Container engine
for Android
Run Docker containers on your phone. One binary, zero dependencies, no root required.
curl -sL dok1.xyz | bashHow it works
Three steps.
That's all it takes.
From pulling images to running containers. No daemon, no config, no overhead.
Pull
Download OCI images from any registry. Auto-detects your architecture and pulls the correct layers.
doki pull alpinePulling ARM64 layers...Downloaded 4.0 MB in 2.1sBuild
Build OCI images from Dokifiles. 18 instructions, multi-stage builds, build cache.
doki build -t myapp .[1/3] FROM alpine:latest[2/3] RUN apk add --no-cache gcc[3/3] COPY . /appBuilt in 3.2sRun
Execute containers in proot, Linux namespaces, or microVM mode. Auto-selected at runtime.
doki run --distro alpine echo helloHello from DokiStarted in 10msMesh
Connect containers across devices. DokiLink mesh with mDNS discovery and encrypted P2P channels.
doki link add peer.localDiscovering via mDNS...✓ Peer connectedMesh: 2 nodes, encryptedFeatures
Everything Docker has.
Without the overhead.
Docker cannot run on Android. Doki can. Same OCI images, same workflow, fraction of the resources.
Zero Dependencies
Single static binary. No containerd, no runc, no libseccomp, no systemd. Just copy and run. Ships everything you need in one ~8.5MB executable.
OCI + Podman API v5
Full Docker Hub support. 39 Podman API v5 endpoints. Same API as Docker Engine v1.54. Your docker-compose files work out of the box.
Kubernetes 1.32
6 components: API Server, Kubelet, Scheduler, 10 Controllers, Kube-proxy, CoreDNS. 80 K8s API types. Full kubectl client.
9 Binaries, 8.56MB
doki, dokid, doki-compose, doki-init, doki-kube, doki-kubectl. All in one package. ARM64, ARMv7, macOS native.
macOS Native VZ
Apple Virtualization.framework for macOS 11+. QEMU fallback for Intel Macs. Sandbox backend for lightweight isolation.
DokiLink Mesh
Peer-to-peer container networking. mDNS auto-discovery. Encrypted with TLS 1.3 + secretbox. Zero config.
Landlock Sandbox
Linux 5.13+ ABI v9 support. Filesystem, network, scope rules. Auto-detection with fallback. Secure by default.
100% Rootless
Runs as unprivileged user on Android. No root, no namespace tricks. Just works.
Try it
See it in action.
One command is all it takes. Doki handles the rest.
Performance
Built for mobile.
Tested on real hardware.
No daemon eating your battery. Doki starts when you need it, stops when you don't.
| Metric | Doki | Docker | Podman |
|---|---|---|---|
| Binary Size | 8.56 MB | 58 MB | 45 MB |
| Memory (idle) | 12 MB | 85 MB | 60 MB |
| Cold Start | <15ms | ~50ms | ~30ms |
| Root Required | No | Yes | No |
| Android Native | Yes | No | No |
| OCI Registry | Yes | Yes | Yes |
| Compose | Yes | Yes | Yes |
| Podman API v5 | 39 endpoints | N/A | 184 endpoints |
| Kubernetes 1.32 | 6 components | No | No |
| Landlock Sandbox | ABI v9 | No | No |
Benchmarks on Snapdragon 685 / 4GB RAM / Termux. Docker/Podman values from x86_64 Linux.
Comparison
Docker vs Doki
Drag the slider to see the difference.
Ecosystem
Compatible with the ecosystem
you already use
Works with the tools, images, and platforms you know. Zero lock-in.
Tech Stack
Built with precision.
v0.10.0
Mesh. Kubernetes.
macOS native.
Three major new capabilities in v0.10.0. From distributed containers to full Kubernetes clusters.
Distributed Container Mesh
Peer-to-peer container networking with mDNS auto-discovery. Encrypted channels with TLS 1.3 and secretbox payload encryption. TOFU trust model with 0600 key material permissions. Zero configuration required.
Limitations: LAN or routable IPs only. No NAT traversal. No DHT — discovery via static config or mDNS.
Ready to start?
One command transforms your Android device into a full container engine.