docker

Run a task in a Docker container.

This task runner executes tasks in a container-based Docker-compatible engine. Use the containerImage property to configure the image for the task.

To access the task's working directory, use the {{workingDir}} Pebble expression or the WORKING_DIR environment variable. Input files and namespace files added to the task will be accessible from that directory.

To generate output files, we recommend using the outputFiles task's property. This allows you to explicitly define which files from the task's working directory should be saved as output files.

Alternatively, when writing files in your task, you can leverage the {{outputDir}} Pebble expression or the OUTPUT_DIR environment variable. All files written to that directory will be saved as output files automatically.

yaml
type: "io.kestra.plugin.scripts.runner.docker.docker"

Examples

Execute a Shell command.

yaml
id: simple_shell_example
namespace: company.team

tasks:
  - id: shell
    type: io.kestra.plugin.scripts.shell.Commands
    taskRunner:
      type: io.kestra.plugin.scripts.runner.docker.Docker
    commands:
    - echo "Hello World"

Pass input files to the task, execute a Shell command, then retrieve output files.

yaml
id: shell_example_with_files
namespace: company.team

inputs:
  - id: file
    type: FILE

tasks:
  - id: shell
    type: io.kestra.plugin.scripts.shell.Commands
    inputFiles:
      data.txt: "{{ inputs.file }}"
    outputFiles:
      - "*.txt"
    containerImage: centos
    taskRunner:
      type: io.kestra.plugin.scripts.runner.docker.Docker
    commands:
    - cp {{ workingDir }}/data.txt {{ workingDir }}/out.txt

Run a Python script in Docker and allocate a specific amount of memory.

yaml
id: allocate_memory_to_python_script
namespace: company.team

tasks:
  - id: script
    type: io.kestra.plugin.scripts.python.Script
    taskRunner:
      type: io.kestra.plugin.scripts.runner.docker.Docker
      pullPolicy: IF_NOT_PRESENT
      cpu:
        cpus: 1
      memory: 
        memory: "512Mb"
    containerImage: ghcr.io/kestra-io/kestrapy:latest
    script: |
      from kestra import Kestra
      
      data = dict(message="Hello from Kestra!")
      Kestra.outputs(data)

Properties

configstringobject

Docker configuration file.

Docker configuration file that can set access credentials to private container registries. Usually located in ~/.docker/config.json.

cpu

Limits the CPU usage to a given maximum threshold value.

By default, each container’s access to the host machine’s CPU cycles is unlimited. You can set various constraints to limit a given container’s access to the host machine’s CPU cycles.

Definitions

io.kestra.plugin.scripts.runner.docker.Cpu

cpusnumberstring

The maximum amount of CPU resources a container can use.

Make sure to set that to a numeric value e.g. cpus: "1.5" or cpus: "4" or For instance, if the host machine has two CPUs and you set cpus: "1.5", the container is guaranteed at most one and a half of the CPUs.

credentials

Definitions

Credentials for a private container registry.

authstring

The registry authentication.

The auth field is a base64-encoded authentication string of username: password or a token.

identityTokenstring

The identity token.

passwordstring

The registry password.

registrystring

The registry URL.

If not defined, the registry will be extracted from the image name.

registryTokenstring

The registry token.

usernamestring

The registry username.

deletebooleanstring

Defaulttrue

Whether the container should be deleted upon completion.

deviceRequestsarray

A list of device requests to be sent to device drivers.

Definitions

A request for devices to be sent to device drivers.

capabilitiesarray

SubTypearray

A list of capabilities; an OR list of AND lists of capabilities.

countintegerstring

deviceIdsarray

SubTypestring

driverstring

optionsobject

SubTypestring

Driver-specific options, specified as key/value pairs.

These options are passed directly to the driver.

entryPointarray

SubTypestring

Default

[
  ""
]

Docker entrypoint to use.

extraHostsarray

SubTypestring

Extra hostname mappings to the container network interface configuration.

fileHandlingStrategystring

DefaultVOLUME

Possible Values

MOUNTVOLUME

File handling strategy.

How to handle local files (input files, output files, namespace files, ...). By default, we create a volume and copy the file into the volume bind path. Configuring it to MOUNT will mount the working directory instead.

hoststring

Docker API URI.

killGracePeriodstring

DefaultPT0S

Formatduration

When a task is killed, this property sets the grace period before killing the container.

By default, we kill the container immediately when a task is killed. Optionally, you can configure a grace period so the container is stopped with a grace period instead.

memory

Limits memory usage to a given maximum threshold value.

Docker can enforce hard memory limits, which allow the container to use no more than a given amount of user or system memory, or soft limits, which allow the container to use as much memory as it needs unless certain conditions are met, such as when the kernel detects low memory or contention on the host machine. Some of these options have different effects when used alone or when more than one option is set.

Definitions

io.kestra.plugin.scripts.runner.docker.Memory

kernelMemorystring

The maximum amount of kernel memory the container can use.

The minimum allowed value is 4MB. Because kernel memory cannot be swapped out, a container which is starved of kernel memory may block host machine resources, which can have side effects on the host machine and on other containers. See the kernel-memory docs for more details.

memorystring

The maximum amount of memory resources the container can use.

Make sure to use the format number + unit (regardless of the case) without any spaces. The unit can be KB (kilobytes), MB (megabytes), GB (gigabytes), etc.

Given that it's case-insensitive, the following values are equivalent:

"512MB"
"512Mb"
"512mb"
"512000KB"
"0.5GB"

It is recommended that you allocate at least 6MB.

memoryReservationstring

Allows you to specify a soft limit smaller than memory which is activated when Docker detects contention or low memory on the host machine.

If you use memoryReservation, it must be set lower than memory for it to take precedence. Because it is a soft limit, it does not guarantee that the container doesn’t exceed the limit.

memorySwapstring

The total amount of memory and swap that can be used by a container.

If memory and memorySwap are set to the same value, this prevents containers from using any swap. This is because memorySwap includes both the physical memory and swap space, while memory is only the amount of physical memory that can be used.

memorySwappinessstring

A setting which controls the likelihood of the kernel to swap memory pages.

By default, the host kernel can swap out a percentage of anonymous pages used by a container. You can set memorySwappiness to a value between 0 and 100 to tune this percentage.

oomKillDisablebooleanstring

By default, if an out-of-memory (OOM) error occurs, the kernel kills processes in a container.

To change this behavior, use the oomKillDisable option. Only disable the OOM killer on containers where you have also set the memory option. If the memory flag is not set, the host can run out of memory, and the kernel may need to kill the host system’s processes to free the memory.

networkModestring

Docker network mode to use e.g. host, none, etc.

portBindingsarray

SubTypestring

List of port bindings.

Corresponds to the --publish (-p) option of the docker run CLI command using the format ip: dockerHostPort: containerPort/protocol. Possible example :

8080: 80/udp- 127.0.0.1: 8080: 80- 127.0.0.1: 8080: 80/udp

privilegedbooleanstring

Give extended privileges to this container.

pullPolicystring

DefaultIF_NOT_PRESENT

Possible Values

IF_NOT_PRESENTALWAYSNEVER

The pull policy for a container image.

Use the IF_NOT_PRESENT pull policy to avoid pulling already existing images. Use the ALWAYS pull policy to pull the latest version of an image even if an image with the same tag already exists.

resumebooleanstring

Defaulttrue

Whether to resume an existing matching container on restart.

If enabled, the runner will search for an existing container labeled with the current execution/task identifiers and reattach to it instead of creating a new container.

shmSizestring

Size of /dev/shm in bytes.

The size must be greater than 0. If omitted, the system uses 64MB.

userstring

User in the Docker container.

versionstring

Plugin Version

Defines the version of the plugin to use.

The version must follow the Semantic Versioning (SemVer) specification:

A single-digit MAJOR version (e.g., 1).
A MAJOR.MINOR version (e.g., 1.1).
A MAJOR.MINOR.PATCH version, optionally with any qualifier (e.g., 1.1.2, 1.1.0-SNAPSHOT).

volumesarray

SubTypestring

List of volumes to mount.

Make sure to provide a map of a local path to a container path in the format: /home/local/path:/app/container/path. Volume mounts are disabled by default for security reasons — if you are sure you want to use them, enable that feature in the plugin configuration by setting volume-enabled to true.

Here is how you can add that setting to your kestra configuration:

text

kestra: 
  plugins: 
    configurations: 
      - type: io.kestra.plugin.scripts.runner.docker.Docker
        values: 
          volume-enabled: true

waitbooleanstring

Defaulttrue

Whether to wait for the container to exit.

Ruby

Tasks that run Ruby code.

Script

Azure

Enterprise

Leverage Microsoft Azure services within Kestra data workflows.

AlertingCloudStorageBatch

Julia

Execute Julia scripts as part of Kestra data workflows.

Script

docker

More Plugins in this Category

Ruby

Azure

Julia

1.1.9