Host
Declares host-level capabilities the app requires that cannot be satisfied inside a standard container. When a deployer cannot meet these constraints, it should refuse the deployment with a clear error message rather than failing at runtime.
| Field | Type | Description |
|---|---|---|
docker |
enum |
required -- needs Docker daemon access on the host (not Docker-in-Docker). optional -- enhanced when available. |
network |
enum |
host -- must share the host network stack. bridge (default) -- standard container networking. |
filesystem |
enum |
read-write -- needs persistent host filesystem access. read-only -- only reads from host. none (default) -- no host filesystem needed. |
privileged |
boolean |
Requires elevated privileges (e.g. device access). Default false. |
# App that orchestrates Docker containers on the host
host:
docker: required
network: host
filesystem: read-writeWhen host.docker is required, the deployer must ensure the app runs with access to the Docker daemon socket (e.g. /var/run/docker.sock). If the deployer's execution strategy is container-based, it should either refuse or warn that Docker-in-Docker is unreliable.