Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/fussybeaver/bollard/llms.txt

Use this file to discover all available pages before exploring further.

Bollard uses a modular feature system powered by Cargo feature flags. Rather than compiling every capability into every binary, you opt in to exactly the transports, TLS providers, and integrations your application needs. This keeps compile times short, binary sizes small, and dependency trees clean.

Default Features

Out of the box, two features are enabled automatically:
  • http — TCP/HTTP connector for reaching remote Docker or Podman daemons (e.g. DOCKER_HOST=tcp://...)
  • pipe — Unix domain sockets on Linux/macOS and Windows Named Pipes for local daemon connections
For most local development workflows no additional configuration is required. 
# Cargo.toml — defaults are enough for local Docker
[dependencies]
bollard = "*"

Quick Start

Use CaseCargo.toml
Local Docker (Unix/Windows)bollard = "*" (defaults work)
Remote Docker over HTTPSbollard = { version = "*", features = ["ssl"] }
SSH tunnel to remote Dockerbollard = { version = "*", features = ["ssh"] }
BuildKit image buildsbollard = { version = "*", features = ["buildkit", "chrono"] }
WebSocket container attachbollard = { version = "*", features = ["websocket"] }
Minimal binary sizebollard = { version = "*", default-features = false, features = ["pipe"] }

Transport Features

Choose the transport(s) that match how your application reaches the Docker daemon.
FeatureDescription
httpHTTP/TCP connector for remote Docker/Podman. Enabled by default.
pipeUnix socket (Linux/macOS) and Windows Named Pipe for local Docker/Podman. Enabled by default.
sshSSH tunnel connector via the openssh crate.
[dependencies]
bollard = "*"  # http + pipe enabled by default

TLS / SSL Features

Enable HTTPS connections to a TLS-secured Docker daemon. Bollard uses Rustls for all TLS — no OpenSSL dependency required.
FeatureDescription
sslRustls with the ring crypto provider. Recommended for most users.
aws-lc-rsRustls with the aws-lc-rs crypto provider. Choose this for FIPS compliance.
ssl_providerlessRustls without a bundled crypto provider. You must call CryptoProvider::install_default() before constructing a Docker client.
webpkiUse Mozilla’s WebPKI root certificate bundle instead of OS-native certificates.
ssl and aws-lc-rs each install a different Rustls crypto provider. Enable only one. If you need to supply your own provider, use ssl_providerless instead.
[dependencies]
bollard = { version = "*", features = ["ssl"] }
When using ssl or aws-lc-rs, Bollard reads certificates from the path given by DOCKER_CERT_PATH (or DOCKER_CONFIG as a fallback, then ~/.docker). It expects three files: key.pem, cert.pem, and ca.pem.

DateTime Features

Enable typed timestamp support in Docker event and log responses. Choose one of the two crates — they are mutually exclusive.
FeatureDescription
chronoTimestamp fields use Chrono DateTime types.
timeTimestamp fields use Time 0.3 OffsetDateTime types.
chrono and time cannot be enabled simultaneously. Pick the one that matches what the rest of your project already uses.
[dependencies]
bollard = { version = "*", features = ["chrono"] }

BuildKit Features

Enable advanced image building through BuildKit.
FeatureDescription
buildkitFull BuildKit support. Pulls in buildkit_providerless plus the ssl (ring) crypto provider.
buildkit_providerlessBuildKit support without a bundled crypto provider. Pair with ssl_providerless and a manual CryptoProvider::install_default() call.
BuildKit requires timestamp handling. You must also enable either chrono or time alongside any BuildKit feature.
[dependencies]
bollard = { version = "*", features = ["buildkit", "chrono"] }

WebSocket Features

FeatureDescription
websocketEnables Docker::attach_container_websocket via tokio-tungstenite.
[dependencies]
bollard = { version = "*", features = ["websocket"] }

Development Features

FeatureDescription
json_data_contentAttaches the raw JSON payload to deserialization errors, making it easier to diagnose unexpected API responses.
json_data_content increases memory usage on error paths because it clones the full response body. Enable it during development or debugging, but consider leaving it off in production builds.
[dependencies]
bollard = { version = "*", features = ["json_data_content"] }

Feature Compatibility Matrix

Mutually Exclusive

  • chrono and time — pick one datetime library
  • ssl and aws-lc-rs — pick one crypto provider

Required Combinations

  • buildkit or buildkit_providerless requires chrono or time
  • buildkit already implies ssl; for provider-less, add ssl_providerless

Build docs developers (and LLMs) love

Get started for freeTalk to us