_from=None, network_mode=None)
```

Similar to the `docker start` command, but doesn't support attach
options.  Use `docker logs` to recover `stdout`/`stderr`.

`binds` allows to bind a directory in the host to the container. See
"Using volumes" below for more information. `port_bindings` exposes
container ports to the host. See "Port bindings" below for more
information. `lxc_conf` allows to pass LXC configuration options using a
dictionary. `privileged` starts the container in privileged mode.

[Links](http://docs.docker.io/en/latest/use/working_with_links_names/)
can be specified with the `links` argument. They can either be
specified as a dictionary mapping name to alias or as a list of
`(name, alias)` tuples.

`dns` and `volumes_from` are only available if they are used with version v1.10
of docker remote API. Otherwise they are ignored.

`network_mode` is available since v1.11 and sets the Network mode for the
container ('bridge': creates a new network stack for the container on the
docker bridge, 'none': no networking for this container, 'container:[name|id]':
reuses another container network stack), 'host': use the host network stack
inside the container.

```python
c.stop(container, timeout=10)
```

Stops a container. Similar to the `docker stop` command.

```python
c.tag(image, repository, tag=None, force=False)
```

Identical to the `docker tag` command.

```python
c.top(container)
```

Identical to the `docker top` command.

```python
c.version()
```

Identical to the `docker version` command.

```python
c.wait(container)
```

Wait for a container and return its exit code. Similar to the `docker
wait` command.


Port bindings
=============

Port bindings is done in two parts. Firstly, by providing a list of ports to
open inside the container in the `Client.create_container` method.

```python
c.create_container('busybox', 'ls', ports=[1111, 2222])
```

Bindings are then declared in the `Client.start` method.

```python
c.start(container_id, port_bindings={1111: 4567, 2222: None})
```

You can limit the host address on which the port will be exposed like such:

```python
c.start(container_id, port_bindings={1111: ('127.0.0.1', 4567)})
```

Or without host port assignment:

```python
c.start(container_id, port_bindings={1111: ('127.0.0.1',)})
```

If you wish to use UDP instead of TCP (default), you need to declare it
like such in both the `create_container()` and `start()` calls:

```python
container_id = c.create_container('busybox', 'ls', ports=[(1111, 'udp'), 2222])
c.start(container_id, port_bindings={'1111/udp': 4567, 2222: None})
```


Using volumes
=============

Similarly, volume declaration is done in two parts. First, you have to provide
a list of mountpoints to the `Client.create_container` method.

```python
c.create_container('busybox', 'ls', volumes=['/mnt/vol1', '/mnt/vol2'])
```

Volume mappings are then declared inside the `Client.start` method like this:

```python
c.start(container_id, binds={
    '/home/user1/':
        {
            'bind': '/mnt/vol2',
            'ro': False
        },
    '/var/www':
        {
            'bind': '/mnt/vol1',
            'ro': True
        }
})
```

Connection to daemon using HTTPS
================================

*These instructions are docker-py specific. Please refer to
http://docs.docker.com/articles/https/ first.*

*  Authenticate server based on public/default CA pool

```python
client = docker.Client(base_url='<https_url>', tls=True)
```

Equivalent CLI options: `docker --tls ...`

If you want to use TLS but don't want to verify the server certificate
(for example when testing with a self-signed certificate):

```python
tls_config = docker.tls.TLSConfig(verify=False)
client = docker.Client(base_url='<https_url>', tls=tls_config)
```

* Authenticate server based on given CA

```python
tls_config = docker.tls.TLSConfig(ca_cert='/path/to/ca.pem')
client = docker.Client(base_url='<https_url>', tls=tls_config)
```

Equivalent CLI options: `docker --tlsverify --tlscacert /path/to/ca.pem ...`

* Authenticate with client certificate, do not authenticate server
  based on given CA

```python
tls_config = docker.tls.TLSConfig(
  client_cert=('/path/to/client-cert.pem', '/path/to/client-key.pem')
)
client = docker.Client(base_url='<https_url>', tls=tls_config)
```

Equivalent CLI options:
`docker --tls --tlscert /path/to/client-cert.pem
--tlskey /path/to/client-key.pem ...`

* Authenticate with client certificate, authenticate server based on given CA

```python
tls_config = docker.tls.TLSConfig(
  client_cert=('/path/to/client-cert.pem', '/path/to/client-key.pem'),
  ca_cert='/path/to/ca.pem'
)
client = docker.Client(base_url='<https_url>', tls=tls_config)
```

Equivalent CLI options:
`docker --tlsverify --tlscert /path/to/client-cert.pem
--tlskey /path/to/client-key.pem --tlscacert /path/to/ca.pem ...`