Skip to main content

Crate isdocker

Crate isdocker 

Source
Expand description

§isdocker

A tiny, zero-dependency library that detects whether the current process is running inside a Docker container (or a compatible container runtime such as Podman, containerd, or Kubernetes).

§Detection strategy

On Linux, five checks are performed in order. The first conclusive result short-circuits further checks.

StepCheckIndicates container when…
1ISDOCKER env var"1", "true", or "yes" (case-insensitive)
2/.dockerenv existsfile is present (Docker)
3/run/.containerenv existsfile is present (Podman)
4/proc/self/mountinfo contentscontains Docker or Podman overlay paths
5/proc/self/cgroup contentscontains docker, kubepods, or containerd

§Environment variable override

Setting ISDOCKER=1 (or true / yes) forces the function to return true. Setting ISDOCKER=0 (or false / no) forces it to return false. Any other value (or absence) falls through to filesystem checks.

This is the recommended approach for production systems that need reliable, testable environment detection rather than heuristic-based auto-detection.

§Known limitations

The filesystem checks are heuristics, not guarantees:

  • cgroupv2 — On modern Linux with the unified cgroup hierarchy, /proc/self/cgroup contains only 0::/ with no runtime markers. The mountinfo check (step 4) mitigates this, but the env var override is the most reliable option.
  • Docker BuildKit/.dockerenv is not created during docker build with BuildKit/buildx.
  • Podman + /run volume mount/run/.containerenv is not created when a volume is mounted over /run.
  • Non-Linux platforms — always returns false without performing any I/O.

§Safety guarantees

  • Never panics.
  • Returns false on any I/O error rather than propagating errors.
  • No heap allocations on the fast path (.dockerenv check).
  • #![forbid(unsafe_code)] — no unsafe code anywhere.
  • Zero dependencies beyond std.

§Example

use isdocker::is_docker;

if is_docker() {
    println!("Running inside a container");
} else {
    println!("Not running inside a container");
}

Functions§

is_container
Alias for is_docker.
is_docker
Returns true if the current process appears to be running inside a Docker container (or a compatible OCI container runtime such as Podman, containerd, or a Kubernetes pod), and false otherwise.