DockerTaskRunner
DockerTaskRunner
This plugin is currently in beta. While it is considered safe for use, please be aware that its API could change in ways that are not compatible with earlier versions in future releases, or it might become unsupported.
type: "io.kestra.plugin.scripts.runner.docker.DockerTaskRunner"
Task runner that executes a task inside a container in a Docker compatible engine.
This task runner is container-based so the containerImage
property must be set.
To access the task's working directory, use the Pebble expression or the
WORKING_DIR
environment variable. Input files and namespace files will be available in this directory.
To generate output files you can either use the outputFiles
task's property and create a file with the same name in the task's working directory, or create any file in the output directory which can be accessed by the Pebble expression or the
OUTPUT_DIR
environment variables.
Note that when the Kestra Worker running this task is terminated, the container will still run until completion, except if Kestra itself is run inside a container and Docker-In-Docker (dind) is used as the dind engine will also be terminated.
Examples
Execute a Shell command.
id: new-shell
namespace: myteam
tasks:
- id: shell
type: io.kestra.plugin.scripts.shell.Commands
taskRunner:
type: io.kestra.plugin.scripts.runner.docker.DockerTaskRunner
commands:
- echo "Hello World"
Pass input files to the task, execute a Shell command, then retrieve output files.
id: new-shell-with-file
namespace: myteam
inputs:
- id: file
type: FILE
tasks:
- id: shell
type: io.kestra.plugin.scripts.shell.Commands
inputFiles:
data.txt: "{{inputs.file}}"
outputFiles:
- out.txt
containerImage: centos
taskRunner:
type: io.kestra.plugin.scripts.runner.docker.DockerTaskRunner
commands:
- cp {{workingDir}}/data.txt {{workingDir}}/out.txt
Properties
config
- Type:
- string
- object
- Dynamic: ✔️
- Required: ❌
Docker configuration file.
Docker configuration file that can set access credentials to private container registries. Usually located in
~/.docker/config.json
.
cpu
- Type: Cpu
- Dynamic: ❌
- Required: ❌
Limits the CPU usage to a given maximum threshold value.
By default, each container’s access to the host machine’s CPU cycles is unlimited. You can set various constraints to limit a given container’s access to the host machine’s CPU cycles.
credentials
- Type: Credentials
- Dynamic: ✔️
- Required: ❌
deviceRequests
- Type: array
- SubType: DeviceRequest
- Dynamic: ❌
- Required: ❌
A list of device requests to be sent to device drivers.
entryPoint
- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ❌
Docker entrypoint to use.
extraHosts
- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ❌
Extra hostname mappings to the container network interface configuration.
host
- Type: string
- Dynamic: ✔️
- Required: ❌
Docker API URI.
memory
- Type: Memory
- Dynamic: ❌
- Required: ❌
Limits memory usage to a given maximum threshold value.
Docker can enforce hard memory limits, which allow the container to use no more than a given amount of user or system memory, or soft limits, which allow the container to use as much memory as it needs unless certain conditions are met, such as when the kernel detects low memory or contention on the host machine. Some of these options have different effects when used alone or when more than one option is set.
networkMode
- Type: string
- Dynamic: ✔️
- Required: ❌
Docker network mode to use e.g. host
, none
, etc.
pullPolicy
- Type: object
- Dynamic: ❓
- Required: ❌
shmSize
- Type: string
- Dynamic: ✔️
- Required: ❌
Size of /dev/shm
in bytes.
The size must be greater than 0. If omitted, the system uses 64MB.
user
- Type: string
- Dynamic: ✔️
- Required: ❌
User in the Docker container.
volumes
- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ❌
List of volumes to mount.
Must be a valid mount expression as string, example :
/home/user:/app
.
Volumes mount are disabled by default for security reasons; you must enable them on plugin configuration by setting volume-enabled
to true
.
Definitions
io.kestra.plugin.scripts.runner.docker.Cpu
Properties
cpus
- Type: integer
- Dynamic: ❌
- Required: ❌
The maximum amount of CPU resources a container can use.
For instance, if the host machine has two CPUs and you set
cpus:"1.5"
, the container is guaranteed at most one and a half of the CPUs.
io.kestra.plugin.scripts.runner.docker.Memory
Properties
kernelMemory
- Type: string
- Dynamic: ✔️
- Required: ❌
The maximum amount of kernel memory the container can use.
The minimum allowed value is 4m. Because kernel memory cannot be swapped out, a container which is starved of kernel memory may block host machine resources, which can have side effects on the host machine and on other containers. See --kernel-memory details.
memory
- Type: string
- Dynamic: ✔️
- Required: ❌
The maximum amount of memory resources the container can use.
It is recommended that you set the value to at least 6 megabytes.
memoryReservation
- Type: string
- Dynamic: ✔️
- Required: ❌
Allows you to specify a soft limit smaller than memory
which is activated when Docker detects contention or low memory on the host machine.
If you use
memoryReservation
, it must be set lower thanmemory
for it to take precedence. Because it is a soft limit, it does not guarantee that the container doesn’t exceed the limit.
memorySwap
- Type: string
- Dynamic: ✔️
- Required: ❌
The amount of memory this container is allowed to swap to disk.
If
memory
andmemorySwap
are set to the same value, this prevents containers from using any swap. This is becausememorySwap
is the amount of combined memory and swap that can be used, whilememory
is only the amount of physical memory that can be used.
memorySwappiness
- Type: string
- Dynamic: ✔️
- Required: ❌
The amount of memory this container is allowed to swap to disk.
By default, the host kernel can swap out a percentage of anonymous pages used by a container. You can set
memorySwappiness
to a value between 0 and 100, to tune this percentage.
oomKillDisable
- Type: boolean
- Dynamic: ❌
- Required: ❌
By default, if an out-of-memory (OOM) error occurs, the kernel kills processes in a container.
To change this behavior, use the
oomKillDisable
option. Only disable the OOM killer on containers where you have also set thememory
option. If thememory
flag is not set, the host can run out of memory, and the kernel may need to kill the host system’s processes to free the memory.
io.kestra.plugin.scripts.runner.docker.Credentials
Properties
auth
- Type: string
- Dynamic: ✔️
- Required: ❌
The registry authentication.
The
auth
field is a base64-encoded authentication string ofusername:password
or a token.
identityToken
- Type: string
- Dynamic: ✔️
- Required: ❌
The identity token.
password
- Type: string
- Dynamic: ✔️
- Required: ❌
The registry password.
registry
- Type: string
- Dynamic: ✔️
- Required: ❌
The registry URL.
If not defined, the registry will be extracted from the image name.
registryToken
- Type: string
- Dynamic: ✔️
- Required: ❌
The registry token.
username
- Type: string
- Dynamic: ✔️
- Required: ❌
The registry username.
io.kestra.plugin.scripts.runner.docker.DeviceRequest
Properties
capabilities
- Type: array
- SubType: array
- Dynamic: ❌
- Required: ❌
A list of capabilities; an OR list of AND lists of capabilities.
count
- Type: integer
- Dynamic: ❌
- Required: ❌
deviceIds
- Type: array
- SubType: string
- Dynamic: ✔️
- Required: ❌
driver
- Type: string
- Dynamic: ✔️
- Required: ❌
options
- Type: object
- SubType: string
- Dynamic: ❌
- Required: ❌
Driver-specific options, specified as key/value pairs.
These options are passed directly to the driver.
Was this page helpful?