Bump version to 0.4.4

- Builder: hotfix for bug introduced in 3adf9ce04e
Merge pull request #950 from dotcloud/bump_0.4.3
2026-01-14 16:28:08 +00:00 · 2013-06-20 14:33:59 -07:00 · 2013-06-20 14:29:34 -07:00 · 2013-06-20 12:24:55 -07:00 · 2013-06-20 12:23:14 -07:00 · 2013-06-20 11:51:43 -07:00
98 changed files with 7434 additions and 3219 deletions
--- a/2
+++ b/2
@@ -41,7 +41,9 @@ Jérôme Petazzoni <jerome.petazzoni@dotcloud.com>
 Ken Cochrane <kencochrane@gmail.com>
 Kevin J. Lynagh <kevin@keminglabs.com>
 Louis Opter <kalessin@kalessin.fr>
+Marcus Farkas <toothlessgear@finitebox.com>
 Maxim Treskin <zerthurd@gmail.com>
+Michael Crosby <crosby.michael@gmail.com>
 Mikhail Sobolev <mss@mawhrin.net>
 Nate Jones <nate@endot.org>
 Nelson Chen <crazysim@gmail.com>
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,48 @@
 # Changelog

+## 0.4.4 (2013-06-19)
+ - Builder: fix a regression introduced in 0.4.3 which caused builds to fail on new clients.
+
+## 0.4.3 (2013-06-19)
+ + Builder: ADD of a local file will detect tar archives and unpack them
+ * Runtime: Remove bsdtar dependency
+ * Runtime: Add unix socket and multiple -H support
+ * Runtime: Prevent rm of running containers
+ * Runtime: Use go1.1 cookiejar
+ * Builder: ADD improvements: use tar for copy + automatically unpack local archives
+ * Builder: ADD uses tar/untar for copies instead of calling 'cp -ar'
+ * Builder: nicer output for 'docker build'
+ * Builder: fixed the behavior of ADD to be (mostly) reverse-compatible, predictable and well-documented.
+ * Client: HumanReadable ProgressBar sizes in pull
+ * Client: Fix docker version's git commit output
+ * API: Send all tags on History API call
+ * API: Add tag lookup to history command. Fixes #882
+ - Runtime: Fix issue detaching from running TTY container
+ - Runtime: Forbid parralel push/pull for a single image/repo. Fixes #311
+ - Runtime: Fix race condition within Run command when attaching.
+ - Builder: fix a bug which caused builds to fail if ADD was the first command
+ - Documentation: fix missing command in irc bouncer example
+
+## 0.4.2 (2013-06-17)
+ - Packaging: Bumped version to work around an Ubuntu bug
+
+## 0.4.1 (2013-06-17)
+ + Remote Api: Add flag to enable cross domain requests
+ + Remote Api/Client: Add images and containers sizes in docker ps and docker images
+ + Runtime: Configure dns configuration host-wide with 'docker -d -dns'
+ + Runtime: Detect faulty DNS configuration and replace it with a public default
+ + Runtime: allow docker run <name>:<id>
+ + Runtime: you can now specify public port (ex: -p 80:4500)
+ * Client: allow multiple params in inspect
+ * Client: Print the container id before the hijack in `docker run`
+ * Registry: add regexp check on repo's name
+ * Registry: Move auth to the client
+ * Runtime: improved image removal to garbage-collect unreferenced parents
+ * Vagrantfile: Add the rest api port to vagrantfile's port_forward
+ * Upgrade to Go 1.1
+ - Builder: don't ignore last line in Dockerfile when it doesn't end with \n
+ - Registry: Remove login check on pull
+
 ## 0.4.0 (2013-06-03)
 + Introducing Builder: 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile
 + Introducing Remote API: control Docker programmatically using a simple HTTP/json API
--- a/35
+++ b/35
@@ -0,0 +1,35 @@
+
+## FIXME
+
+This file is a loose collection of things to improve in the codebase, for the internal
+use of the maintainers.
+
+They are not big enough to be in the roadmap, not user-facing enough to be github issues,
+and not important enough to be discussed in the mailing list.
+
+They are just like FIXME comments in the source code, except we're not sure where in the source
+to put them - so we put them here :)
+
+
+* Merge Runtime, Server and Builder into Runtime
+* Run linter on codebase
+* Unify build commands and regular commands
+* Move source code into src/ subdir for clarity
+* Clean up the Makefile, it's a mess
+* docker build: on non-existent local path for ADD, don't show full absolute path on the host
+* mount into /dockerinit rather than /sbin/init
+* docker tag foo REPO:TAG
+* use size header for progress bar in pull
+* Clean up context upload in build!!!
+* Parallel pull
+* Ensure /proc/sys/net/ipv4/ip_forward is 1
+* Force DNS to public!
+* Always generate a resolv.conf per container, to avoid changing resolv.conf under thne container's feet
+* Save metadata with import/export
+* Upgrade dockerd without stopping containers
+* bring back git revision info, looks like it was lost
+* Simple command to remove all untagged images
+* Simple command to clean up containers for disk space
+* Caching after an ADD
+* entry point config
+* bring back git revision info, looks like it was lost
--- a/7
+++ b/7
@@ -17,7 +17,7 @@ endif
 GIT_COMMIT = $(shell git rev-parse --short HEAD)
 GIT_STATUS = $(shell test -n "`git status --porcelain`" && echo "+CHANGES")

-BUILD_OPTIONS = -ldflags "-X main.GIT_COMMIT $(GIT_COMMIT)$(GIT_STATUS)"
+BUILD_OPTIONS = -ldflags "-X main.GITCOMMIT $(GIT_COMMIT)$(GIT_STATUS)"

 SRC_DIR := $(GOPATH)/src

@@ -46,6 +46,7 @@ whichrelease:

 release: $(BINRELEASE)
 	s3cmd -P put $(BINRELEASE) s3://get.docker.io/builds/`uname -s`/`uname -m`/docker-$(RELEASE_VERSION).tgz
+	s3cmd -P put docker-latest.tgz s3://get.docker.io/builds/`uname -s`/`uname -m`/docker-latest.tgz

 srcrelease: $(SRCRELEASE)
 deps: $(DOCKER_DIR)
@@ -60,6 +61,7 @@ $(SRCRELEASE):
 $(BINRELEASE): $(SRCRELEASE)
 	rm -f $(BINRELEASE)
 	cd $(SRCRELEASE); make; cp -R bin docker-$(RELEASE_VERSION); tar -f ../$(BINRELEASE) -zv -c docker-$(RELEASE_VERSION)
+	cd $(SRCRELEASE); cp -R bin docker-latest; tar -f ../docker-latest.tgz -zv -c docker-latest

 clean:
 	@rm -rf $(dir $(DOCKER_BIN))
@@ -72,6 +74,9 @@ endif
 test: all
 	@(cd $(DOCKER_DIR); sudo -E go test $(GO_OPTIONS))

+testall: all
+	@(cd $(DOCKER_DIR); sudo -E go test ./... $(GO_OPTIONS))
+
 fmt:
 	@gofmt -s -l -w .

--- a/7
+++ b/7
@@ -3,4 +3,9 @@ Copyright 2012-2013 dotCloud, inc.

 This product includes software developed at dotCloud, inc. (http://www.dotcloud.com).

-This product contains software (https://github.com/kr/pty) developed by Keith Rarick, licensed under the MIT License.
+This product contains software (https://github.com/kr/pty) developed by Keith Rarick, licensed under the MIT License.
+
+Transfers of Docker shall be in accordance with applicable export controls of any country and all other applicable
+legal requirements.  Docker shall not be distributed or downloaded to or in Cuba, Iran, North Korea, Sudan or Syria
+and shall not be distributed or downloaded to any person on the Denied Persons List administered by the U.S.
+Department of Commerce.
--- a/README.md
+++ b/README.md
@@ -108,7 +108,7 @@ Note that some methods are community contributions and not yet officially suppor

 * [Ubuntu 12.04 and 12.10 (officially supported)](http://docs.docker.io/en/latest/installation/ubuntulinux/)
 * [Arch Linux](http://docs.docker.io/en/latest/installation/archlinux/)
-* [MacOS X (with Vagrant)](http://docs.docker.io/en/latest/installation/macos/)
+* [Mac OS X (with Vagrant)](http://docs.docker.io/en/latest/installation/vagrant/)
 * [Windows (with Vagrant)](http://docs.docker.io/en/latest/installation/windows/)
 * [Amazon EC2 (with Vagrant)](http://docs.docker.io/en/latest/installation/amazon/)

@@ -181,7 +181,7 @@ Running an irc bouncer
 ----------------------

 ```bash
-BOUNCER_ID=$(docker run -d -p 6667 -u irc shykes/znc $USER $PASSWORD)
+BOUNCER_ID=$(docker run -d -p 6667 -u irc shykes/znc zncrun $USER $PASSWORD)
 echo "Configure your irc client to connect to port $(docker port $BOUNCER_ID 6667) of this machine"
 ```

@@ -216,7 +216,8 @@ PORT=$(docker port $JOB 4444)

 # Connect to the public port via the host's public address
 # Please note that because of how routing works connecting to localhost or 127.0.0.1 $PORT will not work.
-IP=$(ifconfig eth0 | perl -n -e 'if (m/inet addr:([\d\.]+)/g) { print $1 }')
+# Replace *eth0* according to your local interface name.
+IP=$(ip -o -4 addr list eth0 | perl -n -e 'if (m{inet\s([\d\.]+)\/\d+\s}xms) { print $1 }')
 echo hello world | nc $IP $PORT

 # Verify that the network connection worked
@@ -251,7 +252,7 @@ Note
 ----

 We also keep the documentation in this repository. The website documentation is generated using sphinx using these sources.
-Please find it under docs/sources/ and read more about it https://github.com/dotcloud/docker/master/docs/README.md
+Please find it under docs/sources/ and read more about it https://github.com/dotcloud/docker/tree/master/docs/README.md

 Please feel free to fix / update the documentation and send us pull requests. More tutorials are also welcome.

@@ -262,14 +263,14 @@ Setting up a dev environment
 Instructions that have been verified to work on Ubuntu 12.10,

 ```bash
-sudo apt-get -y install lxc wget bsdtar curl golang git
+sudo apt-get -y install lxc curl xz-utils golang git

 export GOPATH=~/go/
 export PATH=$GOPATH/bin:$PATH

 mkdir -p $GOPATH/src/github.com/dotcloud
 cd $GOPATH/src/github.com/dotcloud
-git clone git@github.com:dotcloud/docker.git
+git clone https://github.com/dotcloud/docker.git
 cd docker

 go get -v github.com/dotcloud/docker/...
@@ -371,4 +372,10 @@ Standard Container Specification

 #### Security

+### Legal
+
+Transfers of Docker shall be in accordance with applicable export controls of any country and all other applicable
+legal requirements.  Docker shall not be distributed or downloaded to or in Cuba, Iran, North Korea, Sudan or Syria
+and shall not be distributed or downloaded to any person on the Denied Persons List administered by the U.S.
+Department of Commerce.

--- a/24
+++ b/24
@@ -3,13 +3,16 @@

 BOX_NAME = ENV['BOX_NAME'] || "ubuntu"
 BOX_URI = ENV['BOX_URI'] || "http://files.vagrantup.com/precise64.box"
+VF_BOX_URI = ENV['BOX_URI'] || "http://files.vagrantup.com/precise64_vmware_fusion.box"
 AWS_REGION = ENV['AWS_REGION'] || "us-east-1"
 AWS_AMI    = ENV['AWS_AMI']    || "ami-d0f89fb9"
+FORWARD_DOCKER_PORTS = ENV['FORWARD_DOCKER_PORTS']

 Vagrant::Config.run do |config|
  # Setup virtual machine box. This VM configuration code is always executed.
  config.vm.box = BOX_NAME
  config.vm.box_url = BOX_URI
+  config.vm.forward_port 4243, 4243

  # Provision docker and new kernel if deployment was not done
  if Dir.glob("#{File.dirname(__FILE__)}/.vagrant/machines/default/*/id").empty?
@@ -65,8 +68,29 @@ Vagrant::VERSION >= "1.1.0" and Vagrant.configure("2") do |config|
    rs.image    = /Ubuntu/
  end

+  config.vm.provider :vmware_fusion do |f, override|
+    override.vm.box = BOX_NAME
+    override.vm.box_url = VF_BOX_URI
+    override.vm.synced_folder ".", "/vagrant", disabled: true
+    f.vmx["displayName"] = "docker"
+  end
+
  config.vm.provider :virtualbox do |vb|
    config.vm.box = BOX_NAME
    config.vm.box_url = BOX_URI
  end
 end
+
+if !FORWARD_DOCKER_PORTS.nil?
+    Vagrant::VERSION < "1.1.0" and Vagrant::Config.run do |config|
+        (49000..49900).each do |port|
+            config.vm.forward_port port, port
+        end
+    end
+
+    Vagrant::VERSION >= "1.1.0" and Vagrant.configure("2") do |config|
+        (49000..49900).each do |port|
+            config.vm.network :forwarded_port, :host => port, :guest => port
+        end
+    end
+end
--- a/api.go
+++ b/api.go
@@ -8,12 +8,16 @@ import (
 	"github.com/gorilla/mux"
 	"io"
 	"log"
+	"net"
 	"net/http"
+	"os"
 	"strconv"
 	"strings"
 )

-const API_VERSION = 1.1
+const APIVERSION = 1.2
+const DEFAULTHTTPHOST string = "127.0.0.1"
+const DEFAULTHTTPPORT int = 4243

 func hijackServer(w http.ResponseWriter) (io.ReadCloser, io.Writer, error) {
 	conn, _, err := w.(http.Hijacker).Hijack()
@@ -45,6 +49,8 @@ func httpError(w http.ResponseWriter, err error) {
 		http.Error(w, err.Error(), http.StatusNotFound)
 	} else if strings.HasPrefix(err.Error(), "Bad parameter") {
 		http.Error(w, err.Error(), http.StatusBadRequest)
+	} else if strings.HasPrefix(err.Error(), "Conflict") {
+		http.Error(w, err.Error(), http.StatusConflict)
 	} else if strings.HasPrefix(err.Error(), "Impossible") {
 		http.Error(w, err.Error(), http.StatusNotAcceptable)
 	} else {
@@ -52,7 +58,7 @@ func httpError(w http.ResponseWriter, err error) {
 	}
 }

-func writeJson(w http.ResponseWriter, b []byte) {
+func writeJSON(w http.ResponseWriter, b []byte) {
 	w.Header().Set("Content-Type", "application/json")
 	w.Write(b)
 }
@@ -69,8 +75,10 @@ func getBoolParam(value string) (bool, error) {
 }

 func getAuth(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
-	// FIXME: Handle multiple login at once
-	// FIXME: return specific error code if config file missing?
+	if version > 1.1 {
+		w.WriteHeader(http.StatusNotFound)
+		return nil
+	}
 	authConfig, err := auth.LoadConfig(srv.runtime.root)
 	if err != nil {
 		if err != auth.ErrConfigFileMissing {
@@ -82,40 +90,45 @@ func getAuth(srv *Server, version float64, w http.ResponseWriter, r *http.Reques
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

 func postAuth(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
-	// FIXME: Handle multiple login at once
-	config := &auth.AuthConfig{}
-	if err := json.NewDecoder(r.Body).Decode(config); err != nil {
-		return err
-	}
-
-	authConfig, err := auth.LoadConfig(srv.runtime.root)
-	if err != nil {
-		if err != auth.ErrConfigFileMissing {
-			return err
-		}
-		authConfig = &auth.AuthConfig{}
-	}
-	if config.Username == authConfig.Username {
-		config.Password = authConfig.Password
-	}
-
-	newAuthConfig := auth.NewAuthConfig(config.Username, config.Password, config.Email, srv.runtime.root)
-	status, err := auth.Login(newAuthConfig)
+	authConfig := &auth.AuthConfig{}
+	err := json.NewDecoder(r.Body).Decode(authConfig)
 	if err != nil {
 		return err
 	}
-
-	if status != "" {
-		b, err := json.Marshal(&ApiAuth{Status: status})
+	status := ""
+	if version > 1.1 {
+		status, err = auth.Login(authConfig, false)
 		if err != nil {
 			return err
 		}
-		writeJson(w, b)
+	} else {
+		localAuthConfig, err := auth.LoadConfig(srv.runtime.root)
+		if err != nil {
+			if err != auth.ErrConfigFileMissing {
+				return err
+			}
+		}
+		if authConfig.Username == localAuthConfig.Username {
+			authConfig.Password = localAuthConfig.Password
+		}
+
+		newAuthConfig := auth.NewAuthConfig(authConfig.Username, authConfig.Password, authConfig.Email, srv.runtime.root)
+		status, err = auth.Login(newAuthConfig, true)
+		if err != nil {
+			return err
+		}
+	}
+	if status != "" {
+		b, err := json.Marshal(&APIAuth{Status: status})
+		if err != nil {
+			return err
+		}
+		writeJSON(w, b)
 		return nil
 	}
 	w.WriteHeader(http.StatusNoContent)
@@ -128,7 +141,7 @@ func getVersion(srv *Server, version float64, w http.ResponseWriter, r *http.Req
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -157,7 +170,7 @@ func getContainersExport(srv *Server, version float64, w http.ResponseWriter, r
 	return nil
 }

-func getImagesJson(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+func getImagesJSON(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
 	if err := parseForm(r); err != nil {
 		return err
 	}
@@ -176,7 +189,7 @@ func getImagesJson(srv *Server, version float64, w http.ResponseWriter, r *http.
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -193,7 +206,7 @@ func getInfo(srv *Server, version float64, w http.ResponseWriter, r *http.Reques
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -210,7 +223,7 @@ func getImagesHistory(srv *Server, version float64, w http.ResponseWriter, r *ht
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -227,11 +240,11 @@ func getContainersChanges(srv *Server, version float64, w http.ResponseWriter, r
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

-func getContainersJson(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+func getContainersJSON(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
 	if err := parseForm(r); err != nil {
 		return err
 	}
@@ -251,7 +264,7 @@ func getContainersJson(srv *Server, version float64, w http.ResponseWriter, r *h
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -294,12 +307,12 @@ func postCommit(srv *Server, version float64, w http.ResponseWriter, r *http.Req
 	if err != nil {
 		return err
 	}
-	b, err := json.Marshal(&ApiId{id})
+	b, err := json.Marshal(&APIID{id})
 	if err != nil {
 		return err
 	}
 	w.WriteHeader(http.StatusCreated)
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -320,7 +333,7 @@ func postImagesCreate(srv *Server, version float64, w http.ResponseWriter, r *ht
 	sf := utils.NewStreamFormatter(version > 1.0)
 	if image != "" { //pull
 		registry := r.Form.Get("registry")
-		if err := srv.ImagePull(image, tag, registry, w, sf); err != nil {
+		if err := srv.ImagePull(image, tag, registry, w, sf, &auth.AuthConfig{}); err != nil {
 			if sf.Used() {
 				w.Write(sf.FormatError(err))
 				return nil
@@ -353,7 +366,7 @@ func getImagesSearch(srv *Server, version float64, w http.ResponseWriter, r *htt
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -372,22 +385,34 @@ func postImagesInsert(srv *Server, version float64, w http.ResponseWriter, r *ht
 		w.Header().Set("Content-Type", "application/json")
 	}
 	sf := utils.NewStreamFormatter(version > 1.0)
-	imgId, err := srv.ImageInsert(name, url, path, w, sf)
+	imgID, err := srv.ImageInsert(name, url, path, w, sf)
 	if err != nil {
 		if sf.Used() {
 			w.Write(sf.FormatError(err))
 			return nil
 		}
 	}
-	b, err := json.Marshal(&ApiId{Id: imgId})
+	b, err := json.Marshal(&APIID{ID: imgID})
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

 func postImagesPush(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	authConfig := &auth.AuthConfig{}
+	if version > 1.1 {
+		if err := json.NewDecoder(r.Body).Decode(authConfig); err != nil {
+			return err
+		}
+	} else {
+		localAuthConfig, err := auth.LoadConfig(srv.runtime.root)
+		if err != nil && err != auth.ErrConfigFileMissing {
+			return err
+		}
+		authConfig = localAuthConfig
+	}
 	if err := parseForm(r); err != nil {
 		return err
 	}
@@ -401,7 +426,7 @@ func postImagesPush(srv *Server, version float64, w http.ResponseWriter, r *http
 		w.Header().Set("Content-Type", "application/json")
 	}
 	sf := utils.NewStreamFormatter(version > 1.0)
-	if err := srv.ImagePush(name, registry, w, sf); err != nil {
+	if err := srv.ImagePush(name, registry, w, sf, authConfig); err != nil {
 		if sf.Used() {
 			w.Write(sf.FormatError(err))
 			return nil
@@ -413,17 +438,23 @@ func postImagesPush(srv *Server, version float64, w http.ResponseWriter, r *http

 func postContainersCreate(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
 	config := &Config{}
+	out := &APIRun{}
+
 	if err := json.NewDecoder(r.Body).Decode(config); err != nil {
 		return err
 	}
+
+	if len(config.Dns) == 0 && len(srv.runtime.Dns) == 0 && utils.CheckLocalDns() {
+		out.Warnings = append(out.Warnings, fmt.Sprintf("Docker detected local DNS server on resolv.conf. Using default external servers: %v", defaultDns))
+		config.Dns = defaultDns
+	}
+
 	id, err := srv.ContainerCreate(config)
 	if err != nil {
 		return err
 	}
+	out.ID = id

-	out := &ApiRun{
-		Id: id,
-	}
 	if config.Memory > 0 && !srv.runtime.capabilities.MemoryLimit {
 		log.Println("WARNING: Your kernel does not support memory limit capabilities. Limitation discarded.")
 		out.Warnings = append(out.Warnings, "Your kernel does not support memory limit capabilities. Limitation discarded.")
@@ -432,12 +463,13 @@ func postContainersCreate(srv *Server, version float64, w http.ResponseWriter, r
 		log.Println("WARNING: Your kernel does not support swap limit capabilities. Limitation discarded.")
 		out.Warnings = append(out.Warnings, "Your kernel does not support memory swap capabilities. Limitation discarded.")
 	}
+
 	b, err := json.Marshal(out)
 	if err != nil {
 		return err
 	}
 	w.WriteHeader(http.StatusCreated)
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -481,14 +513,30 @@ func deleteContainers(srv *Server, version float64, w http.ResponseWriter, r *ht
 }

 func deleteImages(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	if err := parseForm(r); err != nil {
+		return err
+	}
 	if vars == nil {
 		return fmt.Errorf("Missing parameter")
 	}
 	name := vars["name"]
-	if err := srv.ImageDelete(name); err != nil {
+	imgs, err := srv.ImageDelete(name, version > 1.1)
+	if err != nil {
 		return err
 	}
-	w.WriteHeader(http.StatusNoContent)
+	if imgs != nil {
+		if len(*imgs) != 0 {
+			b, err := json.Marshal(imgs)
+			if err != nil {
+				return err
+			}
+			writeJSON(w, b)
+		} else {
+			return fmt.Errorf("Conflict, %s wasn't deleted", name)
+		}
+	} else {
+		w.WriteHeader(http.StatusNoContent)
+	}
 	return nil
 }

@@ -534,11 +582,11 @@ func postContainersWait(srv *Server, version float64, w http.ResponseWriter, r *
 	if err != nil {
 		return err
 	}
-	b, err := json.Marshal(&ApiWait{StatusCode: status})
+	b, err := json.Marshal(&APIWait{StatusCode: status})
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -625,7 +673,7 @@ func getContainersByName(srv *Server, version float64, w http.ResponseWriter, r
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -643,17 +691,17 @@ func getImagesByName(srv *Server, version float64, w http.ResponseWriter, r *htt
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

 func postImagesGetCache(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
-	apiConfig := &ApiImageConfig{}
+	apiConfig := &APIImageConfig{}
 	if err := json.NewDecoder(r.Body).Decode(apiConfig); err != nil {
 		return err
 	}

-	image, err := srv.ImageGetCached(apiConfig.Id, apiConfig.Config)
+	image, err := srv.ImageGetCached(apiConfig.ID, apiConfig.Config)
 	if err != nil {
 		return err
 	}
@@ -661,12 +709,12 @@ func postImagesGetCache(srv *Server, version float64, w http.ResponseWriter, r *
 		w.WriteHeader(http.StatusNotFound)
 		return nil
 	}
-	apiId := &ApiId{Id: image.Id}
-	b, err := json.Marshal(apiId)
+	apiID := &APIID{ID: image.ID}
+	b, err := json.Marshal(apiID)
 	if err != nil {
 		return err
 	}
-	writeJson(w, b)
+	writeJSON(w, b)
 	return nil
 }

@@ -703,22 +751,31 @@ func postBuild(srv *Server, version float64, w http.ResponseWriter, r *http.Requ
 	return nil
 }

-func ListenAndServe(addr string, srv *Server, logging bool) error {
+func optionsHandler(srv *Server, version float64, w http.ResponseWriter, r *http.Request, vars map[string]string) error {
+	w.WriteHeader(http.StatusOK)
+	return nil
+}
+func writeCorsHeaders(w http.ResponseWriter, r *http.Request) {
+	w.Header().Add("Access-Control-Allow-Origin", "*")
+	w.Header().Add("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept")
+	w.Header().Add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS")
+}
+
+func createRouter(srv *Server, logging bool) (*mux.Router, error) {
 	r := mux.NewRouter()
-	log.Printf("Listening for HTTP on %s\n", addr)

 	m := map[string]map[string]func(*Server, float64, http.ResponseWriter, *http.Request, map[string]string) error{
 		"GET": {
 			"/auth":                         getAuth,
 			"/version":                      getVersion,
 			"/info":                         getInfo,
-			"/images/json":                  getImagesJson,
+			"/images/json":                  getImagesJSON,
 			"/images/viz":                   getImagesViz,
 			"/images/search":                getImagesSearch,
 			"/images/{name:.*}/history":     getImagesHistory,
 			"/images/{name:.*}/json":        getImagesByName,
-			"/containers/ps":                getContainersJson,
-			"/containers/json":              getContainersJson,
+			"/containers/ps":                getContainersJSON,
+			"/containers/json":              getContainersJSON,
 			"/containers/{name:.*}/export":  getContainersExport,
 			"/containers/{name:.*}/changes": getContainersChanges,
 			"/containers/{name:.*}/json":    getContainersByName,
@@ -745,6 +802,9 @@ func ListenAndServe(addr string, srv *Server, logging bool) error {
 			"/containers/{name:.*}": deleteContainers,
 			"/images/{name:.*}":     deleteImages,
 		},
+		"OPTIONS": {
+			"": optionsHandler,
+		},
 	}

 	for method, routes := range m {
@@ -767,9 +827,12 @@ func ListenAndServe(addr string, srv *Server, logging bool) error {
 				}
 				version, err := strconv.ParseFloat(mux.Vars(r)["version"], 64)
 				if err != nil {
-					version = API_VERSION
+					version = APIVERSION
 				}
-				if version == 0 || version > API_VERSION {
+				if srv.enableCors {
+					writeCorsHeaders(w, r)
+				}
+				if version == 0 || version > APIVERSION {
 					w.WriteHeader(http.StatusNotFound)
 					return
 				}
@@ -777,9 +840,33 @@ func ListenAndServe(addr string, srv *Server, logging bool) error {
 					httpError(w, err)
 				}
 			}
-			r.Path("/v{version:[0-9.]+}" + localRoute).Methods(localMethod).HandlerFunc(f)
-			r.Path(localRoute).Methods(localMethod).HandlerFunc(f)
+
+			if localRoute == "" {
+				r.Methods(localMethod).HandlerFunc(f)
+			} else {
+				r.Path("/v{version:[0-9.]+}" + localRoute).Methods(localMethod).HandlerFunc(f)
+				r.Path(localRoute).Methods(localMethod).HandlerFunc(f)
+			}
 		}
 	}
-	return http.ListenAndServe(addr, r)
+	return r, nil
+}
+
+func ListenAndServe(proto, addr string, srv *Server, logging bool) error {
+	log.Printf("Listening for HTTP on %s (%s)\n", addr, proto)
+
+	r, err := createRouter(srv, logging)
+	if err != nil {
+		return err
+	}
+	l, e := net.Listen(proto, addr)
+	if e != nil {
+		return e
+	}
+	//as the daemon is launched as root, change to permission of the socket to allow non-root to connect
+	if proto == "unix" {
+		os.Chmod(addr, 0777)
+	}
+	httpSrv := http.Server{Addr: addr, Handler: r}
+	return httpSrv.Serve(l)
 }
--- a/api_params.go
+++ b/api_params.go
@@ -1,19 +1,22 @@
 package docker

-type ApiHistory struct {
-	Id        string
+type APIHistory struct {
+	ID        string   `json:"Id"`
+	Tags      []string `json:",omitempty"`
 	Created   int64
 	CreatedBy string `json:",omitempty"`
 }

-type ApiImages struct {
-	Repository string `json:",omitempty"`
-	Tag        string `json:",omitempty"`
-	Id         string
-	Created    int64
+type APIImages struct {
+	Repository  string `json:",omitempty"`
+	Tag         string `json:",omitempty"`
+	ID          string `json:"Id"`
+	Created     int64
+	Size        int64
+	VirtualSize int64
 }

-type ApiInfo struct {
+type APIInfo struct {
 	Debug       bool
 	Containers  int
 	Images      int
@@ -23,48 +26,55 @@ type ApiInfo struct {
 	SwapLimit   bool `json:",omitempty"`
 }

-type ApiContainers struct {
-	Id      string
-	Image   string
-	Command string
-	Created int64
-	Status  string
-	Ports   string
+type APIRmi struct {
+	Deleted  string `json:",omitempty"`
+	Untagged string `json:",omitempty"`
 }

-type ApiSearch struct {
+type APIContainers struct {
+	ID         string `json:"Id"`
+	Image      string
+	Command    string
+	Created    int64
+	Status     string
+	Ports      string
+	SizeRw     int64
+	SizeRootFs int64
+}
+
+type APISearch struct {
 	Name        string
 	Description string
 }

-type ApiId struct {
-	Id string
+type APIID struct {
+	ID string `json:"Id"`
 }

-type ApiRun struct {
-	Id       string
+type APIRun struct {
+	ID       string   `json:"Id"`
 	Warnings []string `json:",omitempty"`
 }

-type ApiPort struct {
+type APIPort struct {
 	Port string
 }

-type ApiVersion struct {
+type APIVersion struct {
 	Version   string
 	GitCommit string `json:",omitempty"`
 	GoVersion string `json:",omitempty"`
 }

-type ApiWait struct {
+type APIWait struct {
 	StatusCode int
 }

-type ApiAuth struct {
+type APIAuth struct {
 	Status string
 }

-type ApiImageConfig struct {
-	Id string
+type APIImageConfig struct {
+	ID string `json:"Id"`
 	*Config
 }
--- a/api_test.go
+++ b/api_test.go
@@ -6,7 +6,6 @@ import (
 	"bytes"
 	"encoding/json"
 	"github.com/dotcloud/docker/auth"
-	"github.com/dotcloud/docker/registry"
 	"github.com/dotcloud/docker/utils"
 	"io"
 	"net"
@@ -18,7 +17,7 @@ import (
 	"time"
 )

-func TestGetAuth(t *testing.T) {
+func TestPostAuth(t *testing.T) {
 	runtime, err := newTestRuntime()
 	if err != nil {
 		t.Fatal(err)
@@ -37,29 +36,23 @@ func TestGetAuth(t *testing.T) {
 		Email:    "utest@yopmail.com",
 	}

-	authConfigJson, err := json.Marshal(authConfig)
+	authConfigJSON, err := json.Marshal(authConfig)
 	if err != nil {
 		t.Fatal(err)
 	}

-	req, err := http.NewRequest("POST", "/auth", bytes.NewReader(authConfigJson))
+	req, err := http.NewRequest("POST", "/auth", bytes.NewReader(authConfigJSON))
 	if err != nil {
 		t.Fatal(err)
 	}

-	if err := postAuth(srv, API_VERSION, r, req, nil); err != nil {
+	if err := postAuth(srv, APIVERSION, r, req, nil); err != nil {
 		t.Fatal(err)
 	}

 	if r.Code != http.StatusOK && r.Code != 0 {
 		t.Fatalf("%d OK or 0 expected, received %d\n", http.StatusOK, r.Code)
 	}
-
-	newAuthConfig := registry.NewRegistry(runtime.root).GetAuthConfig(false)
-	if newAuthConfig.Username != authConfig.Username ||
-		newAuthConfig.Email != authConfig.Email {
-		t.Fatalf("The auth configuration hasn't been set correctly")
-	}
 }

 func TestGetVersion(t *testing.T) {
@@ -73,11 +66,11 @@ func TestGetVersion(t *testing.T) {

 	r := httptest.NewRecorder()

-	if err := getVersion(srv, API_VERSION, r, nil, nil); err != nil {
+	if err := getVersion(srv, APIVERSION, r, nil, nil); err != nil {
 		t.Fatal(err)
 	}

-	v := &ApiVersion{}
+	v := &APIVersion{}
 	if err = json.Unmarshal(r.Body.Bytes(), v); err != nil {
 		t.Fatal(err)
 	}
@@ -97,11 +90,11 @@ func TestGetInfo(t *testing.T) {

 	r := httptest.NewRecorder()

-	if err := getInfo(srv, API_VERSION, r, nil, nil); err != nil {
+	if err := getInfo(srv, APIVERSION, r, nil, nil); err != nil {
 		t.Fatal(err)
 	}

-	infos := &ApiInfo{}
+	infos := &APIInfo{}
 	err = json.Unmarshal(r.Body.Bytes(), infos)
 	if err != nil {
 		t.Fatal(err)
@@ -111,7 +104,7 @@ func TestGetInfo(t *testing.T) {
 	}
 }

-func TestGetImagesJson(t *testing.T) {
+func TestGetImagesJSON(t *testing.T) {
 	runtime, err := newTestRuntime()
 	if err != nil {
 		t.Fatal(err)
@@ -128,11 +121,11 @@ func TestGetImagesJson(t *testing.T) {

 	r := httptest.NewRecorder()

-	if err := getImagesJson(srv, API_VERSION, r, req, nil); err != nil {
+	if err := getImagesJSON(srv, APIVERSION, r, req, nil); err != nil {
 		t.Fatal(err)
 	}

-	images := []ApiImages{}
+	images := []APIImages{}
 	if err := json.Unmarshal(r.Body.Bytes(), &images); err != nil {
 		t.Fatal(err)
 	}
@@ -153,11 +146,11 @@ func TestGetImagesJson(t *testing.T) {
 		t.Fatal(err)
 	}

-	if err := getImagesJson(srv, API_VERSION, r2, req2, nil); err != nil {
+	if err := getImagesJSON(srv, APIVERSION, r2, req2, nil); err != nil {
 		t.Fatal(err)
 	}

-	images2 := []ApiImages{}
+	images2 := []APIImages{}
 	if err := json.Unmarshal(r2.Body.Bytes(), &images2); err != nil {
 		t.Fatal(err)
 	}
@@ -166,8 +159,8 @@ func TestGetImagesJson(t *testing.T) {
 		t.Errorf("Excepted 1 image, %d found", len(images2))
 	}

-	if images2[0].Id != GetTestImage(runtime).Id {
-		t.Errorf("Retrieved image Id differs, expected %s, received %s", GetTestImage(runtime).Id, images2[0].Id)
+	if images2[0].ID != GetTestImage(runtime).ID {
+		t.Errorf("Retrieved image Id differs, expected %s, received %s", GetTestImage(runtime).ID, images2[0].ID)
 	}

 	r3 := httptest.NewRecorder()
@@ -178,11 +171,11 @@ func TestGetImagesJson(t *testing.T) {
 		t.Fatal(err)
 	}

-	if err := getImagesJson(srv, API_VERSION, r3, req3, nil); err != nil {
+	if err := getImagesJSON(srv, APIVERSION, r3, req3, nil); err != nil {
 		t.Fatal(err)
 	}

-	images3 := []ApiImages{}
+	images3 := []APIImages{}
 	if err := json.Unmarshal(r3.Body.Bytes(), &images3); err != nil {
 		t.Fatal(err)
 	}
@@ -199,7 +192,7 @@ func TestGetImagesJson(t *testing.T) {
 		t.Fatal(err)
 	}

-	err = getImagesJson(srv, API_VERSION, r4, req4, nil)
+	err = getImagesJSON(srv, APIVERSION, r4, req4, nil)
 	if err == nil {
 		t.Fatalf("Error expected, received none")
 	}
@@ -220,7 +213,7 @@ func TestGetImagesViz(t *testing.T) {
 	srv := &Server{runtime: runtime}

 	r := httptest.NewRecorder()
-	if err := getImagesViz(srv, API_VERSION, r, nil, nil); err != nil {
+	if err := getImagesViz(srv, APIVERSION, r, nil, nil); err != nil {
 		t.Fatal(err)
 	}

@@ -256,11 +249,11 @@ func TestGetImagesSearch(t *testing.T) {
 		t.Fatal(err)
 	}

-	if err := getImagesSearch(srv, API_VERSION, r, req, nil); err != nil {
+	if err := getImagesSearch(srv, APIVERSION, r, req, nil); err != nil {
 		t.Fatal(err)
 	}

-	results := []ApiSearch{}
+	results := []APISearch{}
 	if err := json.Unmarshal(r.Body.Bytes(), &results); err != nil {
 		t.Fatal(err)
 	}
@@ -280,11 +273,11 @@ func TestGetImagesHistory(t *testing.T) {

 	r := httptest.NewRecorder()

-	if err := getImagesHistory(srv, API_VERSION, r, nil, map[string]string{"name": unitTestImageName}); err != nil {
+	if err := getImagesHistory(srv, APIVERSION, r, nil, map[string]string{"name": unitTestImageName}); err != nil {
 		t.Fatal(err)
 	}

-	history := []ApiHistory{}
+	history := []APIHistory{}
 	if err := json.Unmarshal(r.Body.Bytes(), &history); err != nil {
 		t.Fatal(err)
 	}
@@ -303,7 +296,7 @@ func TestGetImagesByName(t *testing.T) {
 	srv := &Server{runtime: runtime}

 	r := httptest.NewRecorder()
-	if err := getImagesByName(srv, API_VERSION, r, nil, map[string]string{"name": unitTestImageName}); err != nil {
+	if err := getImagesByName(srv, APIVERSION, r, nil, map[string]string{"name": unitTestImageName}); err != nil {
 		t.Fatal(err)
 	}

@@ -311,12 +304,12 @@ func TestGetImagesByName(t *testing.T) {
 	if err := json.Unmarshal(r.Body.Bytes(), img); err != nil {
 		t.Fatal(err)
 	}
-	if img.Id != GetTestImage(runtime).Id || img.Comment != "Imported from http://get.docker.io/images/busybox" {
+	if img.ID != GetTestImage(runtime).ID || img.Comment != "Imported from http://get.docker.io/images/busybox" {
 		t.Errorf("Error inspecting image")
 	}
 }

-func TestGetContainersJson(t *testing.T) {
+func TestGetContainersJSON(t *testing.T) {
 	runtime, err := newTestRuntime()
 	if err != nil {
 		t.Fatal(err)
@@ -326,7 +319,7 @@ func TestGetContainersJson(t *testing.T) {
 	srv := &Server{runtime: runtime}

 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"echo", "test"},
 	})
 	if err != nil {
@@ -340,18 +333,18 @@ func TestGetContainersJson(t *testing.T) {
 	}

 	r := httptest.NewRecorder()
-	if err := getContainersJson(srv, API_VERSION, r, req, nil); err != nil {
+	if err := getContainersJSON(srv, APIVERSION, r, req, nil); err != nil {
 		t.Fatal(err)
 	}
-	containers := []ApiContainers{}
+	containers := []APIContainers{}
 	if err := json.Unmarshal(r.Body.Bytes(), &containers); err != nil {
 		t.Fatal(err)
 	}
 	if len(containers) != 1 {
 		t.Fatalf("Excepted %d container, %d found", 1, len(containers))
 	}
-	if containers[0].Id != container.Id {
-		t.Fatalf("Container ID mismatch. Expected: %s, received: %s\n", container.Id, containers[0].Id)
+	if containers[0].ID != container.ID {
+		t.Fatalf("Container ID mismatch. Expected: %s, received: %s\n", container.ID, containers[0].ID)
 	}
 }

@@ -369,7 +362,7 @@ func TestGetContainersExport(t *testing.T) {
 	// Create a container and remove a file
 	container, err := builder.Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"touch", "/test"},
 		},
 	)
@@ -383,7 +376,7 @@ func TestGetContainersExport(t *testing.T) {
 	}

 	r := httptest.NewRecorder()
-	if err = getContainersExport(srv, API_VERSION, r, nil, map[string]string{"name": container.Id}); err != nil {
+	if err = getContainersExport(srv, APIVERSION, r, nil, map[string]string{"name": container.ID}); err != nil {
 		t.Fatal(err)
 	}

@@ -424,7 +417,7 @@ func TestGetContainersChanges(t *testing.T) {
 	// Create a container and remove a file
 	container, err := builder.Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"/bin/rm", "/etc/passwd"},
 		},
 	)
@@ -438,7 +431,7 @@ func TestGetContainersChanges(t *testing.T) {
 	}

 	r := httptest.NewRecorder()
-	if err := getContainersChanges(srv, API_VERSION, r, nil, map[string]string{"name": container.Id}); err != nil {
+	if err := getContainersChanges(srv, APIVERSION, r, nil, map[string]string{"name": container.ID}); err != nil {
 		t.Fatal(err)
 	}
 	changes := []Change{}
@@ -472,7 +465,7 @@ func TestGetContainersByName(t *testing.T) {
 	// Create a container and remove a file
 	container, err := builder.Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"echo", "test"},
 		},
 	)
@@ -482,49 +475,15 @@ func TestGetContainersByName(t *testing.T) {
 	defer runtime.Destroy(container)

 	r := httptest.NewRecorder()
-	if err := getContainersByName(srv, API_VERSION, r, nil, map[string]string{"name": container.Id}); err != nil {
+	if err := getContainersByName(srv, APIVERSION, r, nil, map[string]string{"name": container.ID}); err != nil {
 		t.Fatal(err)
 	}
 	outContainer := &Container{}
 	if err := json.Unmarshal(r.Body.Bytes(), outContainer); err != nil {
 		t.Fatal(err)
 	}
-	if outContainer.Id != container.Id {
-		t.Fatalf("Wrong containers retrieved. Expected %s, recieved %s", container.Id, outContainer.Id)
-	}
-}
-
-func TestPostAuth(t *testing.T) {
-	runtime, err := newTestRuntime()
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer nuke(runtime)
-
-	srv := &Server{
-		runtime: runtime,
-	}
-
-	config := &auth.AuthConfig{
-		Username: "utest",
-		Email:    "utest@yopmail.com",
-	}
-
-	authStr := auth.EncodeAuth(config)
-	auth.SaveConfig(runtime.root, authStr, config.Email)
-
-	r := httptest.NewRecorder()
-	if err := getAuth(srv, API_VERSION, r, nil, nil); err != nil {
-		t.Fatal(err)
-	}
-
-	authConfig := &auth.AuthConfig{}
-	if err := json.Unmarshal(r.Body.Bytes(), authConfig); err != nil {
-		t.Fatal(err)
-	}
-
-	if authConfig.Username != config.Username || authConfig.Email != config.Email {
-		t.Errorf("The retrieve auth mismatch with the one set.")
+	if outContainer.ID != container.ID {
+		t.Fatalf("Wrong containers retrieved. Expected %s, recieved %s", container.ID, outContainer.ID)
 	}
 }

@@ -542,7 +501,7 @@ func TestPostCommit(t *testing.T) {
 	// Create a container and remove a file
 	container, err := builder.Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"touch", "/test"},
 		},
 	)
@@ -555,24 +514,24 @@ func TestPostCommit(t *testing.T) {
 		t.Fatal(err)
 	}

-	req, err := http.NewRequest("POST", "/commit?repo=testrepo&testtag=tag&container="+container.Id, bytes.NewReader([]byte{}))
+	req, err := http.NewRequest("POST", "/commit?repo=testrepo&testtag=tag&container="+container.ID, bytes.NewReader([]byte{}))
 	if err != nil {
 		t.Fatal(err)
 	}

 	r := httptest.NewRecorder()
-	if err := postCommit(srv, API_VERSION, r, req, nil); err != nil {
+	if err := postCommit(srv, APIVERSION, r, req, nil); err != nil {
 		t.Fatal(err)
 	}
 	if r.Code != http.StatusCreated {
 		t.Fatalf("%d Created expected, received %d\n", http.StatusCreated, r.Code)
 	}

-	apiId := &ApiId{}
-	if err := json.Unmarshal(r.Body.Bytes(), apiId); err != nil {
+	apiID := &APIID{}
+	if err := json.Unmarshal(r.Body.Bytes(), apiID); err != nil {
 		t.Fatal(err)
 	}
-	if _, err := runtime.graph.Get(apiId.Id); err != nil {
+	if _, err := runtime.graph.Get(apiID.ID); err != nil {
 		t.Fatalf("The image has not been commited")
 	}
 }
@@ -715,7 +674,7 @@ func TestPostImagesInsert(t *testing.T) {
 	// 	t.Fatalf("The test file has not been found")
 	// }

-	// if err := srv.runtime.graph.Delete(img.Id); err != nil {
+	// if err := srv.runtime.graph.Delete(img.ID); err != nil {
 	// 	t.Fatal(err)
 	// }
 }
@@ -824,8 +783,8 @@ func TestPostContainersCreate(t *testing.T) {

 	srv := &Server{runtime: runtime}

-	configJson, err := json.Marshal(&Config{
-		Image:  GetTestImage(runtime).Id,
+	configJSON, err := json.Marshal(&Config{
+		Image:  GetTestImage(runtime).ID,
 		Memory: 33554432,
 		Cmd:    []string{"touch", "/test"},
 	})
@@ -833,25 +792,25 @@ func TestPostContainersCreate(t *testing.T) {
 		t.Fatal(err)
 	}

-	req, err := http.NewRequest("POST", "/containers/create", bytes.NewReader(configJson))
+	req, err := http.NewRequest("POST", "/containers/create", bytes.NewReader(configJSON))
 	if err != nil {
 		t.Fatal(err)
 	}

 	r := httptest.NewRecorder()
-	if err := postContainersCreate(srv, API_VERSION, r, req, nil); err != nil {
+	if err := postContainersCreate(srv, APIVERSION, r, req, nil); err != nil {
 		t.Fatal(err)
 	}
 	if r.Code != http.StatusCreated {
 		t.Fatalf("%d Created expected, received %d\n", http.StatusCreated, r.Code)
 	}

-	apiRun := &ApiRun{}
+	apiRun := &APIRun{}
 	if err := json.Unmarshal(r.Body.Bytes(), apiRun); err != nil {
 		t.Fatal(err)
 	}

-	container := srv.runtime.Get(apiRun.Id)
+	container := srv.runtime.Get(apiRun.ID)
 	if container == nil {
 		t.Fatalf("Container not created")
 	}
@@ -880,7 +839,7 @@ func TestPostContainersKill(t *testing.T) {

 	container, err := NewBuilder(runtime).Create(
 		&Config{
-			Image:     GetTestImage(runtime).Id,
+			Image:     GetTestImage(runtime).ID,
 			Cmd:       []string{"/bin/cat"},
 			OpenStdin: true,
 		},
@@ -902,7 +861,7 @@ func TestPostContainersKill(t *testing.T) {
 	}

 	r := httptest.NewRecorder()
-	if err := postContainersKill(srv, API_VERSION, r, nil, map[string]string{"name": container.Id}); err != nil {
+	if err := postContainersKill(srv, APIVERSION, r, nil, map[string]string{"name": container.ID}); err != nil {
 		t.Fatal(err)
 	}
 	if r.Code != http.StatusNoContent {
@@ -924,7 +883,7 @@ func TestPostContainersRestart(t *testing.T) {

 	container, err := NewBuilder(runtime).Create(
 		&Config{
-			Image:     GetTestImage(runtime).Id,
+			Image:     GetTestImage(runtime).ID,
 			Cmd:       []string{"/bin/cat"},
 			OpenStdin: true,
 		},
@@ -945,12 +904,12 @@ func TestPostContainersRestart(t *testing.T) {
 		t.Errorf("Container should be running")
 	}

-	req, err := http.NewRequest("POST", "/containers/"+container.Id+"/restart?t=1", bytes.NewReader([]byte{}))
+	req, err := http.NewRequest("POST", "/containers/"+container.ID+"/restart?t=1", bytes.NewReader([]byte{}))
 	if err != nil {
 		t.Fatal(err)
 	}
 	r := httptest.NewRecorder()
-	if err := postContainersRestart(srv, API_VERSION, r, req, map[string]string{"name": container.Id}); err != nil {
+	if err := postContainersRestart(srv, APIVERSION, r, req, map[string]string{"name": container.ID}); err != nil {
 		t.Fatal(err)
 	}
 	if r.Code != http.StatusNoContent {
@@ -980,7 +939,7 @@ func TestPostContainersStart(t *testing.T) {

 	container, err := NewBuilder(runtime).Create(
 		&Config{
-			Image:     GetTestImage(runtime).Id,
+			Image:     GetTestImage(runtime).ID,
 			Cmd:       []string{"/bin/cat"},
 			OpenStdin: true,
 		},
@@ -991,7 +950,7 @@ func TestPostContainersStart(t *testing.T) {
 	defer runtime.Destroy(container)

 	r := httptest.NewRecorder()
-	if err := postContainersStart(srv, API_VERSION, r, nil, map[string]string{"name": container.Id}); err != nil {
+	if err := postContainersStart(srv, APIVERSION, r, nil, map[string]string{"name": container.ID}); err != nil {
 		t.Fatal(err)
 	}
 	if r.Code != http.StatusNoContent {
@@ -1006,7 +965,7 @@ func TestPostContainersStart(t *testing.T) {
 	}

 	r = httptest.NewRecorder()
-	if err = postContainersStart(srv, API_VERSION, r, nil, map[string]string{"name": container.Id}); err == nil {
+	if err = postContainersStart(srv, APIVERSION, r, nil, map[string]string{"name": container.ID}); err == nil {
 		t.Fatalf("A running containter should be able to be started")
 	}

@@ -1026,7 +985,7 @@ func TestPostContainersStop(t *testing.T) {

 	container, err := NewBuilder(runtime).Create(
 		&Config{
-			Image:     GetTestImage(runtime).Id,
+			Image:     GetTestImage(runtime).ID,
 			Cmd:       []string{"/bin/cat"},
 			OpenStdin: true,
 		},
@@ -1048,12 +1007,12 @@ func TestPostContainersStop(t *testing.T) {
 	}

 	// Note: as it is a POST request, it requires a body.
-	req, err := http.NewRequest("POST", "/containers/"+container.Id+"/stop?t=1", bytes.NewReader([]byte{}))
+	req, err := http.NewRequest("POST", "/containers/"+container.ID+"/stop?t=1", bytes.NewReader([]byte{}))
 	if err != nil {
 		t.Fatal(err)
 	}
 	r := httptest.NewRecorder()
-	if err := postContainersStop(srv, API_VERSION, r, req, map[string]string{"name": container.Id}); err != nil {
+	if err := postContainersStop(srv, APIVERSION, r, req, map[string]string{"name": container.ID}); err != nil {
 		t.Fatal(err)
 	}
 	if r.Code != http.StatusNoContent {
@@ -1075,7 +1034,7 @@ func TestPostContainersWait(t *testing.T) {

 	container, err := NewBuilder(runtime).Create(
 		&Config{
-			Image:     GetTestImage(runtime).Id,
+			Image:     GetTestImage(runtime).ID,
 			Cmd:       []string{"/bin/sleep", "1"},
 			OpenStdin: true,
 		},
@@ -1091,10 +1050,10 @@ func TestPostContainersWait(t *testing.T) {

 	setTimeout(t, "Wait timed out", 3*time.Second, func() {
 		r := httptest.NewRecorder()
-		if err := postContainersWait(srv, API_VERSION, r, nil, map[string]string{"name": container.Id}); err != nil {
+		if err := postContainersWait(srv, APIVERSION, r, nil, map[string]string{"name": container.ID}); err != nil {
 			t.Fatal(err)
 		}
-		apiWait := &ApiWait{}
+		apiWait := &APIWait{}
 		if err := json.Unmarshal(r.Body.Bytes(), apiWait); err != nil {
 			t.Fatal(err)
 		}
@@ -1119,7 +1078,7 @@ func TestPostContainersAttach(t *testing.T) {

 	container, err := NewBuilder(runtime).Create(
 		&Config{
-			Image:     GetTestImage(runtime).Id,
+			Image:     GetTestImage(runtime).ID,
 			Cmd:       []string{"/bin/cat"},
 			OpenStdin: true,
 		},
@@ -1148,12 +1107,12 @@ func TestPostContainersAttach(t *testing.T) {
 			out:              stdoutPipe,
 		}

-		req, err := http.NewRequest("POST", "/containers/"+container.Id+"/attach?stream=1&stdin=1&stdout=1&stderr=1", bytes.NewReader([]byte{}))
+		req, err := http.NewRequest("POST", "/containers/"+container.ID+"/attach?stream=1&stdin=1&stdout=1&stderr=1", bytes.NewReader([]byte{}))
 		if err != nil {
 			t.Fatal(err)
 		}

-		if err := postContainersAttach(srv, API_VERSION, r, req, map[string]string{"name": container.Id}); err != nil {
+		if err := postContainersAttach(srv, APIVERSION, r, req, map[string]string{"name": container.ID}); err != nil {
 			t.Fatal(err)
 		}
 	}()
@@ -1206,7 +1165,7 @@ func TestDeleteContainers(t *testing.T) {
 	srv := &Server{runtime: runtime}

 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"touch", "/test"},
 	})
 	if err != nil {
@@ -1218,19 +1177,19 @@ func TestDeleteContainers(t *testing.T) {
 		t.Fatal(err)
 	}

-	req, err := http.NewRequest("DELETE", "/containers/"+container.Id, nil)
+	req, err := http.NewRequest("DELETE", "/containers/"+container.ID, nil)
 	if err != nil {
 		t.Fatal(err)
 	}
 	r := httptest.NewRecorder()
-	if err := deleteContainers(srv, API_VERSION, r, req, map[string]string{"name": container.Id}); err != nil {
+	if err := deleteContainers(srv, APIVERSION, r, req, map[string]string{"name": container.ID}); err != nil {
 		t.Fatal(err)
 	}
 	if r.Code != http.StatusNoContent {
 		t.Fatalf("%d NO CONTENT expected, received %d\n", http.StatusNoContent, r.Code)
 	}

-	if c := runtime.Get(container.Id); c != nil {
+	if c := runtime.Get(container.ID); c != nil {
 		t.Fatalf("The container as not been deleted")
 	}

@@ -1239,9 +1198,131 @@ func TestDeleteContainers(t *testing.T) {
 	}
 }

+func TestOptionsRoute(t *testing.T) {
+	runtime, err := newTestRuntime()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer nuke(runtime)
+
+	srv := &Server{runtime: runtime, enableCors: true}
+
+	r := httptest.NewRecorder()
+	router, err := createRouter(srv, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	req, err := http.NewRequest("OPTIONS", "/", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	router.ServeHTTP(r, req)
+	if r.Code != http.StatusOK {
+		t.Errorf("Expected response for OPTIONS request to be \"200\", %v found.", r.Code)
+	}
+}
+
+func TestGetEnabledCors(t *testing.T) {
+	runtime, err := newTestRuntime()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer nuke(runtime)
+
+	srv := &Server{runtime: runtime, enableCors: true}
+
+	r := httptest.NewRecorder()
+
+	router, err := createRouter(srv, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	req, err := http.NewRequest("GET", "/version", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	router.ServeHTTP(r, req)
+	if r.Code != http.StatusOK {
+		t.Errorf("Expected response for OPTIONS request to be \"200\", %v found.", r.Code)
+	}
+
+	allowOrigin := r.Header().Get("Access-Control-Allow-Origin")
+	allowHeaders := r.Header().Get("Access-Control-Allow-Headers")
+	allowMethods := r.Header().Get("Access-Control-Allow-Methods")
+
+	if allowOrigin != "*" {
+		t.Errorf("Expected header Access-Control-Allow-Origin to be \"*\", %s found.", allowOrigin)
+	}
+	if allowHeaders != "Origin, X-Requested-With, Content-Type, Accept" {
+		t.Errorf("Expected header Access-Control-Allow-Headers to be \"Origin, X-Requested-With, Content-Type, Accept\", %s found.", allowHeaders)
+	}
+	if allowMethods != "GET, POST, DELETE, PUT, OPTIONS" {
+		t.Errorf("Expected hearder Access-Control-Allow-Methods to be \"GET, POST, DELETE, PUT, OPTIONS\", %s found.", allowMethods)
+	}
+}
+
 func TestDeleteImages(t *testing.T) {
-	//FIXME: Implement this test
-	t.Log("Test not implemented")
+	runtime, err := newTestRuntime()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer nuke(runtime)
+
+	srv := &Server{runtime: runtime}
+
+	if err := srv.runtime.repositories.Set("test", "test", unitTestImageName, true); err != nil {
+		t.Fatal(err)
+	}
+
+	images, err := srv.Images(false, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(images) != 2 {
+		t.Errorf("Excepted 2 images, %d found", len(images))
+	}
+
+	req, err := http.NewRequest("DELETE", "/images/test:test", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	r := httptest.NewRecorder()
+	if err := deleteImages(srv, APIVERSION, r, req, map[string]string{"name": "test:test"}); err != nil {
+		t.Fatal(err)
+	}
+	if r.Code != http.StatusOK {
+		t.Fatalf("%d OK expected, received %d\n", http.StatusOK, r.Code)
+	}
+
+	var outs []APIRmi
+	if err := json.Unmarshal(r.Body.Bytes(), &outs); err != nil {
+		t.Fatal(err)
+	}
+	if len(outs) != 1 {
+		t.Fatalf("Expected %d event (untagged), got %d", 1, len(outs))
+	}
+	images, err = srv.Images(false, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(images) != 1 {
+		t.Errorf("Excepted 1 image, %d found", len(images))
+	}
+
+	/*	if c := runtime.Get(container.Id); c != nil {
+			t.Fatalf("The container as not been deleted")
+		}
+
+		if _, err := os.Stat(path.Join(container.rwPath(), "test")); err == nil {
+			t.Fatalf("The test file has not been deleted")
+		} */
 }

 // Mocked types for tests
--- a/archive.go
+++ b/archive.go
@@ -1,12 +1,15 @@
 package docker

 import (
+	"bufio"
 	"errors"
 	"fmt"
+	"github.com/dotcloud/docker/utils"
 	"io"
 	"io/ioutil"
 	"os"
 	"os/exec"
+	"path"
 )

 type Archive io.Reader
@@ -20,6 +23,37 @@ const (
 	Xz
 )

+func DetectCompression(source []byte) Compression {
+	for _, c := range source[:10] {
+		utils.Debugf("%x", c)
+	}
+
+	sourceLen := len(source)
+	for compression, m := range map[Compression][]byte{
+		Bzip2: {0x42, 0x5A, 0x68},
+		Gzip:  {0x1F, 0x8B, 0x08},
+		Xz:    {0xFD, 0x37, 0x7A, 0x58, 0x5A, 0x00},
+	} {
+		fail := false
+		if len(m) > sourceLen {
+			utils.Debugf("Len too short")
+			continue
+		}
+		i := 0
+		for _, b := range m {
+			if b != source[i] {
+				fail = true
+				break
+			}
+			i++
+		}
+		if !fail {
+			return compression
+		}
+	}
+	return Uncompressed
+}
+
 func (compression *Compression) Flag() string {
 	switch *compression {
 	case Bzip2:
@@ -46,14 +80,43 @@ func (compression *Compression) Extension() string {
 	return ""
 }

+// Tar creates an archive from the directory at `path`, and returns it as a
+// stream of bytes.
 func Tar(path string, compression Compression) (io.Reader, error) {
-	cmd := exec.Command("bsdtar", "-f", "-", "-C", path, "-c"+compression.Flag(), ".")
-	return CmdStream(cmd)
+	return TarFilter(path, compression, nil)
 }

+// Tar creates an archive from the directory at `path`, only including files whose relative
+// paths are included in `filter`. If `filter` is nil, then all files are included.
+func TarFilter(path string, compression Compression, filter []string) (io.Reader, error) {
+	args := []string{"tar", "-f", "-", "-C", path}
+	if filter == nil {
+		filter = []string{"."}
+	}
+	for _, f := range filter {
+		args = append(args, "-c"+compression.Flag(), f)
+	}
+	return CmdStream(exec.Command(args[0], args[1:]...))
+}
+
+// Untar reads a stream of bytes from `archive`, parses it as a tar archive,
+// and unpacks it into the directory at `path`.
+// The archive may be compressed with one of the following algorithgms:
+//  identity (uncompressed), gzip, bzip2, xz.
+// FIXME: specify behavior when target path exists vs. doesn't exist.
 func Untar(archive io.Reader, path string) error {
-	cmd := exec.Command("bsdtar", "-f", "-", "-C", path, "-x")
-	cmd.Stdin = archive
+
+	bufferedArchive := bufio.NewReaderSize(archive, 10)
+	buf, err := bufferedArchive.Peek(10)
+	if err != nil {
+		return err
+	}
+	compression := DetectCompression(buf)
+
+	utils.Debugf("Archive compression detected: %s", compression.Extension())
+
+	cmd := exec.Command("tar", "-f", "-", "-C", path, "-x"+compression.Flag())
+	cmd.Stdin = bufferedArchive
 	// Hardcode locale environment for predictable outcome regardless of host configuration.
 	//   (see https://github.com/dotcloud/docker/issues/355)
 	cmd.Env = []string{"LANG=en_US.utf-8", "LC_ALL=en_US.utf-8"}
@@ -64,6 +127,86 @@ func Untar(archive io.Reader, path string) error {
 	return nil
 }

+// TarUntar is a convenience function which calls Tar and Untar, with
+// the output of one piped into the other. If either Tar or Untar fails,
+// TarUntar aborts and returns the error.
+func TarUntar(src string, filter []string, dst string) error {
+	utils.Debugf("TarUntar(%s %s %s)", src, filter, dst)
+	archive, err := TarFilter(src, Uncompressed, filter)
+	if err != nil {
+		return err
+	}
+	return Untar(archive, dst)
+}
+
+// UntarPath is a convenience function which looks for an archive
+// at filesystem path `src`, and unpacks it at `dst`.
+func UntarPath(src, dst string) error {
+	if archive, err := os.Open(src); err != nil {
+		return err
+	} else if err := Untar(archive, dst); err != nil {
+		return err
+	}
+	return nil
+}
+
+// CopyWithTar creates a tar archive of filesystem path `src`, and
+// unpacks it at filesystem path `dst`.
+// The archive is streamed directly with fixed buffering and no
+// intermediary disk IO.
+//
+func CopyWithTar(src, dst string) error {
+	srcSt, err := os.Stat(src)
+	if err != nil {
+		return err
+	}
+	var dstExists bool
+	dstSt, err := os.Stat(dst)
+	if err != nil {
+		if !os.IsNotExist(err) {
+			return err
+		}
+	} else {
+		dstExists = true
+	}
+	// Things that can go wrong if the source is a directory
+	if srcSt.IsDir() {
+		// The destination exists and is a regular file
+		if dstExists && !dstSt.IsDir() {
+			return fmt.Errorf("Can't copy a directory over a regular file")
+		}
+		// Things that can go wrong if the source is a regular file
+	} else {
+		utils.Debugf("The destination exists, it's a directory, and doesn't end in /")
+		// The destination exists, it's a directory, and doesn't end in /
+		if dstExists && dstSt.IsDir() && dst[len(dst)-1] != '/' {
+			return fmt.Errorf("Can't copy a regular file over a directory %s |%s|", dst, dst[len(dst)-1])
+		}
+	}
+	// Create the destination
+	var dstDir string
+	if srcSt.IsDir() || dst[len(dst)-1] == '/' {
+		// The destination ends in /, or the source is a directory
+		//   --> dst is the holding directory and needs to be created for -C
+		dstDir = dst
+	} else {
+		// The destination doesn't end in /
+		//   --> dst is the file
+		dstDir = path.Dir(dst)
+	}
+	if !dstExists {
+		// Create the holding directory if necessary
+		utils.Debugf("Creating the holding directory %s", dstDir)
+		if err := os.MkdirAll(dstDir, 0700); err != nil && !os.IsExist(err) {
+			return err
+		}
+	}
+	if !srcSt.IsDir() {
+		return TarUntar(path.Dir(src), []string{path.Base(src)}, dstDir)
+	}
+	return TarUntar(src, nil, dstDir)
+}
+
 // CmdStream executes a command, and returns its stdout as a stream.
 // If the command fails to run or doesn't complete successfully, an error
 // will be returned, including anything written on stderr.
--- a/archive_test.go
+++ b/archive_test.go
@@ -1,10 +1,13 @@
 package docker

 import (
+	"bytes"
+	"fmt"
 	"io"
 	"io/ioutil"
 	"os"
 	"os/exec"
+	"path"
 	"testing"
 	"time"
 )
@@ -58,20 +61,58 @@ func TestCmdStreamGood(t *testing.T) {
 	}
 }

-func TestTarUntar(t *testing.T) {
-	archive, err := Tar(".", Uncompressed)
+func tarUntar(t *testing.T, origin string, compression Compression) error {
+	archive, err := Tar(origin, compression)
 	if err != nil {
 		t.Fatal(err)
 	}
+
+	buf := make([]byte, 10)
+	if _, err := archive.Read(buf); err != nil {
+		return err
+	}
+	archive = io.MultiReader(bytes.NewReader(buf), archive)
+
+	detectedCompression := DetectCompression(buf)
+	if detectedCompression.Extension() != compression.Extension() {
+		return fmt.Errorf("Wrong compression detected. Actual compression: %s, found %s", compression.Extension(), detectedCompression.Extension())
+	}
+
 	tmp, err := ioutil.TempDir("", "docker-test-untar")
 	if err != nil {
-		t.Fatal(err)
+		return err
 	}
 	defer os.RemoveAll(tmp)
 	if err := Untar(archive, tmp); err != nil {
-		t.Fatal(err)
+		return err
 	}
 	if _, err := os.Stat(tmp); err != nil {
-		t.Fatalf("Error stating %s: %s", tmp, err.Error())
+		return err
+	}
+	return nil
+}
+
+func TestTarUntar(t *testing.T) {
+	origin, err := ioutil.TempDir("", "docker-test-untar-origin")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(origin)
+	if err := ioutil.WriteFile(path.Join(origin, "1"), []byte("hello world"), 0700); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(path.Join(origin, "2"), []byte("welcome!"), 0700); err != nil {
+		t.Fatal(err)
+	}
+
+	for _, c := range []Compression{
+		Uncompressed,
+		Gzip,
+		Bzip2,
+		Xz,
+	} {
+		if err := tarUntar(t, origin, c); err != nil {
+			t.Fatalf("Error tar/untar for compression %s: %s", c.Extension(), err)
+		}
 	}
 }
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -16,12 +16,12 @@ import (
 const CONFIGFILE = ".dockercfg"

 // the registry server we want to login against
-const INDEX_SERVER = "https://index.docker.io/v1"
+const INDEXSERVER = "https://index.docker.io/v1"

-//const INDEX_SERVER = "http://indexstaging-docker.dotcloud.com/"
+//const INDEXSERVER = "http://indexstaging-docker.dotcloud.com/"

 var (
-	ErrConfigFileMissing error = errors.New("The Auth config file is missing")
+	ErrConfigFileMissing = errors.New("The Auth config file is missing")
 )

 type AuthConfig struct {
@@ -44,11 +44,11 @@ func IndexServerAddress() string {
 	if os.Getenv("DOCKER_INDEX_URL") != "" {
 		return os.Getenv("DOCKER_INDEX_URL") + "/v1"
 	}
-	return INDEX_SERVER
+	return INDEXSERVER
 }

 // create a base64 encoded auth string to store in config
-func EncodeAuth(authConfig *AuthConfig) string {
+func encodeAuth(authConfig *AuthConfig) string {
 	authStr := authConfig.Username + ":" + authConfig.Password
 	msg := []byte(authStr)
 	encoded := make([]byte, base64.StdEncoding.EncodedLen(len(msg)))
@@ -57,7 +57,7 @@ func EncodeAuth(authConfig *AuthConfig) string {
 }

 // decode the auth string
-func DecodeAuth(authStr string) (*AuthConfig, error) {
+func decodeAuth(authStr string) (*AuthConfig, error) {
 	decLen := base64.StdEncoding.DecodedLen(len(authStr))
 	decoded := make([]byte, decLen)
 	authByte := []byte(authStr)
@@ -82,7 +82,7 @@ func DecodeAuth(authStr string) (*AuthConfig, error) {
 func LoadConfig(rootPath string) (*AuthConfig, error) {
 	confFile := path.Join(rootPath, CONFIGFILE)
 	if _, err := os.Stat(confFile); err != nil {
-		return nil, ErrConfigFileMissing
+		return &AuthConfig{rootPath: rootPath}, ErrConfigFileMissing
 	}
 	b, err := ioutil.ReadFile(confFile)
 	if err != nil {
@@ -94,7 +94,7 @@ func LoadConfig(rootPath string) (*AuthConfig, error) {
 	}
 	origAuth := strings.Split(arr[0], " = ")
 	origEmail := strings.Split(arr[1], " = ")
-	authConfig, err := DecodeAuth(origAuth[1])
+	authConfig, err := decodeAuth(origAuth[1])
 	if err != nil {
 		return nil, err
 	}
@@ -104,13 +104,13 @@ func LoadConfig(rootPath string) (*AuthConfig, error) {
 }

 // save the auth config
-func SaveConfig(rootPath, authStr string, email string) error {
-	confFile := path.Join(rootPath, CONFIGFILE)
-	if len(email) == 0 {
+func SaveConfig(authConfig *AuthConfig) error {
+	confFile := path.Join(authConfig.rootPath, CONFIGFILE)
+	if len(authConfig.Email) == 0 {
 		os.Remove(confFile)
 		return nil
 	}
-	lines := "auth = " + authStr + "\n" + "email = " + email + "\n"
+	lines := "auth = " + encodeAuth(authConfig) + "\n" + "email = " + authConfig.Email + "\n"
 	b := []byte(lines)
 	err := ioutil.WriteFile(confFile, b, 0600)
 	if err != nil {
@@ -120,7 +120,7 @@ func SaveConfig(rootPath, authStr string, email string) error {
 }

 // try to register/login to the registry server
-func Login(authConfig *AuthConfig) (string, error) {
+func Login(authConfig *AuthConfig, store bool) (string, error) {
 	storeConfig := false
 	client := &http.Client{}
 	reqStatusCode := 0
@@ -168,8 +168,10 @@ func Login(authConfig *AuthConfig) (string, error) {
 				status = "Login Succeeded\n"
 				storeConfig = true
 			} else if resp.StatusCode == 401 {
-				if err := SaveConfig(authConfig.rootPath, "", ""); err != nil {
-					return "", err
+				if store {
+					if err := SaveConfig(authConfig); err != nil {
+						return "", err
+					}
 				}
 				return "", fmt.Errorf("Wrong login/password, please try again")
 			} else {
@@ -182,9 +184,8 @@ func Login(authConfig *AuthConfig) (string, error) {
 	} else {
 		return "", fmt.Errorf("Unexpected status code [%d] : %s", reqStatusCode, reqBody)
 	}
-	if storeConfig {
-		authStr := EncodeAuth(authConfig)
-		if err := SaveConfig(authConfig.rootPath, authStr, authConfig.Email); err != nil {
+	if storeConfig && store {
+		if err := SaveConfig(authConfig); err != nil {
 			return "", err
 		}
 	}
--- a/auth/auth_test.go
+++ b/auth/auth_test.go
@@ -10,8 +10,8 @@ import (

 func TestEncodeAuth(t *testing.T) {
 	newAuthConfig := &AuthConfig{Username: "ken", Password: "test", Email: "test@example.com"}
-	authStr := EncodeAuth(newAuthConfig)
-	decAuthConfig, err := DecodeAuth(authStr)
+	authStr := encodeAuth(newAuthConfig)
+	decAuthConfig, err := decodeAuth(authStr)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -30,7 +30,7 @@ func TestLogin(t *testing.T) {
 	os.Setenv("DOCKER_INDEX_URL", "https://indexstaging-docker.dotcloud.com")
 	defer os.Setenv("DOCKER_INDEX_URL", "")
 	authConfig := NewAuthConfig("unittester", "surlautrerivejetattendrai", "noise+unittester@dotcloud.com", "/tmp")
-	status, err := Login(authConfig)
+	status, err := Login(authConfig, false)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -50,7 +50,7 @@ func TestCreateAccount(t *testing.T) {
 	token := hex.EncodeToString(tokenBuffer)[:12]
 	username := "ut" + token
 	authConfig := NewAuthConfig(username, "test42", "docker-ut+"+token+"@example.com", "/tmp")
-	status, err := Login(authConfig)
+	status, err := Login(authConfig, false)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -60,7 +60,7 @@ func TestCreateAccount(t *testing.T) {
 		t.Fatalf("Expected status: \"%s\", found \"%s\" instead.", expectedStatus, status)
 	}

-	status, err = Login(authConfig)
+	status, err = Login(authConfig, false)
 	if err == nil {
 		t.Fatalf("Expected error but found nil instead")
 	}
--- a/builder.go
+++ b/builder.go
@@ -2,11 +2,14 @@ package docker

 import (
 	"fmt"
+	"github.com/dotcloud/docker/utils"
 	"os"
 	"path"
 	"time"
 )

+var defaultDns = []string{"8.8.8.8", "8.8.4.4"}
+
 type Builder struct {
 	runtime      *Runtime
 	repositories *TagStore
@@ -40,7 +43,7 @@ func (builder *Builder) Create(config *Config) (*Container, error) {
 	}

 	// Generate id
-	id := GenerateId()
+	id := GenerateID()
 	// Generate default hostname
 	// FIXME: the lxc template no longer needs to set a default hostname
 	if config.Hostname == "" {
@@ -49,32 +52,43 @@ func (builder *Builder) Create(config *Config) (*Container, error) {

 	container := &Container{
 		// FIXME: we should generate the ID here instead of receiving it as an argument
-		Id:              id,
+		ID:              id,
 		Created:         time.Now(),
 		Path:            config.Cmd[0],
 		Args:            config.Cmd[1:], //FIXME: de-duplicate from config
 		Config:          config,
-		Image:           img.Id, // Always use the resolved image id
+		Image:           img.ID, // Always use the resolved image id
 		NetworkSettings: &NetworkSettings{},
 		// FIXME: do we need to store this in the container?
 		SysInitPath: sysInitPath,
 	}
-	container.root = builder.runtime.containerRoot(container.Id)
+	container.root = builder.runtime.containerRoot(container.ID)
 	// Step 1: create the container directory.
 	// This doubles as a barrier to avoid race conditions.
 	if err := os.Mkdir(container.root, 0700); err != nil {
 		return nil, err
 	}

+	if len(config.Dns) == 0 && len(builder.runtime.Dns) == 0 && utils.CheckLocalDns() {
+		//"WARNING: Docker detected local DNS server on resolv.conf. Using default external servers: %v", defaultDns
+		builder.runtime.Dns = defaultDns
+	}
+
 	// If custom dns exists, then create a resolv.conf for the container
-	if len(config.Dns) > 0 {
+	if len(config.Dns) > 0 || len(builder.runtime.Dns) > 0 {
+		var dns []string
+		if len(config.Dns) > 0 {
+			dns = config.Dns
+		} else {
+			dns = builder.runtime.Dns
+		}
 		container.ResolvConfPath = path.Join(container.root, "resolv.conf")
 		f, err := os.Create(container.ResolvConfPath)
 		if err != nil {
 			return nil, err
 		}
 		defer f.Close()
-		for _, dns := range config.Dns {
+		for _, dns := range dns {
 			if _, err := f.Write([]byte("nameserver " + dns + "\n")); err != nil {
 				return nil, err
 			}
@@ -110,7 +124,7 @@ func (builder *Builder) Commit(container *Container, repository, tag, comment, a
 	}
 	// Register the image if needed
 	if repository != "" {
-		if err := builder.repositories.Set(repository, tag, img.Id, true); err != nil {
+		if err := builder.repositories.Set(repository, tag, img.ID, true); err != nil {
 			return img, err
 		}
 	}
--- a/builder_client.go
+++ b/builder_client.go
@@ -63,11 +63,11 @@ func (b *builderClient) CmdFrom(name string) error {
 		return err
 	}

-	img := &ApiId{}
+	img := &APIID{}
 	if err := json.Unmarshal(obj, img); err != nil {
 		return err
 	}
-	b.image = img.Id
+	b.image = img.ID
 	utils.Debugf("Using image %s", b.image)
 	return nil
 }
@@ -91,19 +91,19 @@ func (b *builderClient) CmdRun(args string) error {
 	b.config.Cmd = nil
 	MergeConfig(b.config, config)

-	body, statusCode, err := b.cli.call("POST", "/images/getCache", &ApiImageConfig{Id: b.image, Config: b.config})
+	body, statusCode, err := b.cli.call("POST", "/images/getCache", &APIImageConfig{ID: b.image, Config: b.config})
 	if err != nil {
 		if statusCode != 404 {
 			return err
 		}
 	}
 	if statusCode != 404 {
-		apiId := &ApiId{}
-		if err := json.Unmarshal(body, apiId); err != nil {
+		apiID := &APIID{}
+		if err := json.Unmarshal(body, apiID); err != nil {
 			return err
 		}
 		utils.Debugf("Use cached version")
-		b.image = apiId.Id
+		b.image = apiID.ID
 		return nil
 	}
 	cid, err := b.run()
@@ -163,7 +163,7 @@ func (b *builderClient) CmdInsert(args string) error {
 	// 	return err
 	// }

-	// apiId := &ApiId{}
+	// apiId := &APIId{}
 	// if err := json.Unmarshal(body, apiId); err != nil {
 	// 	return err
 	// }
@@ -182,7 +182,7 @@ func (b *builderClient) run() (string, error) {
 		return "", err
 	}

-	apiRun := &ApiRun{}
+	apiRun := &APIRun{}
 	if err := json.Unmarshal(body, apiRun); err != nil {
 		return "", err
 	}
@@ -191,18 +191,18 @@ func (b *builderClient) run() (string, error) {
 	}

 	//start the container
-	_, _, err = b.cli.call("POST", "/containers/"+apiRun.Id+"/start", nil)
+	_, _, err = b.cli.call("POST", "/containers/"+apiRun.ID+"/start", nil)
 	if err != nil {
 		return "", err
 	}
-	b.tmpContainers[apiRun.Id] = struct{}{}
+	b.tmpContainers[apiRun.ID] = struct{}{}

 	// Wait for it to finish
-	body, _, err = b.cli.call("POST", "/containers/"+apiRun.Id+"/wait", nil)
+	body, _, err = b.cli.call("POST", "/containers/"+apiRun.ID+"/wait", nil)
 	if err != nil {
 		return "", err
 	}
-	apiWait := &ApiWait{}
+	apiWait := &APIWait{}
 	if err := json.Unmarshal(body, apiWait); err != nil {
 		return "", err
 	}
@@ -210,7 +210,7 @@ func (b *builderClient) run() (string, error) {
 		return "", fmt.Errorf("The command %v returned a non-zero code: %d", b.config.Cmd, apiWait.StatusCode)
 	}

-	return apiRun.Id, nil
+	return apiRun.ID, nil
 }

 func (b *builderClient) commit(id string) error {
@@ -222,11 +222,11 @@ func (b *builderClient) commit(id string) error {
 	if id == "" {
 		cmd := b.config.Cmd
 		b.config.Cmd = []string{"true"}
-		if cid, err := b.run(); err != nil {
+		cid, err := b.run()
+		if err != nil {
 			return err
-		} else {
-			id = cid
 		}
+		id = cid
 		b.config.Cmd = cmd
 	}

@@ -239,12 +239,12 @@ func (b *builderClient) commit(id string) error {
 	if err != nil {
 		return err
 	}
-	apiId := &ApiId{}
-	if err := json.Unmarshal(body, apiId); err != nil {
+	apiID := &APIID{}
+	if err := json.Unmarshal(body, apiID); err != nil {
 		return err
 	}
-	b.tmpImages[apiId.Id] = struct{}{}
-	b.image = apiId.Id
+	b.tmpImages[apiID.ID] = struct{}{}
+	b.image = apiID.ID
 	b.needCommit = false
 	return nil
 }
@@ -304,9 +304,9 @@ func (b *builderClient) Build(dockerfile, context io.Reader) (string, error) {
 	return "", fmt.Errorf("An error occured during the build\n")
 }

-func NewBuilderClient(addr string, port int) BuildFile {
+func NewBuilderClient(proto, addr string) BuildFile {
 	return &builderClient{
-		cli:           NewDockerCli(addr, port),
+		cli:           NewDockerCli(proto, addr),
 		config:        &Config{},
 		tmpContainers: make(map[string]struct{}),
 		tmpImages:     make(map[string]struct{}),
--- a/buildfile.go
+++ b/buildfile.go
@@ -61,7 +61,7 @@ func (b *buildFile) CmdFrom(name string) error {
 				remote = name
 			}

-			if err := b.srv.ImagePull(remote, tag, "", b.out, utils.NewStreamFormatter(false)); err != nil {
+			if err := b.srv.ImagePull(remote, tag, "", b.out, utils.NewStreamFormatter(false), nil); err != nil {
 				return err
 			}

@@ -73,7 +73,7 @@ func (b *buildFile) CmdFrom(name string) error {
 			return err
 		}
 	}
-	b.image = image.Id
+	b.image = image.ID
 	b.config = &Config{}
 	return nil
 }
@@ -101,8 +101,9 @@ func (b *buildFile) CmdRun(args string) error {
 	if cache, err := b.srv.ImageGetCached(b.image, b.config); err != nil {
 		return err
 	} else if cache != nil {
+		fmt.Fprintf(b.out, " ---> Using cache\n")
 		utils.Debugf("[BUILDER] Use cached version")
-		b.image = cache.Id
+		b.image = cache.ID
 		return nil
 	} else {
 		utils.Debugf("[BUILDER] Cache miss")
@@ -176,16 +177,17 @@ func (b *buildFile) CmdAdd(args string) error {
 	dest := strings.Trim(tmp[1], " ")

 	cmd := b.config.Cmd
+
+	// Create the container and start it
 	b.config.Cmd = []string{"/bin/sh", "-c", fmt.Sprintf("#(nop) ADD %s in %s", orig, dest)}
-	cid, err := b.run()
+	b.config.Image = b.image
+	container, err := b.builder.Create(b.config)
 	if err != nil {
 		return err
 	}
+	b.tmpContainers[container.ID] = struct{}{}
+	fmt.Fprintf(b.out, " ---> Running in %s\n", utils.TruncateID(container.ID))

-	container := b.runtime.Get(cid)
-	if container == nil {
-		return fmt.Errorf("Error while creating the container (CmdAdd)")
-	}
 	if err := container.EnsureMounted(); err != nil {
 		return err
 	}
@@ -193,34 +195,30 @@ func (b *buildFile) CmdAdd(args string) error {

 	origPath := path.Join(b.context, orig)
 	destPath := path.Join(container.RootfsPath(), dest)
-
+	// Preserve the trailing '/'
+	if dest[len(dest)-1] == '/' {
+		destPath = destPath + "/"
+	}
 	fi, err := os.Stat(origPath)
 	if err != nil {
 		return err
 	}
 	if fi.IsDir() {
-		if err := os.MkdirAll(destPath, 0700); err != nil {
+		if err := CopyWithTar(origPath, destPath); err != nil {
 			return err
 		}
-
-		files, err := ioutil.ReadDir(path.Join(b.context, orig))
-		if err != nil {
-			return err
-		}
-		for _, fi := range files {
-			if err := utils.CopyDirectory(path.Join(origPath, fi.Name()), path.Join(destPath, fi.Name())); err != nil {
-				return err
-			}
-		}
-	} else {
+		// First try to unpack the source as an archive
+	} else if err := UntarPath(origPath, destPath); err != nil {
+		utils.Debugf("Couldn't untar %s to %s: %s", origPath, destPath, err)
+		// If that fails, just copy it as a regular file
 		if err := os.MkdirAll(path.Dir(destPath), 0700); err != nil {
 			return err
 		}
-		if err := utils.CopyDirectory(origPath, destPath); err != nil {
+		if err := CopyWithTar(origPath, destPath); err != nil {
 			return err
 		}
 	}
-	if err := b.commit(cid, cmd, fmt.Sprintf("ADD %s in %s", orig, dest)); err != nil {
+	if err := b.commit(container.ID, cmd, fmt.Sprintf("ADD %s in %s", orig, dest)); err != nil {
 		return err
 	}
 	b.config.Cmd = cmd
@@ -238,7 +236,8 @@ func (b *buildFile) run() (string, error) {
 	if err != nil {
 		return "", err
 	}
-	b.tmpContainers[c.Id] = struct{}{}
+	b.tmpContainers[c.ID] = struct{}{}
+	fmt.Fprintf(b.out, " ---> Running in %s\n", utils.TruncateID(c.ID))

 	//start the container
 	if err := c.Start(); err != nil {
@@ -250,7 +249,7 @@ func (b *buildFile) run() (string, error) {
 		return "", fmt.Errorf("The command %v returned a non-zero code: %d", b.config.Cmd, ret)
 	}

-	return c.Id, nil
+	return c.ID, nil
 }

 // Commit the container <id> with the autorun command <autoCmd>
@@ -265,18 +264,28 @@ func (b *buildFile) commit(id string, autoCmd []string, comment string) error {
 		if cache, err := b.srv.ImageGetCached(b.image, b.config); err != nil {
 			return err
 		} else if cache != nil {
+			fmt.Fprintf(b.out, " ---> Using cache\n")
 			utils.Debugf("[BUILDER] Use cached version")
-			b.image = cache.Id
+			b.image = cache.ID
 			return nil
 		} else {
 			utils.Debugf("[BUILDER] Cache miss")
 		}

-		if cid, err := b.run(); err != nil {
+		// Create the container and start it
+		container, err := b.builder.Create(b.config)
+		if err != nil {
 			return err
-		} else {
-			id = cid
 		}
+		b.tmpContainers[container.ID] = struct{}{}
+		fmt.Fprintf(b.out, " ---> Running in %s\n", utils.TruncateID(container.ID))
+
+		if err := container.EnsureMounted(); err != nil {
+			return err
+		}
+		defer container.Unmount()
+
+		id = container.ID
 	}

 	container := b.runtime.Get(id)
@@ -292,8 +301,8 @@ func (b *buildFile) commit(id string, autoCmd []string, comment string) error {
 	if err != nil {
 		return err
 	}
-	b.tmpImages[image.Id] = struct{}{}
-	b.image = image.Id
+	b.tmpImages[image.ID] = struct{}{}
+	b.image = image.ID
 	return nil
 }

@@ -310,13 +319,15 @@ func (b *buildFile) Build(dockerfile, context io.Reader) (string, error) {
 		b.context = name
 	}
 	file := bufio.NewReader(dockerfile)
+	stepN := 0
 	for {
 		line, err := file.ReadString('\n')
 		if err != nil {
-			if err == io.EOF {
+			if err == io.EOF && line == "" {
 				break
+			} else if err != io.EOF {
+				return "", err
 			}
-			return "", err
 		}
 		line = strings.Replace(strings.TrimSpace(line), "	", " ", 1)
 		// Skip comments and empty line
@@ -329,12 +340,13 @@ func (b *buildFile) Build(dockerfile, context io.Reader) (string, error) {
 		}
 		instruction := strings.ToLower(strings.Trim(tmp[0], " "))
 		arguments := strings.Trim(tmp[1], " ")
-
-		fmt.Fprintf(b.out, "%s %s (%s)\n", strings.ToUpper(instruction), arguments, b.image)
+		stepN += 1
+		// FIXME: only count known instructions as build steps
+		fmt.Fprintf(b.out, "Step %d : %s %s\n", stepN, strings.ToUpper(instruction), arguments)

 		method, exists := reflect.TypeOf(b).MethodByName("Cmd" + strings.ToUpper(instruction[:1]) + strings.ToLower(instruction[1:]))
 		if !exists {
-			fmt.Fprintf(b.out, "Skipping unknown instruction %s\n", strings.ToUpper(instruction))
+			fmt.Fprintf(b.out, "# Skipping unknown instruction %s\n", strings.ToUpper(instruction))
 			continue
 		}
 		ret := method.Func.Call([]reflect.Value{reflect.ValueOf(b), reflect.ValueOf(arguments)})[0].Interface()
@@ -342,10 +354,10 @@ func (b *buildFile) Build(dockerfile, context io.Reader) (string, error) {
 			return "", ret.(error)
 		}

-		fmt.Fprintf(b.out, "===> %v\n", b.image)
+		fmt.Fprintf(b.out, " ---> %v\n", utils.TruncateID(b.image))
 	}
 	if b.image != "" {
-		fmt.Fprintf(b.out, "Build successful.\n===> %s\n", b.image)
+		fmt.Fprintf(b.out, "Successfully built %s\n", utils.TruncateID(b.image))
 		return b.image, nil
 	}
 	return "", fmt.Errorf("An error occured during the build\n")
--- a/buildfile_test.go
+++ b/buildfile_test.go
@@ -15,58 +15,75 @@ run    sh -c 'echo root:testpass > /tmp/passwd'
 run    mkdir -p /var/run/sshd
 `

+const DockerfileNoNewLine = `
+# VERSION		0.1
+# DOCKER-VERSION	0.2
+
+from   ` + unitTestImageName + `
+run    sh -c 'echo root:testpass > /tmp/passwd'
+run    mkdir -p /var/run/sshd`
+
+// FIXME: test building with a context
+
+// FIXME: test building with a local ADD as first command
+
+// FIXME: test building with 2 successive overlapping ADD commands
+
 func TestBuild(t *testing.T) {
-	runtime, err := newTestRuntime()
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer nuke(runtime)
+	dockerfiles := []string{Dockerfile, DockerfileNoNewLine}
+	for _, Dockerfile := range dockerfiles {
+		runtime, err := newTestRuntime()
+		if err != nil {
+			t.Fatal(err)
+		}
+		defer nuke(runtime)

-	srv := &Server{runtime: runtime}
+		srv := &Server{runtime: runtime}

-	buildfile := NewBuildFile(srv, &utils.NopWriter{})
+		buildfile := NewBuildFile(srv, &utils.NopWriter{})

-	imgId, err := buildfile.Build(strings.NewReader(Dockerfile), nil)
-	if err != nil {
-		t.Fatal(err)
-	}
+		imgID, err := buildfile.Build(strings.NewReader(Dockerfile), nil)
+		if err != nil {
+			t.Fatal(err)
+		}

-	builder := NewBuilder(runtime)
-	container, err := builder.Create(
-		&Config{
-			Image: imgId,
-			Cmd:   []string{"cat", "/tmp/passwd"},
-		},
-	)
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer runtime.Destroy(container)
+		builder := NewBuilder(runtime)
+		container, err := builder.Create(
+			&Config{
+				Image: imgID,
+				Cmd:   []string{"cat", "/tmp/passwd"},
+			},
+		)
+		if err != nil {
+			t.Fatal(err)
+		}
+		defer runtime.Destroy(container)

-	output, err := container.Output()
-	if err != nil {
-		t.Fatal(err)
-	}
-	if string(output) != "root:testpass\n" {
-		t.Fatalf("Unexpected output. Read '%s', expected '%s'", output, "root:testpass\n")
-	}
+		output, err := container.Output()
+		if err != nil {
+			t.Fatal(err)
+		}
+		if string(output) != "root:testpass\n" {
+			t.Fatalf("Unexpected output. Read '%s', expected '%s'", output, "root:testpass\n")
+		}

-	container2, err := builder.Create(
-		&Config{
-			Image: imgId,
-			Cmd:   []string{"ls", "-d", "/var/run/sshd"},
-		},
-	)
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer runtime.Destroy(container2)
+		container2, err := builder.Create(
+			&Config{
+				Image: imgID,
+				Cmd:   []string{"ls", "-d", "/var/run/sshd"},
+			},
+		)
+		if err != nil {
+			t.Fatal(err)
+		}
+		defer runtime.Destroy(container2)

-	output, err = container2.Output()
-	if err != nil {
-		t.Fatal(err)
-	}
-	if string(output) != "/var/run/sshd\n" {
-		t.Fatal("/var/run/sshd has not been created")
+		output, err = container2.Output()
+		if err != nil {
+			t.Fatal(err)
+		}
+		if string(output) != "/var/run/sshd\n" {
+			t.Fatal("/var/run/sshd has not been created")
+		}
 	}
 }
--- a/commands.go
+++ b/commands.go
@@ -20,6 +20,7 @@ import (
 	"path"
 	"path/filepath"
 	"reflect"
+	"regexp"
 	"strconv"
 	"strings"
 	"syscall"
@@ -28,10 +29,10 @@ import (
 	"unicode"
 )

-const VERSION = "0.4.0"
+const VERSION = "0.4.4"

 var (
-	GIT_COMMIT string
+	GITCOMMIT string
 )

 func (cli *DockerCli) getMethod(name string) (reflect.Method, bool) {
@@ -39,8 +40,8 @@ func (cli *DockerCli) getMethod(name string) (reflect.Method, bool) {
 	return reflect.TypeOf(cli).MethodByName(methodName)
 }

-func ParseCommands(addr string, port int, args ...string) error {
-	cli := NewDockerCli(addr, port)
+func ParseCommands(proto, addr string, args ...string) error {
+	cli := NewDockerCli(proto, addr)

 	if len(args) > 0 {
 		method, exists := cli.getMethod(args[0])
@@ -73,7 +74,7 @@ func (cli *DockerCli) CmdHelp(args ...string) error {
 			return nil
 		}
 	}
-	help := fmt.Sprintf("Usage: docker [OPTIONS] COMMAND [arg...]\n  -H=\"%s:%d\": Host:port to bind/connect to\n\nA self-sufficient runtime for linux containers.\n\nCommands:\n", cli.host, cli.port)
+	help := fmt.Sprintf("Usage: docker [OPTIONS] COMMAND [arg...]\n  -H=[tcp://%s:%d]: tcp://host:port to bind/connect to or unix://path/to/socker to use\n\nA self-sufficient runtime for linux containers.\n\nCommands:\n", DEFAULTHTTPHOST, DEFAULTHTTPPORT)
 	for _, command := range [][2]string{
 		{"attach", "Attach to a running container"},
 		{"build", "Build a container from a Dockerfile"},
@@ -159,11 +160,11 @@ func (cli *DockerCli) CmdBuild(args ...string) error {
 		file = os.Stdin
 	} else {
 		// Send Dockerfile from arg/Dockerfile (deprecate later)
-		if f, err := os.Open(path.Join(cmd.Arg(0), "Dockerfile")); err != nil {
+		f, err := os.Open(path.Join(cmd.Arg(0), "Dockerfile"))
+		if err != nil {
 			return err
-		} else {
-			file = f
 		}
+		file = f
 		// Send context from arg
 		// Create a FormFile multipart for the context if needed
 		// FIXME: Use NewTempArchive in order to have the size and avoid too much memory usage?
@@ -176,27 +177,27 @@ func (cli *DockerCli) CmdBuild(args ...string) error {
 		if err != nil {
 			return err
 		}
-		if wField, err := w.CreateFormFile("Context", filepath.Base(absPath)+"."+compression.Extension()); err != nil {
+		wField, err := w.CreateFormFile("Context", filepath.Base(absPath)+"."+compression.Extension())
+		if err != nil {
 			return err
-		} else {
-			// FIXME: Find a way to have a progressbar for the upload too
-			sf := utils.NewStreamFormatter(false)
-			io.Copy(wField, utils.ProgressReader(ioutil.NopCloser(context), -1, os.Stdout, sf.FormatProgress("Caching Context", "%v/%v (%v)"), sf))
 		}
+		// FIXME: Find a way to have a progressbar for the upload too
+		sf := utils.NewStreamFormatter(false)
+		io.Copy(wField, utils.ProgressReader(ioutil.NopCloser(context), -1, os.Stdout, sf.FormatProgress("Caching Context", "%v/%v (%v)"), sf))
 		multipartBody = io.MultiReader(multipartBody, boundary)
 	}
 	// Create a FormFile multipart for the Dockerfile
-	if wField, err := w.CreateFormFile("Dockerfile", "Dockerfile"); err != nil {
+	wField, err := w.CreateFormFile("Dockerfile", "Dockerfile")
+	if err != nil {
 		return err
-	} else {
-		io.Copy(wField, file)
 	}
+	io.Copy(wField, file)
 	multipartBody = io.MultiReader(multipartBody, boundary)

 	v := &url.Values{}
 	v.Set("t", *tag)
 	// Send the multipart request with correct content-type
-	req, err := http.NewRequest("POST", fmt.Sprintf("http://%s:%d%s?%s", cli.host, cli.port, "/build", v.Encode()), multipartBody)
+	req, err := http.NewRequest("POST", fmt.Sprintf("/v%g/build?%s", APIVERSION, v.Encode()), multipartBody)
 	if err != nil {
 		return err
 	}
@@ -205,8 +206,13 @@ func (cli *DockerCli) CmdBuild(args ...string) error {
 		req.Header.Set("X-Docker-Context-Compression", compression.Flag())
 		fmt.Println("Uploading Context...")
 	}
-
-	resp, err := http.DefaultClient.Do(req)
+	dial, err := net.Dial(cli.proto, cli.addr)
+	if err != nil {
+		return err
+	}
+	clientconn := httputil.NewClientConn(dial, nil)
+	resp, err := clientconn.Do(req)
+	defer clientconn.Close()
 	if err != nil {
 		return err
 	}
@@ -218,7 +224,10 @@ func (cli *DockerCli) CmdBuild(args ...string) error {
 		if err != nil {
 			return err
 		}
-		return fmt.Errorf("error: %s", body)
+		if len(body) == 0 {
+			return fmt.Errorf("Error: %s", http.StatusText(resp.StatusCode))
+		}
+		return fmt.Errorf("Error: %s", body)
 	}

 	// Output the result
@@ -276,36 +285,24 @@ func (cli *DockerCli) CmdLogin(args ...string) error {
 	oldState, err := term.SetRawTerminal()
 	if err != nil {
 		return err
-	} else {
-		defer term.RestoreTerminal(oldState)
 	}
+	defer term.RestoreTerminal(oldState)

 	cmd := Subcmd("login", "", "Register or Login to the docker registry server")
 	if err := cmd.Parse(args); err != nil {
 		return nil
 	}

-	body, _, err := cli.call("GET", "/auth", nil)
-	if err != nil {
-		return err
-	}
-
-	var out auth.AuthConfig
-	err = json.Unmarshal(body, &out)
-	if err != nil {
-		return err
-	}
-
 	var username string
 	var password string
 	var email string

-	fmt.Print("Username (", out.Username, "): ")
+	fmt.Print("Username (", cli.authConfig.Username, "): ")
 	username = readAndEchoString(os.Stdin, os.Stdout)
 	if username == "" {
-		username = out.Username
+		username = cli.authConfig.Username
 	}
-	if username != out.Username {
+	if username != cli.authConfig.Username {
 		fmt.Print("Password: ")
 		password = readString(os.Stdin, os.Stdout)

@@ -313,31 +310,33 @@ func (cli *DockerCli) CmdLogin(args ...string) error {
 			return fmt.Errorf("Error : Password Required")
 		}

-		fmt.Print("Email (", out.Email, "): ")
+		fmt.Print("Email (", cli.authConfig.Email, "): ")
 		email = readAndEchoString(os.Stdin, os.Stdout)
 		if email == "" {
-			email = out.Email
+			email = cli.authConfig.Email
 		}
 	} else {
-		email = out.Email
+		email = cli.authConfig.Email
 	}
+	term.RestoreTerminal(oldState)

-	out.Username = username
-	out.Password = password
-	out.Email = email
+	cli.authConfig.Username = username
+	cli.authConfig.Password = password
+	cli.authConfig.Email = email

-	body, _, err = cli.call("POST", "/auth", out)
+	body, _, err := cli.call("POST", "/auth", cli.authConfig)
 	if err != nil {
 		return err
 	}

-	var out2 ApiAuth
+	var out2 APIAuth
 	err = json.Unmarshal(body, &out2)
 	if err != nil {
+		auth.LoadConfig(os.Getenv("HOME"))
 		return err
 	}
+	auth.SaveConfig(cli.authConfig)
 	if out2.Status != "" {
-		term.RestoreTerminal(oldState)
 		fmt.Print(out2.Status)
 	}
 	return nil
@@ -358,7 +357,7 @@ func (cli *DockerCli) CmdWait(args ...string) error {
 		if err != nil {
 			fmt.Printf("%s", err)
 		} else {
-			var out ApiWait
+			var out APIWait
 			err = json.Unmarshal(body, &out)
 			if err != nil {
 				return err
@@ -386,7 +385,7 @@ func (cli *DockerCli) CmdVersion(args ...string) error {
 		return err
 	}

-	var out ApiVersion
+	var out APIVersion
 	err = json.Unmarshal(body, &out)
 	if err != nil {
 		utils.Debugf("Error unmarshal: body: %s, err: %s\n", body, err)
@@ -419,7 +418,7 @@ func (cli *DockerCli) CmdInfo(args ...string) error {
 		return err
 	}

-	var out ApiInfo
+	var out APIInfo
 	if err := json.Unmarshal(body, &out); err != nil {
 		return err
 	}
@@ -458,7 +457,7 @@ func (cli *DockerCli) CmdStop(args ...string) error {
 	for _, name := range cmd.Args() {
 		_, _, err := cli.call("POST", "/containers/"+name+"/stop?"+v.Encode(), nil)
 		if err != nil {
-			fmt.Printf("%s", err)
+			fmt.Fprintf(os.Stderr, "%s", err)
 		} else {
 			fmt.Println(name)
 		}
@@ -483,7 +482,7 @@ func (cli *DockerCli) CmdRestart(args ...string) error {
 	for _, name := range cmd.Args() {
 		_, _, err := cli.call("POST", "/containers/"+name+"/restart?"+v.Encode(), nil)
 		if err != nil {
-			fmt.Printf("%s", err)
+			fmt.Fprintf(os.Stderr, "%s", err)
 		} else {
 			fmt.Println(name)
 		}
@@ -504,7 +503,7 @@ func (cli *DockerCli) CmdStart(args ...string) error {
 	for _, name := range args {
 		_, _, err := cli.call("POST", "/containers/"+name+"/start", nil)
 		if err != nil {
-			fmt.Printf("%s", err)
+			fmt.Fprintf(os.Stderr, "%s", err)
 		} else {
 			fmt.Println(name)
 		}
@@ -513,29 +512,38 @@ func (cli *DockerCli) CmdStart(args ...string) error {
 }

 func (cli *DockerCli) CmdInspect(args ...string) error {
-	cmd := Subcmd("inspect", "CONTAINER|IMAGE", "Return low-level information on a container/image")
+	cmd := Subcmd("inspect", "CONTAINER|IMAGE [CONTAINER|IMAGE...]", "Return low-level information on a container/image")
 	if err := cmd.Parse(args); err != nil {
 		return nil
 	}
-	if cmd.NArg() != 1 {
+	if cmd.NArg() < 1 {
 		cmd.Usage()
 		return nil
 	}
-	obj, _, err := cli.call("GET", "/containers/"+cmd.Arg(0)+"/json", nil)
-	if err != nil {
-		obj, _, err = cli.call("GET", "/images/"+cmd.Arg(0)+"/json", nil)
+	fmt.Printf("[")
+	for i, name := range args {
+		if i > 0 {
+			fmt.Printf(",")
+		}
+		obj, _, err := cli.call("GET", "/containers/"+name+"/json", nil)
 		if err != nil {
-			return err
+			obj, _, err = cli.call("GET", "/images/"+name+"/json", nil)
+			if err != nil {
+				fmt.Fprintf(os.Stderr, "%s", err)
+				continue
+			}
+		}
+
+		indented := new(bytes.Buffer)
+		if err = json.Indent(indented, obj, "", "    "); err != nil {
+			fmt.Fprintf(os.Stderr, "%s", err)
+			continue
+		}
+		if _, err := io.Copy(os.Stdout, indented); err != nil {
+			fmt.Fprintf(os.Stderr, "%s", err)
 		}
 	}
-
-	indented := new(bytes.Buffer)
-	if err = json.Indent(indented, obj, "", "    "); err != nil {
-		return err
-	}
-	if _, err := io.Copy(os.Stdout, indented); err != nil {
-		return err
-	}
+	fmt.Printf("]")
 	return nil
 }

@@ -562,7 +570,7 @@ func (cli *DockerCli) CmdPort(args ...string) error {
 	if frontend, exists := out.NetworkSettings.PortMapping[cmd.Arg(1)]; exists {
 		fmt.Println(frontend)
 	} else {
-		return fmt.Errorf("error: No private port '%s' allocated on %s", cmd.Arg(1), cmd.Arg(0))
+		return fmt.Errorf("Error: No private port '%s' allocated on %s", cmd.Arg(1), cmd.Arg(0))
 	}
 	return nil
 }
@@ -579,11 +587,22 @@ func (cli *DockerCli) CmdRmi(args ...string) error {
 	}

 	for _, name := range cmd.Args() {
-		_, _, err := cli.call("DELETE", "/images/"+name, nil)
+		body, _, err := cli.call("DELETE", "/images/"+name, nil)
 		if err != nil {
-			fmt.Printf("%s", err)
+			fmt.Fprintf(os.Stderr, "%s", err)
 		} else {
-			fmt.Println(name)
+			var outs []APIRmi
+			err = json.Unmarshal(body, &outs)
+			if err != nil {
+				return err
+			}
+			for _, out := range outs {
+				if out.Deleted != "" {
+					fmt.Println("Deleted:", out.Deleted)
+				} else {
+					fmt.Println("Untagged:", out.Untagged)
+				}
+			}
 		}
 	}
 	return nil
@@ -604,7 +623,7 @@ func (cli *DockerCli) CmdHistory(args ...string) error {
 		return err
 	}

-	var outs []ApiHistory
+	var outs []APIHistory
 	err = json.Unmarshal(body, &outs)
 	if err != nil {
 		return err
@@ -613,7 +632,10 @@ func (cli *DockerCli) CmdHistory(args ...string) error {
 	fmt.Fprintln(w, "ID\tCREATED\tCREATED BY")

 	for _, out := range outs {
-		fmt.Fprintf(w, "%s\t%s ago\t%s\n", out.Id, utils.HumanDuration(time.Now().Sub(time.Unix(out.Created, 0))), out.CreatedBy)
+		if out.Tags != nil {
+			out.ID = out.Tags[0]
+		}
+		fmt.Fprintf(w, "%s \t%s ago\t%s\n", out.ID, utils.HumanDuration(time.Now().Sub(time.Unix(out.Created, 0))), out.CreatedBy)
 	}
 	w.Flush()
 	return nil
@@ -702,18 +724,31 @@ func (cli *DockerCli) CmdPush(args ...string) error {
 		return nil
 	}

-	username, err := cli.checkIfLogged(*registry == "", "push")
-	if err != nil {
+	if err := cli.checkIfLogged(*registry == "", "push"); err != nil {
 		return err
 	}

 	if len(strings.SplitN(name, "/", 2)) == 1 {
-		return fmt.Errorf("Impossible to push a \"root\" repository. Please rename your repository in <user>/<repo> (ex: %s/%s)", username, name)
+		return fmt.Errorf("Impossible to push a \"root\" repository. Please rename your repository in <user>/<repo> (ex: %s/%s)", cli.authConfig.Username, name)
+	}
+
+	buf, err := json.Marshal(cli.authConfig)
+	if err != nil {
+		return err
+	}
+	nameParts := strings.SplitN(name, "/", 2)
+	validNamespace := regexp.MustCompile(`^([a-z0-9_]{4,30})$`)
+	if !validNamespace.MatchString(nameParts[0]) {
+		return fmt.Errorf("Invalid namespace name (%s), only [a-z0-9_] are allowed, size between 4 and 30", nameParts[0])
+	}
+	validRepo := regexp.MustCompile(`^([a-zA-Z0-9-_.]+)$`)
+	if !validRepo.MatchString(nameParts[1]) {
+		return fmt.Errorf("Invalid repository name (%s), only [a-zA-Z0-9-_.] are allowed", nameParts[1])
 	}

 	v := url.Values{}
 	v.Set("registry", *registry)
-	if err := cli.stream("POST", "/images/"+name+"/push?"+v.Encode(), nil, os.Stdout); err != nil {
+	if err := cli.stream("POST", "/images/"+name+"/push?"+v.Encode(), bytes.NewBuffer(buf), os.Stdout); err != nil {
 		return err
 	}
 	return nil
@@ -786,7 +821,7 @@ func (cli *DockerCli) CmdImages(args ...string) error {
 			return err
 		}

-		var outs []ApiImages
+		var outs []APIImages
 		err = json.Unmarshal(body, &outs)
 		if err != nil {
 			return err
@@ -794,7 +829,7 @@ func (cli *DockerCli) CmdImages(args ...string) error {

 		w := tabwriter.NewWriter(os.Stdout, 20, 1, 3, ' ', 0)
 		if !*quiet {
-			fmt.Fprintln(w, "REPOSITORY\tTAG\tID\tCREATED")
+			fmt.Fprintln(w, "REPOSITORY\tTAG\tID\tCREATED\tSIZE")
 		}

 		for _, out := range outs {
@@ -808,16 +843,21 @@ func (cli *DockerCli) CmdImages(args ...string) error {
 			if !*quiet {
 				fmt.Fprintf(w, "%s\t%s\t", out.Repository, out.Tag)
 				if *noTrunc {
-					fmt.Fprintf(w, "%s\t", out.Id)
+					fmt.Fprintf(w, "%s\t", out.ID)
 				} else {
-					fmt.Fprintf(w, "%s\t", utils.TruncateId(out.Id))
+					fmt.Fprintf(w, "%s\t", utils.TruncateID(out.ID))
+				}
+				fmt.Fprintf(w, "%s ago\t", utils.HumanDuration(time.Now().Sub(time.Unix(out.Created, 0))))
+				if out.VirtualSize > 0 {
+					fmt.Fprintf(w, "%s (virtual %s)\n", utils.HumanSize(out.Size), utils.HumanSize(out.VirtualSize))
+				} else {
+					fmt.Fprintf(w, "%s\n", utils.HumanSize(out.Size))
 				}
-				fmt.Fprintf(w, "%s ago\n", utils.HumanDuration(time.Now().Sub(time.Unix(out.Created, 0))))
 			} else {
 				if *noTrunc {
-					fmt.Fprintln(w, out.Id)
+					fmt.Fprintln(w, out.ID)
 				} else {
-					fmt.Fprintln(w, utils.TruncateId(out.Id))
+					fmt.Fprintln(w, utils.TruncateID(out.ID))
 				}
 			}
 		}
@@ -864,28 +904,33 @@ func (cli *DockerCli) CmdPs(args ...string) error {
 		return err
 	}

-	var outs []ApiContainers
+	var outs []APIContainers
 	err = json.Unmarshal(body, &outs)
 	if err != nil {
 		return err
 	}
 	w := tabwriter.NewWriter(os.Stdout, 20, 1, 3, ' ', 0)
 	if !*quiet {
-		fmt.Fprintln(w, "ID\tIMAGE\tCOMMAND\tCREATED\tSTATUS\tPORTS")
+		fmt.Fprintln(w, "ID\tIMAGE\tCOMMAND\tCREATED\tSTATUS\tPORTS\tSIZE")
 	}

 	for _, out := range outs {
 		if !*quiet {
 			if *noTrunc {
-				fmt.Fprintf(w, "%s\t%s\t%s\t%s ago\t%s\t%s\n", out.Id, out.Image, out.Command, utils.HumanDuration(time.Now().Sub(time.Unix(out.Created, 0))), out.Status, out.Ports)
+				fmt.Fprintf(w, "%s\t%s\t%s\t%s ago\t%s\t%s\t", out.ID, out.Image, out.Command, utils.HumanDuration(time.Now().Sub(time.Unix(out.Created, 0))), out.Status, out.Ports)
 			} else {
-				fmt.Fprintf(w, "%s\t%s\t%s\t%s ago\t%s\t%s\n", utils.TruncateId(out.Id), out.Image, utils.Trunc(out.Command, 20), utils.HumanDuration(time.Now().Sub(time.Unix(out.Created, 0))), out.Status, out.Ports)
+				fmt.Fprintf(w, "%s\t%s\t%s\t%s ago\t%s\t%s\t", utils.TruncateID(out.ID), out.Image, utils.Trunc(out.Command, 20), utils.HumanDuration(time.Now().Sub(time.Unix(out.Created, 0))), out.Status, out.Ports)
+			}
+			if out.SizeRootFs > 0 {
+				fmt.Fprintf(w, "%s (virtual %s)\n", utils.HumanSize(out.SizeRw), utils.HumanSize(out.SizeRootFs))
+			} else {
+				fmt.Fprintf(w, "%s\n", utils.HumanSize(out.SizeRw))
 			}
 		} else {
 			if *noTrunc {
-				fmt.Fprintln(w, out.Id)
+				fmt.Fprintln(w, out.ID)
 			} else {
-				fmt.Fprintln(w, utils.TruncateId(out.Id))
+				fmt.Fprintln(w, utils.TruncateID(out.ID))
 			}
 		}
 	}
@@ -928,13 +973,13 @@ func (cli *DockerCli) CmdCommit(args ...string) error {
 		return err
 	}

-	apiId := &ApiId{}
-	err = json.Unmarshal(body, apiId)
+	apiID := &APIID{}
+	err = json.Unmarshal(body, apiID)
 	if err != nil {
 		return err
 	}

-	fmt.Println(apiId.Id)
+	fmt.Println(apiID.ID)
 	return nil
 }

@@ -1021,35 +1066,22 @@ func (cli *DockerCli) CmdAttach(args ...string) error {
 		return err
 	}

-	splitStderr := container.Config.Tty
+	if !container.State.Running {
+		return fmt.Errorf("Impossible to attach to a stopped container, start it first")
+	}

-	connections := 1
-	if splitStderr {
-		connections += 1
-	}
-	chErrors := make(chan error, connections)
-	cli.monitorTtySize(cmd.Arg(0))
-	if splitStderr {
-		go func() {
-			chErrors <- cli.hijack("POST", "/containers/"+cmd.Arg(0)+"/attach?stream=1&stderr=1", false, nil, os.Stderr)
-		}()
+	if container.Config.Tty {
+		cli.monitorTtySize(cmd.Arg(0))
 	}
+
 	v := url.Values{}
 	v.Set("stream", "1")
 	v.Set("stdin", "1")
 	v.Set("stdout", "1")
-	if !splitStderr {
-		v.Set("stderr", "1")
-	}
-	go func() {
-		chErrors <- cli.hijack("POST", "/containers/"+cmd.Arg(0)+"/attach?"+v.Encode(), container.Config.Tty, os.Stdin, os.Stdout)
-	}()
-	for connections > 0 {
-		err := <-chErrors
-		if err != nil {
-			return err
-		}
-		connections -= 1
+	v.Set("stderr", "1")
+
+	if err := cli.hijack("POST", "/containers/"+cmd.Arg(0)+"/attach?"+v.Encode(), container.Config.Tty, os.Stdin, os.Stdout); err != nil {
+		return err
 	}
 	return nil
 }
@@ -1071,7 +1103,7 @@ func (cli *DockerCli) CmdSearch(args ...string) error {
 		return err
 	}

-	outs := []ApiSearch{}
+	outs := []APISearch{}
 	err = json.Unmarshal(body, &outs)
 	if err != nil {
 		return err
@@ -1080,7 +1112,12 @@ func (cli *DockerCli) CmdSearch(args ...string) error {
 	w := tabwriter.NewWriter(os.Stdout, 20, 1, 3, ' ', 0)
 	fmt.Fprintf(w, "NAME\tDESCRIPTION\n")
 	for _, out := range outs {
-		fmt.Fprintf(w, "%s\t%s\n", out.Name, out.Description)
+		desc := strings.Replace(out.Description, "\n", " ", -1)
+		desc = strings.Replace(desc, "\r", " ", -1)
+		if len(desc) > 45 {
+			desc = utils.Trunc(desc, 42) + "..."
+		}
+		fmt.Fprintf(w, "%s\t%s\n", out.Name, desc)
 	}
 	w.Flush()
 	return nil
@@ -1203,7 +1240,7 @@ func (cli *DockerCli) CmdRun(args ...string) error {
 		return err
 	}

-	out := &ApiRun{}
+	out := &APIRun{}
 	err = json.Unmarshal(body, out)
 	if err != nil {
 		return err
@@ -1213,30 +1250,17 @@ func (cli *DockerCli) CmdRun(args ...string) error {
 		fmt.Fprintln(os.Stderr, "WARNING: ", warning)
 	}

-	splitStderr := !config.Tty
-
-	connections := 0
-	if config.AttachStdin || config.AttachStdout || (!splitStderr && config.AttachStderr) {
-		connections += 1
-	}
-	if splitStderr && config.AttachStderr {
-		connections += 1
-	}
-
 	//start the container
-	_, _, err = cli.call("POST", "/containers/"+out.Id+"/start", nil)
+	_, _, err = cli.call("POST", "/containers/"+out.ID+"/start", nil)
 	if err != nil {
 		return err
 	}

-	if connections > 0 {
-		chErrors := make(chan error, connections)
-		cli.monitorTtySize(out.Id)
-
-		if splitStderr && config.AttachStderr {
-			go func() {
-				chErrors <- cli.hijack("POST", "/containers/"+out.Id+"/attach?logs=1&stream=1&stderr=1", config.Tty, nil, os.Stderr)
-			}()
+	if !config.AttachStdout && !config.AttachStderr {
+		fmt.Println(out.ID)
+	} else {
+		if config.Tty {
+			cli.monitorTtySize(out.ID)
 		}

 		v := url.Values{}
@@ -1249,58 +1273,28 @@ func (cli *DockerCli) CmdRun(args ...string) error {
 		if config.AttachStdout {
 			v.Set("stdout", "1")
 		}
-		if !splitStderr && config.AttachStderr {
+		if config.AttachStderr {
 			v.Set("stderr", "1")
 		}
-		go func() {
-			chErrors <- cli.hijack("POST", "/containers/"+out.Id+"/attach?"+v.Encode(), config.Tty, os.Stdin, os.Stdout)
-		}()
-		for connections > 0 {
-			err := <-chErrors
-			if err != nil {
-				return err
-			}
-			connections -= 1
+		if err := cli.hijack("POST", "/containers/"+out.ID+"/attach?"+v.Encode(), config.Tty, os.Stdin, os.Stdout); err != nil {
+			utils.Debugf("Error hijack: %s", err)
+			return err
 		}
 	}
-	if !config.AttachStdout && !config.AttachStderr {
-		fmt.Println(out.Id)
-	}
 	return nil
 }

-func (cli *DockerCli) checkIfLogged(condition bool, action string) (string, error) {
-	body, _, err := cli.call("GET", "/auth", nil)
-	if err != nil {
-		return "", err
-	}
-
-	var out auth.AuthConfig
-	err = json.Unmarshal(body, &out)
-	if err != nil {
-		return "", err
-	}
-
+func (cli *DockerCli) checkIfLogged(condition bool, action string) error {
 	// If condition AND the login failed
-	if condition && out.Username == "" {
+	if condition && cli.authConfig.Username == "" {
 		if err := cli.CmdLogin(""); err != nil {
-			return "", err
+			return err
 		}
-
-		body, _, err = cli.call("GET", "/auth", nil)
-		if err != nil {
-			return "", err
-		}
-		err = json.Unmarshal(body, &out)
-		if err != nil {
-			return "", err
-		}
-
-		if out.Username == "" {
-			return "", fmt.Errorf("Please login prior to %s. ('docker login')", action)
+		if cli.authConfig.Username == "" {
+			return fmt.Errorf("Please login prior to %s. ('docker login')", action)
 		}
 	}
-	return out.Username, nil
+	return nil
 }

 func (cli *DockerCli) call(method, path string, data interface{}) ([]byte, int, error) {
@@ -1313,7 +1307,7 @@ func (cli *DockerCli) call(method, path string, data interface{}) ([]byte, int,
 		params = bytes.NewBuffer(buf)
 	}

-	req, err := http.NewRequest(method, fmt.Sprintf("http://%s:%d/v%g%s", cli.host, cli.port, API_VERSION, path), params)
+	req, err := http.NewRequest(method, fmt.Sprintf("/v%g%s", APIVERSION, path), params)
 	if err != nil {
 		return nil, -1, err
 	}
@@ -1323,7 +1317,13 @@ func (cli *DockerCli) call(method, path string, data interface{}) ([]byte, int,
 	} else if method == "POST" {
 		req.Header.Set("Content-Type", "plain/text")
 	}
-	resp, err := http.DefaultClient.Do(req)
+	dial, err := net.Dial(cli.proto, cli.addr)
+	if err != nil {
+		return nil, -1, err
+	}
+	clientconn := httputil.NewClientConn(dial, nil)
+	resp, err := clientconn.Do(req)
+	defer clientconn.Close()
 	if err != nil {
 		if strings.Contains(err.Error(), "connection refused") {
 			return nil, -1, fmt.Errorf("Can't connect to docker daemon. Is 'docker -d' running on this host?")
@@ -1336,7 +1336,10 @@ func (cli *DockerCli) call(method, path string, data interface{}) ([]byte, int,
 		return nil, -1, err
 	}
 	if resp.StatusCode < 200 || resp.StatusCode >= 400 {
-		return nil, resp.StatusCode, fmt.Errorf("error: %s", body)
+		if len(body) == 0 {
+			return nil, resp.StatusCode, fmt.Errorf("Error: %s", http.StatusText(resp.StatusCode))
+		}
+		return nil, resp.StatusCode, fmt.Errorf("Error: %s", body)
 	}
 	return body, resp.StatusCode, nil
 }
@@ -1345,7 +1348,7 @@ func (cli *DockerCli) stream(method, path string, in io.Reader, out io.Writer) e
 	if (method == "POST" || method == "PUT") && in == nil {
 		in = bytes.NewReader([]byte{})
 	}
-	req, err := http.NewRequest(method, fmt.Sprintf("http://%s:%d/v%g%s", cli.host, cli.port, API_VERSION, path), in)
+	req, err := http.NewRequest(method, fmt.Sprintf("/v%g%s", APIVERSION, path), in)
 	if err != nil {
 		return err
 	}
@@ -1353,7 +1356,13 @@ func (cli *DockerCli) stream(method, path string, in io.Reader, out io.Writer) e
 	if method == "POST" {
 		req.Header.Set("Content-Type", "plain/text")
 	}
-	resp, err := http.DefaultClient.Do(req)
+	dial, err := net.Dial(cli.proto, cli.addr)
+	if err != nil {
+		return err
+	}
+	clientconn := httputil.NewClientConn(dial, nil)
+	resp, err := clientconn.Do(req)
+	defer clientconn.Close()
 	if err != nil {
 		if strings.Contains(err.Error(), "connection refused") {
 			return fmt.Errorf("Can't connect to docker daemon. Is 'docker -d' running on this host?")
@@ -1366,20 +1375,23 @@ func (cli *DockerCli) stream(method, path string, in io.Reader, out io.Writer) e
 		if err != nil {
 			return err
 		}
-		return fmt.Errorf("error: %s", body)
+		if len(body) == 0 {
+			return fmt.Errorf("Error :%s", http.StatusText(resp.StatusCode))
+		}
+		return fmt.Errorf("Error: %s", body)
 	}

 	if resp.Header.Get("Content-Type") == "application/json" {
 		dec := json.NewDecoder(resp.Body)
 		for {
-			var m utils.JsonMessage
+			var m utils.JSONMessage
 			if err := dec.Decode(&m); err == io.EOF {
 				break
 			} else if err != nil {
 				return err
 			}
 			if m.Progress != "" {
-				fmt.Fprintf(out, "Downloading %s\r", m.Progress)
+				fmt.Fprintf(out, "%s %s\r", m.Status, m.Progress)
 			} else if m.Error != "" {
 				return fmt.Errorf(m.Error)
 			} else {
@@ -1395,12 +1407,12 @@ func (cli *DockerCli) stream(method, path string, in io.Reader, out io.Writer) e
 }

 func (cli *DockerCli) hijack(method, path string, setRawTerminal bool, in *os.File, out io.Writer) error {
-	req, err := http.NewRequest(method, fmt.Sprintf("/v%g%s", API_VERSION, path), nil)
+	req, err := http.NewRequest(method, fmt.Sprintf("/v%g%s", APIVERSION, path), nil)
 	if err != nil {
 		return err
 	}
 	req.Header.Set("Content-Type", "plain/text")
-	dial, err := net.Dial("tcp", fmt.Sprintf("%s:%d", cli.host, cli.port))
+	dial, err := net.Dial(cli.proto, cli.addr)
 	if err != nil {
 		return err
 	}
@@ -1417,26 +1429,29 @@ func (cli *DockerCli) hijack(method, path string, setRawTerminal bool, in *os.Fi
 	})

 	if in != nil && setRawTerminal && term.IsTerminal(in.Fd()) && os.Getenv("NORAW") == "" {
-		if oldState, err := term.SetRawTerminal(); err != nil {
+		oldState, err := term.SetRawTerminal()
+		if err != nil {
 			return err
-		} else {
-			defer term.RestoreTerminal(oldState)
 		}
+		defer term.RestoreTerminal(oldState)
 	}
 	sendStdin := utils.Go(func() error {
-		_, err := io.Copy(rwc, in)
+		io.Copy(rwc, in)
 		if err := rwc.(*net.TCPConn).CloseWrite(); err != nil {
-			fmt.Fprintf(os.Stderr, "Couldn't send EOF: %s\n", err)
+			utils.Debugf("Couldn't send EOF: %s\n", err)
 		}
-		return err
+		// Discard errors due to pipe interruption
+		return nil
 	})

 	if err := <-receiveStdout; err != nil {
+		utils.Debugf("Error receiveStdout: %s", err)
 		return err
 	}

-	if !term.IsTerminal(os.Stdin.Fd()) {
+	if !term.IsTerminal(in.Fd()) {
 		if err := <-sendStdin; err != nil {
+			utils.Debugf("Error sendStdin: %s", err)
 			return err
 		}
 	}
@@ -1480,11 +1495,13 @@ func Subcmd(name, signature, description string) *flag.FlagSet {
 	return flags
 }

-func NewDockerCli(addr string, port int) *DockerCli {
-	return &DockerCli{addr, port}
+func NewDockerCli(proto, addr string) *DockerCli {
+	authConfig, _ := auth.LoadConfig(os.Getenv("HOME"))
+	return &DockerCli{proto, addr, authConfig}
 }

 type DockerCli struct {
-	host string
-	port int
+	proto      string
+	addr       string
+	authConfig *auth.AuthConfig
 }
--- a/container.go
+++ b/container.go
@@ -13,6 +13,7 @@ import (
 	"os"
 	"os/exec"
 	"path"
+	"path/filepath"
 	"sort"
 	"strconv"
 	"strings"
@@ -23,7 +24,7 @@ import (
 type Container struct {
 	root string

-	Id string
+	ID string

 	Created time.Time

@@ -167,8 +168,8 @@ func ParseRun(args []string, capabilities *Capabilities) (*Config, *flag.FlagSet
 }

 type NetworkSettings struct {
-	IpAddress   string
-	IpPrefixLen int
+	IPAddress   string
+	IPPrefixLen int
 	Gateway     string
 	Bridge      string
 	PortMapping map[string]string
@@ -355,6 +356,18 @@ func (container *Container) Attach(stdin io.ReadCloser, stdinCloser io.Closer, s
 				errors <- err
 			}()
 		}
+	} else {
+		go func() {
+			if stdinCloser != nil {
+				defer stdinCloser.Close()
+			}
+
+			if cStdout, err := container.StdoutPipe(); err != nil {
+				utils.Debugf("Error stdout pipe")
+			} else {
+				io.Copy(&utils.NopWriter{}, cStdout)
+			}
+		}()
 	}
 	if stderr != nil {
 		nJobs += 1
@@ -381,7 +394,20 @@ func (container *Container) Attach(stdin io.ReadCloser, stdinCloser io.Closer, s
 				errors <- err
 			}()
 		}
+	} else {
+		go func() {
+			if stdinCloser != nil {
+				defer stdinCloser.Close()
+			}
+
+			if cStderr, err := container.StderrPipe(); err != nil {
+				utils.Debugf("Error stdout pipe")
+			} else {
+				io.Copy(&utils.NopWriter{}, cStderr)
+			}
+		}()
 	}
+
 	return utils.Go(func() error {
 		if cStdout != nil {
 			defer cStdout.Close()
@@ -409,7 +435,7 @@ func (container *Container) Start() error {
 	defer container.State.unlock()

 	if container.State.Running {
-		return fmt.Errorf("The container %s is already running.", container.Id)
+		return fmt.Errorf("The container %s is already running.", container.ID)
 	}
 	if err := container.EnsureMounted(); err != nil {
 		return err
@@ -431,24 +457,24 @@ func (container *Container) Start() error {

 	// Create the requested volumes volumes
 	for volPath := range container.Config.Volumes {
-		if c, err := container.runtime.volumes.Create(nil, container, "", "", nil); err != nil {
+		c, err := container.runtime.volumes.Create(nil, container, "", "", nil)
+		if err != nil {
 			return err
-		} else {
-			if err := os.MkdirAll(path.Join(container.RootfsPath(), volPath), 0755); err != nil {
-				return nil
-			}
-			container.Volumes[volPath] = c.Id
 		}
+		if err := os.MkdirAll(path.Join(container.RootfsPath(), volPath), 0755); err != nil {
+			return nil
+		}
+		container.Volumes[volPath] = c.ID
 	}

 	if container.Config.VolumesFrom != "" {
 		c := container.runtime.Get(container.Config.VolumesFrom)
 		if c == nil {
-			return fmt.Errorf("Container %s not found. Impossible to mount its volumes", container.Id)
+			return fmt.Errorf("Container %s not found. Impossible to mount its volumes", container.ID)
 		}
 		for volPath, id := range c.Volumes {
 			if _, exists := container.Volumes[volPath]; exists {
-				return fmt.Errorf("The requested volume %s overlap one of the volume of the container %s", volPath, c.Id)
+				return fmt.Errorf("The requested volume %s overlap one of the volume of the container %s", volPath, c.ID)
 			}
 			if err := os.MkdirAll(path.Join(container.RootfsPath(), volPath), 0755); err != nil {
 				return nil
@@ -462,7 +488,7 @@ func (container *Container) Start() error {
 	}

 	params := []string{
-		"-n", container.Id,
+		"-n", container.ID,
 		"-f", container.lxcConfigPath(),
 		"--",
 		"/sbin/init",
@@ -573,17 +599,17 @@ func (container *Container) allocateNetwork() error {
 	}
 	container.NetworkSettings.PortMapping = make(map[string]string)
 	for _, spec := range container.Config.PortSpecs {
-		if nat, err := iface.AllocatePort(spec); err != nil {
+		nat, err := iface.AllocatePort(spec)
+		if err != nil {
 			iface.Release()
 			return err
-		} else {
-			container.NetworkSettings.PortMapping[strconv.Itoa(nat.Backend)] = strconv.Itoa(nat.Frontend)
 		}
+		container.NetworkSettings.PortMapping[strconv.Itoa(nat.Backend)] = strconv.Itoa(nat.Frontend)
 	}
 	container.network = iface
 	container.NetworkSettings.Bridge = container.runtime.networkManager.bridgeIface
-	container.NetworkSettings.IpAddress = iface.IPNet.IP.String()
-	container.NetworkSettings.IpPrefixLen, _ = iface.IPNet.Mask.Size()
+	container.NetworkSettings.IPAddress = iface.IPNet.IP.String()
+	container.NetworkSettings.IPPrefixLen, _ = iface.IPNet.Mask.Size()
 	container.NetworkSettings.Gateway = iface.Gateway.String()
 	return nil
 }
@@ -597,16 +623,16 @@ func (container *Container) releaseNetwork() {
 // FIXME: replace this with a control socket within docker-init
 func (container *Container) waitLxc() error {
 	for {
-		if output, err := exec.Command("lxc-info", "-n", container.Id).CombinedOutput(); err != nil {
+		output, err := exec.Command("lxc-info", "-n", container.ID).CombinedOutput()
+		if err != nil {
 			return err
-		} else {
-			if !strings.Contains(string(output), "RUNNING") {
-				return nil
-			}
+		}
+		if !strings.Contains(string(output), "RUNNING") {
+			return nil
 		}
 		time.Sleep(500 * time.Millisecond)
 	}
-	return nil
+	panic("Unreachable")
 }

 func (container *Container) monitor() {
@@ -616,17 +642,17 @@ func (container *Container) monitor() {
 	// If the command does not exists, try to wait via lxc
 	if container.cmd == nil {
 		if err := container.waitLxc(); err != nil {
-			utils.Debugf("%s: Process: %s", container.Id, err)
+			utils.Debugf("%s: Process: %s", container.ID, err)
 		}
 	} else {
 		if err := container.cmd.Wait(); err != nil {
 			// Discard the error as any signals or non 0 returns will generate an error
-			utils.Debugf("%s: Process: %s", container.Id, err)
+			utils.Debugf("%s: Process: %s", container.ID, err)
 		}
 	}
 	utils.Debugf("Process finished")

-	var exitCode int = -1
+	exitCode := -1
 	if container.cmd != nil {
 		exitCode = container.cmd.ProcessState.Sys().(syscall.WaitStatus).ExitStatus()
 	}
@@ -635,24 +661,24 @@ func (container *Container) monitor() {
 	container.releaseNetwork()
 	if container.Config.OpenStdin {
 		if err := container.stdin.Close(); err != nil {
-			utils.Debugf("%s: Error close stdin: %s", container.Id, err)
+			utils.Debugf("%s: Error close stdin: %s", container.ID, err)
 		}
 	}
 	if err := container.stdout.CloseWriters(); err != nil {
-		utils.Debugf("%s: Error close stdout: %s", container.Id, err)
+		utils.Debugf("%s: Error close stdout: %s", container.ID, err)
 	}
 	if err := container.stderr.CloseWriters(); err != nil {
-		utils.Debugf("%s: Error close stderr: %s", container.Id, err)
+		utils.Debugf("%s: Error close stderr: %s", container.ID, err)
 	}

 	if container.ptyMaster != nil {
 		if err := container.ptyMaster.Close(); err != nil {
-			utils.Debugf("%s: Error closing Pty master: %s", container.Id, err)
+			utils.Debugf("%s: Error closing Pty master: %s", container.ID, err)
 		}
 	}

 	if err := container.Unmount(); err != nil {
-		log.Printf("%v: Failed to umount filesystem: %v", container.Id, err)
+		log.Printf("%v: Failed to umount filesystem: %v", container.ID, err)
 	}

 	// Re-create a brand new stdin pipe once the container exited
@@ -673,7 +699,7 @@ func (container *Container) monitor() {
 		// This is because State.setStopped() has already been called, and has caused Wait()
 		// to return.
 		// FIXME: why are we serializing running state to disk in the first place?
-		//log.Printf("%s: Failed to dump configuration to the disk: %s", container.Id, err)
+		//log.Printf("%s: Failed to dump configuration to the disk: %s", container.ID, err)
 	}
 }

@@ -683,17 +709,17 @@ func (container *Container) kill() error {
 	}

 	// Sending SIGKILL to the process via lxc
-	output, err := exec.Command("lxc-kill", "-n", container.Id, "9").CombinedOutput()
+	output, err := exec.Command("lxc-kill", "-n", container.ID, "9").CombinedOutput()
 	if err != nil {
-		log.Printf("error killing container %s (%s, %s)", container.Id, output, err)
+		log.Printf("error killing container %s (%s, %s)", container.ID, output, err)
 	}

 	// 2. Wait for the process to die, in last resort, try to kill the process directly
 	if err := container.WaitTimeout(10 * time.Second); err != nil {
 		if container.cmd == nil {
-			return fmt.Errorf("lxc-kill failed, impossible to kill the container %s", container.Id)
+			return fmt.Errorf("lxc-kill failed, impossible to kill the container %s", container.ID)
 		}
-		log.Printf("Container %s failed to exit within 10 seconds of lxc SIGKILL - trying direct SIGKILL", container.Id)
+		log.Printf("Container %s failed to exit within 10 seconds of lxc SIGKILL - trying direct SIGKILL", container.ID)
 		if err := container.cmd.Process.Kill(); err != nil {
 			return err
 		}
@@ -721,7 +747,7 @@ func (container *Container) Stop(seconds int) error {
 	}

 	// 1. Send a SIGTERM
-	if output, err := exec.Command("lxc-kill", "-n", container.Id, "15").CombinedOutput(); err != nil {
+	if output, err := exec.Command("lxc-kill", "-n", container.ID, "15").CombinedOutput(); err != nil {
 		log.Print(string(output))
 		log.Print("Failed to send SIGTERM to the process, force killing")
 		if err := container.kill(); err != nil {
@@ -731,7 +757,7 @@ func (container *Container) Stop(seconds int) error {

 	// 2. Wait for the process to exit on its own
 	if err := container.WaitTimeout(time.Duration(seconds) * time.Second); err != nil {
-		log.Printf("Container %v failed to exit within %d seconds of SIGTERM - using the force", container.Id, seconds)
+		log.Printf("Container %v failed to exit within %d seconds of SIGTERM - using the force", container.ID, seconds)
 		if err := container.kill(); err != nil {
 			return err
 		}
@@ -795,7 +821,8 @@ func (container *Container) WaitTimeout(timeout time.Duration) error {
 	case <-done:
 		return nil
 	}
-	panic("unreachable")
+
+	panic("Unreachable")
 }

 func (container *Container) EnsureMounted() error {
@@ -838,16 +865,16 @@ func (container *Container) Unmount() error {
 	return Unmount(container.RootfsPath())
 }

-// ShortId returns a shorthand version of the container's id for convenience.
+// ShortID returns a shorthand version of the container's id for convenience.
 // A collision with other container shorthands is very unlikely, but possible.
 // In case of a collision a lookup with Runtime.Get() will fail, and the caller
 // will need to use a langer prefix, or the full-length container Id.
-func (container *Container) ShortId() string {
-	return utils.TruncateId(container.Id)
+func (container *Container) ShortID() string {
+	return utils.TruncateID(container.ID)
 }

 func (container *Container) logPath(name string) string {
-	return path.Join(container.root, fmt.Sprintf("%s-%s.log", container.Id, name))
+	return path.Join(container.root, fmt.Sprintf("%s-%s.log", container.ID, name))
 }

 func (container *Container) ReadLog(name string) (io.Reader, error) {
@@ -887,9 +914,32 @@ func (container *Container) rwPath() string {
 	return path.Join(container.root, "rw")
 }

-func validateId(id string) error {
+func validateID(id string) error {
 	if id == "" {
 		return fmt.Errorf("Invalid empty id")
 	}
 	return nil
 }
+
+// GetSize, return real size, virtual size
+func (container *Container) GetSize() (int64, int64) {
+	var sizeRw, sizeRootfs int64
+
+	filepath.Walk(container.rwPath(), func(path string, fileInfo os.FileInfo, err error) error {
+		if fileInfo != nil {
+			sizeRw += fileInfo.Size()
+		}
+		return nil
+	})
+
+	_, err := os.Stat(container.RootfsPath())
+	if err == nil {
+		filepath.Walk(container.RootfsPath(), func(path string, fileInfo os.FileInfo, err error) error {
+			if fileInfo != nil {
+				sizeRootfs += fileInfo.Size()
+			}
+			return nil
+		})
+	}
+	return sizeRw, sizeRootfs
+}
--- a/container_test.go
+++ b/container_test.go
@@ -14,7 +14,7 @@ import (
 	"time"
 )

-func TestIdFormat(t *testing.T) {
+func TestIDFormat(t *testing.T) {
 	runtime, err := newTestRuntime()
 	if err != nil {
 		t.Fatal(err)
@@ -22,19 +22,19 @@ func TestIdFormat(t *testing.T) {
 	defer nuke(runtime)
 	container1, err := NewBuilder(runtime).Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"/bin/sh", "-c", "echo hello world"},
 		},
 	)
 	if err != nil {
 		t.Fatal(err)
 	}
-	match, err := regexp.Match("^[0-9a-f]{64}$", []byte(container1.Id))
+	match, err := regexp.Match("^[0-9a-f]{64}$", []byte(container1.ID))
 	if err != nil {
 		t.Fatal(err)
 	}
 	if !match {
-		t.Fatalf("Invalid container ID: %s", container1.Id)
+		t.Fatalf("Invalid container ID: %s", container1.ID)
 	}
 }

@@ -46,7 +46,7 @@ func TestMultipleAttachRestart(t *testing.T) {
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd: []string{"/bin/sh", "-c",
 				"i=1; while [ $i -le 5 ]; do i=`expr $i + 1`;  echo hello; done"},
 		},
@@ -153,7 +153,7 @@ func TestDiff(t *testing.T) {
 	// Create a container and remove a file
 	container1, err := builder.Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"/bin/rm", "/etc/passwd"},
 		},
 	)
@@ -194,7 +194,7 @@ func TestDiff(t *testing.T) {
 	// Create a new container from the commited image
 	container2, err := builder.Create(
 		&Config{
-			Image: img.Id,
+			Image: img.ID,
 			Cmd:   []string{"cat", "/etc/passwd"},
 		},
 	)
@@ -221,7 +221,7 @@ func TestDiff(t *testing.T) {
 	// Create a new containere
 	container3, err := builder.Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"rm", "/bin/httpd"},
 		},
 	)
@@ -260,7 +260,7 @@ func TestCommitAutoRun(t *testing.T) {
 	builder := NewBuilder(runtime)
 	container1, err := builder.Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"/bin/sh", "-c", "echo hello > /world"},
 		},
 	)
@@ -291,7 +291,7 @@ func TestCommitAutoRun(t *testing.T) {
 	// FIXME: Make a TestCommit that stops here and check docker.root/layers/img.id/world
 	container2, err := builder.Create(
 		&Config{
-			Image: img.Id,
+			Image: img.ID,
 		},
 	)
 	if err != nil {
@@ -340,7 +340,7 @@ func TestCommitRun(t *testing.T) {

 	container1, err := builder.Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"/bin/sh", "-c", "echo hello > /world"},
 		},
 	)
@@ -372,7 +372,7 @@ func TestCommitRun(t *testing.T) {

 	container2, err := builder.Create(
 		&Config{
-			Image: img.Id,
+			Image: img.ID,
 			Cmd:   []string{"cat", "/world"},
 		},
 	)
@@ -419,7 +419,7 @@ func TestStart(t *testing.T) {
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(
 		&Config{
-			Image:     GetTestImage(runtime).Id,
+			Image:     GetTestImage(runtime).ID,
 			Memory:    33554432,
 			CpuShares: 1000,
 			Cmd:       []string{"/bin/cat"},
@@ -463,7 +463,7 @@ func TestRun(t *testing.T) {
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"ls", "-al"},
 		},
 	)
@@ -491,7 +491,7 @@ func TestOutput(t *testing.T) {
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"echo", "-n", "foobar"},
 		},
 	)
@@ -515,7 +515,7 @@ func TestKillDifferentUser(t *testing.T) {
 	}
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"tail", "-f", "/etc/resolv.conf"},
 		User:  "daemon",
 	},
@@ -563,7 +563,7 @@ func TestKill(t *testing.T) {
 	}
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"cat", "/dev/zero"},
 	},
 	)
@@ -611,7 +611,7 @@ func TestExitCode(t *testing.T) {
 	builder := NewBuilder(runtime)

 	trueContainer, err := builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"/bin/true", ""},
 	})
 	if err != nil {
@@ -626,7 +626,7 @@ func TestExitCode(t *testing.T) {
 	}

 	falseContainer, err := builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"/bin/false", ""},
 	})
 	if err != nil {
@@ -648,7 +648,7 @@ func TestRestart(t *testing.T) {
 	}
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"echo", "-n", "foobar"},
 	},
 	)
@@ -681,7 +681,7 @@ func TestRestartStdin(t *testing.T) {
 	}
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"cat"},

 		OpenStdin: true,
@@ -763,7 +763,7 @@ func TestUser(t *testing.T) {

 	// Default user must be root
 	container, err := builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"id"},
 	},
 	)
@@ -781,7 +781,7 @@ func TestUser(t *testing.T) {

 	// Set a username
 	container, err = builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"id"},

 		User: "root",
@@ -801,7 +801,7 @@ func TestUser(t *testing.T) {

 	// Set a UID
 	container, err = builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"id"},

 		User: "0",
@@ -821,7 +821,7 @@ func TestUser(t *testing.T) {

 	// Set a different user by uid
 	container, err = builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"id"},

 		User: "1",
@@ -843,7 +843,7 @@ func TestUser(t *testing.T) {

 	// Set a different user by username
 	container, err = builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"id"},

 		User: "daemon",
@@ -872,7 +872,7 @@ func TestMultipleContainers(t *testing.T) {
 	builder := NewBuilder(runtime)

 	container1, err := builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"cat", "/dev/zero"},
 	},
 	)
@@ -882,7 +882,7 @@ func TestMultipleContainers(t *testing.T) {
 	defer runtime.Destroy(container1)

 	container2, err := builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"cat", "/dev/zero"},
 	},
 	)
@@ -928,7 +928,7 @@ func TestStdin(t *testing.T) {
 	}
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"cat"},

 		OpenStdin: true,
@@ -975,7 +975,7 @@ func TestTty(t *testing.T) {
 	}
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"cat"},

 		OpenStdin: true,
@@ -1022,7 +1022,7 @@ func TestEnv(t *testing.T) {
 	}
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"/usr/bin/env"},
 	},
 	)
@@ -1100,7 +1100,7 @@ func TestLXCConfig(t *testing.T) {
 	cpuMax := 10000
 	cpu := cpuMin + rand.Intn(cpuMax-cpuMin)
 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"/bin/true"},

 		Hostname:  "foobar",
@@ -1128,7 +1128,7 @@ func BenchmarkRunSequencial(b *testing.B) {
 	defer nuke(runtime)
 	for i := 0; i < b.N; i++ {
 		container, err := NewBuilder(runtime).Create(&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{"echo", "-n", "foo"},
 		},
 		)
@@ -1163,7 +1163,7 @@ func BenchmarkRunParallel(b *testing.B) {
 		tasks = append(tasks, complete)
 		go func(i int, complete chan error) {
 			container, err := NewBuilder(runtime).Create(&Config{
-				Image: GetTestImage(runtime).Id,
+				Image: GetTestImage(runtime).ID,
 				Cmd:   []string{"echo", "-n", "foo"},
 			},
 			)
--- a/contrib/crashTest.go
+++ b/contrib/crashTest.go
@@ -11,13 +11,13 @@ import (
 	"time"
 )

-var DOCKER_PATH string = path.Join(os.Getenv("DOCKERPATH"), "docker")
+var DOCKERPATH = path.Join(os.Getenv("DOCKERPATH"), "docker")

 // WARNING: this crashTest will 1) crash your host, 2) remove all containers
 func runDaemon() (*exec.Cmd, error) {
 	os.Remove("/var/run/docker.pid")
 	exec.Command("rm", "-rf", "/var/lib/docker/containers").Run()
-	cmd := exec.Command(DOCKER_PATH, "-d")
+	cmd := exec.Command(DOCKERPATH, "-d")
 	outPipe, err := cmd.StdoutPipe()
 	if err != nil {
 		return nil, err
@@ -77,7 +77,7 @@ func crashTest() error {
 			stop = false
 			for i := 0; i < 100 && !stop; {
 				func() error {
-					cmd := exec.Command(DOCKER_PATH, "run", "base", "echo", fmt.Sprintf("%d", totalTestCount))
+					cmd := exec.Command(DOCKERPATH, "run", "base", "echo", fmt.Sprintf("%d", totalTestCount))
 					i++
 					totalTestCount++
 					outPipe, err := cmd.StdoutPipe()
--- a/contrib/docker-build/MAINTAINERS
+++ b/contrib/docker-build/MAINTAINERS
@@ -1 +0,0 @@
-Solomon Hykes <solomon@dotcloud.com>
--- a/contrib/docker-build/README
+++ b/contrib/docker-build/README
@@ -1,68 +0,0 @@
-# docker-build: build your software with docker
-
-## Description
-
-docker-build is a script to build docker images from source. It will be deprecated once the 'build' feature is incorporated into docker itself (See https://github.com/dotcloud/docker/issues/278)
-
-Author: Solomon Hykes <solomon@dotcloud.com>
-
-
-## Install
-
-docker-builder requires:
-
-1) A reasonably recent Python setup (tested on 2.7.2).
-
-2) A running docker daemon at version 0.1.4 or more recent (http://www.docker.io/gettingstarted)
-
-
-## Usage
-
-First create a valid Changefile, which defines a sequence of changes to apply to a base image.
-
-    $ cat Changefile
-    # Start build from a know base image
-    from	base:ubuntu-12.10
-    # Update ubuntu sources
-    run	echo 'deb http://archive.ubuntu.com/ubuntu quantal main universe multiverse' > /etc/apt/sources.list
-    run	apt-get update
-    # Install system packages
-    run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q git
-    run DEBIAN_FRONTEND=noninteractive apt-get install -y -q curl
-    run DEBIAN_FRONTEND=noninteractive apt-get install -y -q golang
-    # Insert files from the host (./myscript must be present in the current directory)
-    copy	myscript /usr/local/bin/myscript
-
-
-Run docker-build, and pass the contents of your Changefile as standard input.
-
-    $ IMG=$(./docker-build < Changefile)
-
-This will take a while: for each line of the changefile, docker-build will:
-
-1. Create a new container to execute the given command or insert the given file
-2. Wait for the container to complete execution
-3. Commit the resulting changes as a new image
-4. Use the resulting image as the input of the next step
-
-
-If all the steps succeed, the result will be an image containing the combined results of each build step.
-You can trace back those build steps by inspecting the image's history:
-
-    $ docker history $IMG
-    ID                  CREATED             CREATED BY
-    1e9e2045de86        A few seconds ago   /bin/sh -c cat > /usr/local/bin/myscript; chmod +x /usr/local/bin/git
-    77db140aa62a        A few seconds ago   /bin/sh -c DEBIAN_FRONTEND=noninteractive apt-get install -y -q golang
-    77db140aa62a        A few seconds ago   /bin/sh -c DEBIAN_FRONTEND=noninteractive apt-get install -y -q curl
-    77db140aa62a        A few seconds ago   /bin/sh -c DEBIAN_FRONTEND=noninteractive apt-get install -y -q git 
-    83e85d155451        A few seconds ago   /bin/sh -c apt-get update
-    bfd53b36d9d3        A few seconds ago   /bin/sh -c echo 'deb http://archive.ubuntu.com/ubuntu quantal main universe multiverse' > /etc/apt/sources.list
-    base		2 weeks ago         /bin/bash
-    27cf78414709        2 weeks ago
-
-
-Note that your build started from 'base', as instructed by your Changefile. But that base image itself seems to have been built in 2 steps - hence the extra step in the history.
-
-
-You can use this build technique to create any image you want: a database, a web application, or anything else that can be build by a sequence of unix commands - in other words, anything else.
-
--- a/contrib/docker-build/docker-build
+++ b/contrib/docker-build/docker-build
@@ -1,142 +0,0 @@
-#!/usr/bin/env python
-
-# docker-build is a script to build docker images from source.
-# It will be deprecated once the 'build' feature is incorporated into docker itself.
-# (See https://github.com/dotcloud/docker/issues/278)
-#
-# Author: Solomon Hykes <solomon@dotcloud.com>
-
-
-
-# First create a valid Changefile, which defines a sequence of changes to apply to a base image.
-# 
-#     $ cat Changefile
-#     # Start build from a know base image
-#     from	base:ubuntu-12.10
-#     # Update ubuntu sources
-#     run	echo 'deb http://archive.ubuntu.com/ubuntu quantal main universe multiverse' > /etc/apt/sources.list
-#     run	apt-get update
-#     # Install system packages
-#     run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q git
-#     run DEBIAN_FRONTEND=noninteractive apt-get install -y -q curl
-#     run DEBIAN_FRONTEND=noninteractive apt-get install -y -q golang
-#     # Insert files from the host (./myscript must be present in the current directory)
-#     copy	myscript /usr/local/bin/myscript
-# 
-# 
-# Run docker-build, and pass the contents of your Changefile as standard input.
-# 
-#     $ IMG=$(./docker-build < Changefile)
-# 
-# This will take a while: for each line of the changefile, docker-build will:
-# 
-# 1. Create a new container to execute the given command or insert the given file
-# 2. Wait for the container to complete execution
-# 3. Commit the resulting changes as a new image
-# 4. Use the resulting image as the input of the next step
-
-
-import sys
-import subprocess
-import json
-import hashlib
-
-def docker(args, stdin=None):
-	print "# docker " + " ".join(args)
-	p = subprocess.Popen(["docker"] + list(args), stdin=stdin, stdout=subprocess.PIPE)
-	return p.stdout
-
-def image_exists(img):
-	return docker(["inspect", img]).read().strip() != ""
-
-def image_config(img):
-	return json.loads(docker(["inspect", img]).read()).get("config", {})
-
-def run_and_commit(img_in, cmd, stdin=None, author=None, run=None):
-	run_id = docker(["run"] + (["-i", "-a", "stdin"] if stdin else ["-d"]) + [img_in, "/bin/sh", "-c", cmd], stdin=stdin).read().rstrip()
-	print "---> Waiting for " + run_id
-	result=int(docker(["wait", run_id]).read().rstrip())
-	if result != 0:
-		print "!!! '{}' return non-zero exit code '{}'. Aborting.".format(cmd, result)
-		sys.exit(1)
-	return docker(["commit"] + (["-author", author] if author else []) + (["-run", json.dumps(run)] if run is not None else []) + [run_id]).read().rstrip()
-
-def insert(base, src, dst, author=None):
-	print "COPY {} to {} in {}".format(src, dst, base)
-	if dst == "":
-		raise Exception("Missing destination path")
-	stdin = file(src)
-	stdin.seek(0)
-	return run_and_commit(base, "cat > {0}; chmod +x {0}".format(dst), stdin=stdin, author=author)
-
-def add(base, src, dst, author=None):
-	print "PUSH to {} in {}".format(dst, base)
-	if src == ".":
-		tar = subprocess.Popen(["tar", "-c", "."], stdout=subprocess.PIPE).stdout
-	else:
-		tar = subprocess.Popen(["curl", src], stdout=subprocess.PIPE).stdout
-	if dst == "":
-		raise Exception("Missing argument to push")
-	return run_and_commit(base, "mkdir -p '{0}' && tar -C '{0}' -x".format(dst), stdin=tar, author=author)
-
-def main():
-	base=""
-	maintainer=""
-	steps = []
-	try:
-		for line in sys.stdin.readlines():
-			line = line.strip()
-			# Skip comments and empty lines
-			if line == "" or line[0] == "#":
-				continue
-			op, param = line.split(None, 1)
-			print op.upper() + " " + param
-			if op == "from":
-				base = param
-				steps.append(base)
-			elif op == "maintainer":
-				maintainer = param
-			elif op == "run":
-				result = run_and_commit(base, param, author=maintainer)
-				steps.append(result)
-				base = result
-				print "===> " + base
-			elif op == "copy":
-				src, dst = param.split("	", 1)
-				result = insert(base, src, dst, author=maintainer)
-				steps.append(result)
-				base = result
-				print "===> " + base
-			elif op == "add":
-				src, dst = param.split("	", 1)
-				result = add(base, src, dst, author=maintainer)
-				steps.append(result)
-				base=result
-				print "===> " + base
-			elif op == "expose":
-				config = image_config(base)
-				if config.get("PortSpecs") is None:
-					config["PortSpecs"] = []
-				portspec = param.strip()
-				config["PortSpecs"].append(portspec)
-				result = run_and_commit(base, "# (nop) expose port {}".format(portspec), author=maintainer, run=config)
-				steps.append(result)
-				base=result
-				print "===> " + base
-			elif op == "cmd":
-				config  = image_config(base)
-				cmd = list(json.loads(param))
-				config["Cmd"] = cmd
-				result = run_and_commit(base, "# (nop) set default command to '{}'".format(" ".join(cmd)), author=maintainer, run=config)
-				steps.append(result)
-				base=result
-				print "===> " + base
-			else:
-				print "Skipping uknown op " + op
-	except:
-		docker(["rmi"] + steps[1:])
-		raise
-	print base
-
-if __name__ == "__main__":
-	main()
--- a/contrib/docker-build/example.changefile
+++ b/contrib/docker-build/example.changefile
@@ -1,13 +0,0 @@
-# Start build from a know base image
-maintainer	Solomon Hykes <solomon@dotcloud.com>
-from	base:ubuntu-12.10
-# Update ubuntu sources
-run	echo 'deb http://archive.ubuntu.com/ubuntu quantal main universe multiverse' > /etc/apt/sources.list
-run	apt-get update
-# Install system packages
-run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q git
-run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q curl
-run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q golang
-# Insert files from the host (./myscript must be present in the current directory)
-copy	myscript	/usr/local/bin/myscript
-push	/src
--- a/contrib/docker-build/myscript
+++ b/contrib/docker-build/myscript
@@ -1,3 +0,0 @@
-#!/bin/sh
-
-echo hello, world!
--- a/contrib/install.sh
+++ b/contrib/install.sh
@@ -8,7 +8,7 @@

 echo "Ensuring basic dependencies are installed..."
 apt-get -qq update
-apt-get -qq install lxc wget bsdtar
+apt-get -qq install lxc wget

 echo "Looking in /proc/filesystems to see if we have AUFS support..."
 if grep -q aufs /proc/filesystems
--- a/docker/docker.go
+++ b/docker/docker.go
@@ -15,7 +15,7 @@ import (
 )

 var (
-	GIT_COMMIT string
+	GITCOMMIT string
 )

 func main() {
@@ -24,53 +24,49 @@ func main() {
 		docker.SysInit()
 		return
 	}
-	host := "127.0.0.1"
-	port := 4243
 	// FIXME: Switch d and D ? (to be more sshd like)
 	flDaemon := flag.Bool("d", false, "Daemon mode")
 	flDebug := flag.Bool("D", false, "Debug mode")
 	flAutoRestart := flag.Bool("r", false, "Restart previously running containers")
 	bridgeName := flag.String("b", "", "Attach containers to a pre-existing network bridge")
 	pidfile := flag.String("p", "/var/run/docker.pid", "File containing process PID")
-	flHost := flag.String("H", fmt.Sprintf("%s:%d", host, port), "Host:port to bind/connect to")
+	flEnableCors := flag.Bool("api-enable-cors", false, "Enable CORS requests in the remote api.")
+	flDns := flag.String("dns", "", "Set custom dns servers")
+	flHosts := docker.ListOpts{fmt.Sprintf("tcp://%s:%d", docker.DEFAULTHTTPHOST, docker.DEFAULTHTTPPORT)}
+	flag.Var(&flHosts, "H", "tcp://host:port to bind/connect to or unix://path/to/socket to use")
 	flag.Parse()
+	if len(flHosts) > 1 {
+		flHosts = flHosts[1:len(flHosts)] //trick to display a nice defaul value in the usage
+	}
+	for i, flHost := range flHosts {
+		flHosts[i] = utils.ParseHost(docker.DEFAULTHTTPHOST, docker.DEFAULTHTTPPORT, flHost)
+	}
+
 	if *bridgeName != "" {
 		docker.NetworkBridgeIface = *bridgeName
 	} else {
 		docker.NetworkBridgeIface = docker.DefaultNetworkBridge
 	}
-
-	if strings.Contains(*flHost, ":") {
-		hostParts := strings.Split(*flHost, ":")
-		if len(hostParts) != 2 {
-			log.Fatal("Invalid bind address format.")
-			os.Exit(-1)
-		}
-		if hostParts[0] != "" {
-			host = hostParts[0]
-		}
-		if p, err := strconv.Atoi(hostParts[1]); err == nil {
-			port = p
-		}
-	} else {
-		host = *flHost
-	}
-
 	if *flDebug {
 		os.Setenv("DEBUG", "1")
 	}
-	docker.GIT_COMMIT = GIT_COMMIT
+	docker.GITCOMMIT = GITCOMMIT
 	if *flDaemon {
 		if flag.NArg() != 0 {
 			flag.Usage()
 			return
 		}
-		if err := daemon(*pidfile, host, port, *flAutoRestart); err != nil {
+		if err := daemon(*pidfile, flHosts, *flAutoRestart, *flEnableCors, *flDns); err != nil {
 			log.Fatal(err)
 			os.Exit(-1)
 		}
 	} else {
-		if err := docker.ParseCommands(host, port, flag.Args()...); err != nil {
+		if len(flHosts) > 1 {
+			log.Fatal("Please specify only one -H")
+			return
+		}
+		protoAddrParts := strings.SplitN(flHosts[0], "://", 2)
+		if err := docker.ParseCommands(protoAddrParts[0], protoAddrParts[1], flag.Args()...); err != nil {
 			log.Fatal(err)
 			os.Exit(-1)
 		}
@@ -104,10 +100,7 @@ func removePidFile(pidfile string) {
 	}
 }

-func daemon(pidfile, addr string, port int, autoRestart bool) error {
-	if addr != "127.0.0.1" {
-		log.Println("/!\\ DON'T BIND ON ANOTHER IP ADDRESS THAN 127.0.0.1 IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\")
-	}
+func daemon(pidfile string, protoAddrs []string, autoRestart, enableCors bool, flDns string) error {
 	if err := createPidFile(pidfile); err != nil {
 		log.Fatal(err)
 	}
@@ -121,11 +114,37 @@ func daemon(pidfile, addr string, port int, autoRestart bool) error {
 		removePidFile(pidfile)
 		os.Exit(0)
 	}()
-
-	server, err := docker.NewServer(autoRestart)
+	var dns []string
+	if flDns != "" {
+		dns = []string{flDns}
+	}
+	server, err := docker.NewServer(autoRestart, enableCors, dns)
 	if err != nil {
 		return err
 	}
-
-	return docker.ListenAndServe(fmt.Sprintf("%s:%d", addr, port), server, true)
+	chErrors := make(chan error, len(protoAddrs))
+	for _, protoAddr := range protoAddrs {
+		protoAddrParts := strings.SplitN(protoAddr, "://", 2)
+		if protoAddrParts[0] == "unix" {
+			syscall.Unlink(protoAddrParts[1]);
+		} else if protoAddrParts[0] == "tcp" {
+			if !strings.HasPrefix(protoAddrParts[1], "127.0.0.1") {
+				log.Println("/!\\ DON'T BIND ON ANOTHER IP ADDRESS THAN 127.0.0.1 IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\")
+			}
+		} else {
+			log.Fatal("Invalid protocol format.")
+			os.Exit(-1)
+		}
+		go func() {
+			chErrors <- docker.ListenAndServe(protoAddrParts[0], protoAddrParts[1], server, true)
+		}()
+	}
+	for i :=0 ; i < len(protoAddrs); i+=1 {
+		err := <-chErrors
+		if err != nil {
+			return err
+		}
+	}
+	return nil
 }
+
--- a/docs/Makefile
+++ b/docs/Makefile
@@ -46,12 +46,11 @@ clean:
 	-rm -rf $(BUILDDIR)/*

 docs:
-	#-rm -rf $(BUILDDIR)/*
 	$(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/html
 	@echo
 	@echo "Build finished. The documentation pages are now in $(BUILDDIR)/html."

-server:
+server: docs
 	@cd $(BUILDDIR)/html; $(PYTHON) -m SimpleHTTPServer 8000

 site:
@@ -62,12 +61,13 @@ site:

 connect:
 	@echo connecting dotcloud to www.docker.io website, make sure to use user 1
-	@cd _build/website/ ; \
-	dotcloud connect dockerwebsite ;
+	@echo or create your own "dockerwebsite" app
+	@cd $(BUILDDIR)/website/ ; \
+	dotcloud connect dockerwebsite ; \
 	dotcloud list

 push:
-	@cd _build/website/ ; \
+	@cd $(BUILDDIR)/website/ ; \
 	dotcloud push

 $(VERSIONS):
--- a/docs/sources/api/README.md
+++ b/docs/sources/api/README.md
@@ -0,0 +1,5 @@
+This directory holds the authoritative specifications of APIs defined and implemented by Docker. Currently this includes:
+
+* The remote API by which a docker node can be queried over HTTP
+* The registry API by which a docker node can download and upload container images for storage and sharing
+* The index search API by which a docker node can search the public index for images to download
--- a/docs/sources/api/docker_remote_api.rst
+++ b/docs/sources/api/docker_remote_api.rst
--- a/docs/sources/api/docker_remote_api_v1.0.rst
+++ b/docs/sources/api/docker_remote_api_v1.0.rst
--- a/docs/sources/api/docker_remote_api_v1.1.rst
+++ b/docs/sources/api/docker_remote_api_v1.1.rst
--- a/docs/sources/api/docker_remote_api_v1.2.rst
+++ b/docs/sources/api/docker_remote_api_v1.2.rst
--- a/docs/sources/api/index.rst
+++ b/docs/sources/api/index.rst
@@ -5,13 +5,14 @@
 APIs
 ====

-This following :
+Your programs and scripts can access Docker's functionality via these interfaces:

 .. toctree::
  :maxdepth: 3

+  registry_index_spec
  registry_api
-  index_search_api
+  index_api
  docker_remote_api


--- a/docs/sources/api/index_api.rst
+++ b/docs/sources/api/index_api.rst
@@ -0,0 +1,553 @@
+:title: Index API
+:description: API Documentation for Docker Index
+:keywords: API, Docker, index, REST, documentation
+
+=================
+Docker Index API
+=================
+
+.. contents:: Table of Contents
+
+1. Brief introduction
+=====================
+
+- This is the REST API for the Docker index
+- Authorization is done with basic auth over SSL
+- Not all commands require authentication, only those noted as such.
+
+2. Endpoints
+============
+
+2.1 Repository
+^^^^^^^^^^^^^^
+
+Repositories
+*************
+
+User Repo
+~~~~~~~~~
+
+.. http:put:: /v1/repositories/(namespace)/(repo_name)/
+
+    Create a user repository with the given ``namespace`` and ``repo_name``.
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        PUT /v1/repositories/foo/bar/ HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Basic akmklmasadalkm==
+        X-Docker-Token: true
+
+        [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”}]
+
+    :parameter namespace: the namespace for the repo
+    :parameter repo_name: the name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+        WWW-Authenticate: Token signature=123abc,repository=”foo/bar”,access=write
+        X-Docker-Endpoints: registry-1.docker.io [, registry-2.docker.io]
+
+        ""
+
+    :statuscode 200: Created
+    :statuscode 400: Errors (invalid json, missing or invalid fields, etc)
+    :statuscode 401: Unauthorized
+    :statuscode 403: Account is not Active
+
+
+.. http:delete:: /v1/repositories/(namespace)/(repo_name)/
+
+    Delete a user repository with the given ``namespace`` and ``repo_name``.
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        DELETE /v1/repositories/foo/bar/ HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Basic akmklmasadalkm==
+        X-Docker-Token: true
+
+        ""
+
+    :parameter namespace: the namespace for the repo
+    :parameter repo_name: the name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 202
+        Vary: Accept
+        Content-Type: application/json
+        WWW-Authenticate: Token signature=123abc,repository=”foo/bar”,access=delete
+        X-Docker-Endpoints: registry-1.docker.io [, registry-2.docker.io]
+
+        ""
+
+    :statuscode 200: Deleted
+    :statuscode 202: Accepted
+    :statuscode 400: Errors (invalid json, missing or invalid fields, etc)
+    :statuscode 401: Unauthorized
+    :statuscode 403: Account is not Active
+
+Library Repo
+~~~~~~~~~~~~
+
+.. http:put:: /v1/repositories/(repo_name)/
+
+    Create a library repository with the given ``repo_name``.
+    This is a restricted feature only available to docker admins.
+    
+    When namespace is missing, it is assumed to be ``library``
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        PUT /v1/repositories/foobar/ HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Basic akmklmasadalkm==
+        X-Docker-Token: true
+
+        [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”}]
+
+    :parameter repo_name:  the library name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+        WWW-Authenticate: Token signature=123abc,repository=”library/foobar”,access=write
+        X-Docker-Endpoints: registry-1.docker.io [, registry-2.docker.io]
+
+        ""
+
+    :statuscode 200: Created
+    :statuscode 400: Errors (invalid json, missing or invalid fields, etc)
+    :statuscode 401: Unauthorized
+    :statuscode 403: Account is not Active
+
+.. http:delete:: /v1/repositories/(repo_name)/
+
+    Delete a library repository with the given ``repo_name``.
+    This is a restricted feature only available to docker admins.
+    
+    When namespace is missing, it is assumed to be ``library``
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        DELETE /v1/repositories/foobar/ HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Basic akmklmasadalkm==
+        X-Docker-Token: true
+
+        ""
+
+    :parameter repo_name:  the library name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 202
+        Vary: Accept
+        Content-Type: application/json
+        WWW-Authenticate: Token signature=123abc,repository=”library/foobar”,access=delete
+        X-Docker-Endpoints: registry-1.docker.io [, registry-2.docker.io]
+
+        ""
+
+    :statuscode 200: Deleted
+    :statuscode 202: Accepted
+    :statuscode 400: Errors (invalid json, missing or invalid fields, etc)
+    :statuscode 401: Unauthorized
+    :statuscode 403: Account is not Active
+
+Repository Images
+*****************
+
+User Repo Images
+~~~~~~~~~~~~~~~~
+
+.. http:put:: /v1/repositories/(namespace)/(repo_name)/images
+
+    Update the images for a user repo.
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        PUT /v1/repositories/foo/bar/images HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Basic akmklmasadalkm==
+
+        [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”,
+        “checksum”: “b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”}]
+
+    :parameter namespace: the namespace for the repo
+    :parameter repo_name: the name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 204
+        Vary: Accept
+        Content-Type: application/json
+
+        ""
+
+    :statuscode 204: Created
+    :statuscode 400: Errors (invalid json, missing or invalid fields, etc)
+    :statuscode 401: Unauthorized
+    :statuscode 403: Account is not Active or permission denied
+
+
+.. http:get:: /v1/repositories/(namespace)/(repo_name)/images
+
+    get the images for a user repo.
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        GET /v1/repositories/foo/bar/images HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+
+    :parameter namespace: the namespace for the repo
+    :parameter repo_name: the name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+
+        [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”,
+        “checksum”: “b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”},
+        {“id”: “ertwetewtwe38722009fe6857087b486531f9a779a0c1dfddgfgsdgdsgds”,
+        “checksum”: “34t23f23fc17e3ed29dae8f12c4f9e89cc6f0bsdfgfsdgdsgdsgerwgew”}]
+
+    :statuscode 200: OK
+    :statuscode 404: Not found
+
+Library Repo Images
+~~~~~~~~~~~~~~~~~~~
+
+.. http:put:: /v1/repositories/(repo_name)/images
+
+    Update the images for a library repo.
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        PUT /v1/repositories/foobar/images HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Basic akmklmasadalkm==
+
+        [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”,
+        “checksum”: “b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”}]
+
+    :parameter repo_name: the library name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 204
+        Vary: Accept
+        Content-Type: application/json
+
+        ""
+
+    :statuscode 204: Created
+    :statuscode 400: Errors (invalid json, missing or invalid fields, etc)
+    :statuscode 401: Unauthorized
+    :statuscode 403: Account is not Active or permission denied
+
+
+.. http:get:: /v1/repositories/(repo_name)/images
+
+    get the images for a library repo.
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        GET /v1/repositories/foobar/images HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+
+    :parameter repo_name: the library name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+
+        [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”,
+        “checksum”: “b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”},
+        {“id”: “ertwetewtwe38722009fe6857087b486531f9a779a0c1dfddgfgsdgdsgds”,
+        “checksum”: “34t23f23fc17e3ed29dae8f12c4f9e89cc6f0bsdfgfsdgdsgdsgerwgew”}]
+
+    :statuscode 200: OK
+    :statuscode 404: Not found
+
+
+Repository Authorization
+************************
+
+Library Repo
+~~~~~~~~~~~~
+
+.. http:put:: /v1/repositories/(repo_name)/auth
+
+    authorize a token for a library repo
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        PUT /v1/repositories/foobar/auth HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Authorization: Token signature=123abc,repository="library/foobar",access=write
+
+    :parameter repo_name: the library name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+
+        "OK"
+
+    :statuscode 200: OK
+    :statuscode 403: Permission denied
+    :statuscode 404: Not found
+
+
+User Repo
+~~~~~~~~~
+
+.. http:put:: /v1/repositories/(namespace)/(repo_name)/auth
+
+    authorize a token for a user repo
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        PUT /v1/repositories/foo/bar/auth HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Authorization: Token signature=123abc,repository="foo/bar",access=write
+
+    :parameter namespace: the namespace for the repo
+    :parameter repo_name: the name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+
+        "OK"
+
+    :statuscode 200: OK
+    :statuscode 403: Permission denied
+    :statuscode 404: Not found
+
+
+2.2 Users
+^^^^^^^^^
+
+User Login
+**********
+
+.. http:get:: /v1/users
+
+    If you want to check your login, you can try this endpoint
+    
+    **Example Request**:
+    
+    .. sourcecode:: http
+    
+        GET /v1/users HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Authorization: Basic akmklmasadalkm==
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200 OK
+        Vary: Accept
+        Content-Type: application/json
+
+        OK
+
+    :statuscode 200: no error
+    :statuscode 401: Unauthorized
+    :statuscode 403: Account is not Active
+
+
+User Register
+*************
+
+.. http:post:: /v1/users
+
+    Registering a new account.
+
+    **Example request**:
+
+    .. sourcecode:: http
+
+        POST /v1/users HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Content-Type: application/json
+
+        {"email": "sam@dotcloud.com",
+         "password": "toto42",
+         "username": "foobar"'}
+
+    :jsonparameter email: valid email address, that needs to be confirmed
+    :jsonparameter username: min 4 character, max 30 characters, must match the regular expression [a-z0-9_].
+    :jsonparameter password: min 5 characters
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 201 OK
+        Vary: Accept
+        Content-Type: application/json
+
+        "User Created"
+
+    :statuscode 201: User Created
+    :statuscode 400: Errors (invalid json, missing or invalid fields, etc)
+
+Update User
+***********
+
+.. http:put:: /v1/users/(username)/
+
+    Change a password or email address for given user. If you pass in an email,
+    it will add it to your account, it will not remove the old one. Passwords will
+    be updated.
+
+    It is up to the client to verify that that password that is sent is the one that
+    they want. Common approach is to have them type it twice.
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        PUT /v1/users/fakeuser/ HTTP/1.1
+        Host: index.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Basic akmklmasadalkm==
+
+        {"email": "sam@dotcloud.com",
+         "password": "toto42"}
+
+    :parameter username: username for the person you want to update
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 204
+        Vary: Accept
+        Content-Type: application/json
+
+        ""
+
+    :statuscode 204: User Updated
+    :statuscode 400: Errors (invalid json, missing or invalid fields, etc)
+    :statuscode 401: Unauthorized
+    :statuscode 403: Account is not Active
+    :statuscode 404: User not found
+
+
+2.3 Search
+^^^^^^^^^^
+If you need to search the index, this is the endpoint you would use.
+
+Search
+******
+
+.. http:get:: /v1/search
+
+   Search the Index given a search term. It accepts :http:method:`get` only.
+
+   **Example request**:
+
+   .. sourcecode:: http
+
+      GET /v1/search?q=search_term HTTP/1.1
+      Host: example.com
+      Accept: application/json
+
+
+   **Example response**:
+
+   .. sourcecode:: http
+
+      HTTP/1.1 200 OK
+      Vary: Accept
+      Content-Type: application/json
+
+      {"query":"search_term",
+        "num_results": 2,
+        "results" : [
+           {"name": "dotcloud/base", "description": "A base ubuntu64  image..."},
+           {"name": "base2", "description": "A base ubuntu64  image..."},
+         ]
+       }
+
+   :query q: what you want to search for
+   :statuscode 200: no error
+   :statuscode 500: server error
--- a/docs/sources/api/index_search_api.rst
+++ b/docs/sources/api/index_search_api.rst
@@ -1,43 +0,0 @@
-:title: Docker Index documentation
-:description: Documentation for docker Index
-:keywords: docker, index, api
-
-
-=======================
-Docker Index Search API
-=======================
-
-Search
------
-
-.. http:get:: /v1/search
-
-   Search the Index given a search term. It accepts :http:method:`get` only.
-
-   **Example request**:
-
-   .. sourcecode:: http
-
-      GET /v1/search?q=search_term HTTP/1.1
-      Host: example.com
-      Accept: application/json
-
-   **Example response**:
-
-   .. sourcecode:: http
-
-      HTTP/1.1 200 OK
-      Vary: Accept
-      Content-Type: application/json
-
-      {"query":"search_term",
-        "num_results": 2,
-        "results" : [
-           {"name": "dotcloud/base", "description": "A base ubuntu64  image..."},
-           {"name": "base2", "description": "A base ubuntu64  image..."},
-         ]
-       }
-
-   :query q: what you want to search for
-   :statuscode 200: no error
-   :statuscode 500: server error
--- a/docs/sources/api/registry_api.rst
+++ b/docs/sources/api/registry_api.rst
@@ -1,7 +1,6 @@
-:title: Registry Documentation
-:description: Documentation for docker Registry and Registry API
-:keywords: docker, registry, api, index
-
+:title: Registry API
+:description: API Documentation for Docker Registry
+:keywords: API, Docker, index, registry, REST, documentation

 ===================
 Docker Registry API
@@ -9,29 +8,10 @@ Docker Registry API

 .. contents:: Table of Contents

-1. The 3 roles
-===============
+1. Brief introduction
+=====================

-1.1 Index
---------
-
-The Index is responsible for centralizing information about:
- User accounts
- Checksums of the images
- Public namespaces
-
-The Index has different components:
- Web UI
- Meta-data store (comments, stars, list public repositories)
- Authentication service
- Tokenization
-
-The index is authoritative for those information.
-
-We expect that there will be only one instance of the index, run and managed by dotCloud.
-
-1.2 Registry
------------
+- This is the REST API for the Docker Registry
 - It stores the images and the graph for a set of repositories
 - It does not have user accounts data
 - It has no notion of user accounts or authorization
@@ -60,418 +40,424 @@ We expect that there will be multiple registries out there. To help to grasp the

 The latter would only require two new commands in docker, e.g. “registryget” and “registryput”, wrapping access to the local filesystem (and optionally doing consistency checks). Authentication and authorization are then delegated to SSH (e.g. with public keys).

-1.3 Docker
+2. Endpoints
+============
+
+2.1 Images
 ----------

-On top of being a runtime for LXC, Docker is the Registry client. It supports:
- Push / Pull on the registry
- Client authentication on the Index
+Layer
+*****

-2. Workflow
-===========
+.. http:get:: /v1/images/(image_id)/layer 

-2.1 Pull
+    get image layer for a given ``image_id``
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        GET /v1/images/088b4505aa3adc3d35e79c031fa126b403200f02f51920fbd9b7c503e87c7a2c/layer HTTP/1.1
+        Host: registry-1.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Token akmklmasadalkmsdfgsdgdge33
+
+    :parameter image_id: the id for the layer you want to get
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+        Cookie: (Cookie provided by the Registry)
+
+        {
+            id: "088b4505aa3adc3d35e79c031fa126b403200f02f51920fbd9b7c503e87c7a2c",
+            parent: "aeee6396d62273d180a49c96c62e45438d87c7da4a5cf5d2be6bee4e21bc226f",
+            created: "2013-04-30T17:46:10.843673+03:00",
+            container: "8305672a76cc5e3d168f97221106ced35a76ec7ddbb03209b0f0d96bf74f6ef7",
+            container_config: {
+                Hostname: "host-test",
+                User: "",
+                Memory: 0,
+                MemorySwap: 0,
+                AttachStdin: false,
+                AttachStdout: false,
+                AttachStderr: false,
+                PortSpecs: null,
+                Tty: false,
+                OpenStdin: false,
+                StdinOnce: false,
+                Env: null,
+                Cmd: [
+                "/bin/bash",
+                "-c",
+                "apt-get -q -yy -f install libevent-dev"
+                ],
+                Dns: null,
+                Image: "imagename/blah",
+                Volumes: { },
+                VolumesFrom: ""
+            },
+            docker_version: "0.1.7"
+        }
+
+    :statuscode 200: OK
+    :statuscode 401: Requires authorization
+    :statuscode 404: Image not found
+
+
+.. http:put:: /v1/images/(image_id)/layer 
+
+    put image layer for a given ``image_id``
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        PUT /v1/images/088b4505aa3adc3d35e79c031fa126b403200f02f51920fbd9b7c503e87c7a2c/layer HTTP/1.1
+        Host: registry-1.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Authorization: Token akmklmasadalkmsdfgsdgdge33
+
+        {
+            id: "088b4505aa3adc3d35e79c031fa126b403200f02f51920fbd9b7c503e87c7a2c",
+            parent: "aeee6396d62273d180a49c96c62e45438d87c7da4a5cf5d2be6bee4e21bc226f",
+            created: "2013-04-30T17:46:10.843673+03:00",
+            container: "8305672a76cc5e3d168f97221106ced35a76ec7ddbb03209b0f0d96bf74f6ef7",
+            container_config: {
+                Hostname: "host-test",
+                User: "",
+                Memory: 0,
+                MemorySwap: 0,
+                AttachStdin: false,
+                AttachStdout: false,
+                AttachStderr: false,
+                PortSpecs: null,
+                Tty: false,
+                OpenStdin: false,
+                StdinOnce: false,
+                Env: null,
+                Cmd: [
+                "/bin/bash",
+                "-c",
+                "apt-get -q -yy -f install libevent-dev"
+                ],
+                Dns: null,
+                Image: "imagename/blah",
+                Volumes: { },
+                VolumesFrom: ""
+            },
+            docker_version: "0.1.7"
+        }
+
+    :parameter image_id: the id for the layer you want to get
+
+
+    **Example Response**:
+
+    .. sourcecode:: http
+    
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+
+        ""
+
+    :statuscode 200: OK
+    :statuscode 401: Requires authorization
+    :statuscode 404: Image not found
+
+
+Image
+*****
+
+.. http:put:: /v1/images/(image_id)/json
+
+    put image for a given ``image_id``
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        PUT /v1/images/088b4505aa3adc3d35e79c031fa126b403200f02f51920fbd9b7c503e87c7a2c/json HTTP/1.1
+        Host: registry-1.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Cookie: (Cookie provided by the Registry)
+
+        {
+         “id”: “088b4505aa3adc3d35e79c031fa126b403200f02f51920fbd9b7c503e87c7a2c”,
+         “checksum”:  “sha256:b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”
+         }
+
+    :parameter image_id: the id for the layer you want to get
+
+
+    **Example Response**:
+
+    .. sourcecode:: http
+    
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+
+        ""
+
+    :statuscode 200: OK
+    :statuscode 401: Requires authorization
+
+.. http:get:: /v1/images/(image_id)/json
+
+    get image for a given ``image_id``
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        GET /v1/images/088b4505aa3adc3d35e79c031fa126b403200f02f51920fbd9b7c503e87c7a2c/json HTTP/1.1
+        Host: registry-1.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Cookie: (Cookie provided by the Registry)
+
+    :parameter image_id: the id for the layer you want to get
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+
+        {
+         “id”: “088b4505aa3adc3d35e79c031fa126b403200f02f51920fbd9b7c503e87c7a2c”,
+         “checksum”:  “sha256:b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”
+         }
+
+    :statuscode 200: OK
+    :statuscode 401: Requires authorization
+    :statuscode 404: Image not found
+
+
+Ancestry
+********
+
+.. http:get:: /v1/images/(image_id)/ancestry
+
+    get ancestry for an image given an ``image_id``
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        GET /v1/images/088b4505aa3adc3d35e79c031fa126b403200f02f51920fbd9b7c503e87c7a2c/ancestry HTTP/1.1
+        Host: registry-1.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Cookie: (Cookie provided by the Registry)
+
+    :parameter image_id: the id for the layer you want to get
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+
+        ["088b4502f51920fbd9b7c503e87c7a2c05aa3adc3d35e79c031fa126b403200f",
+         "aeee63968d87c7da4a5cf5d2be6bee4e21bc226fd62273d180a49c96c62e4543",
+         "bfa4c5326bc764280b0863b46a4b20d940bc1897ef9c1dfec060604bdc383280",
+         "6ab5893c6927c15a15665191f2c6cf751f5056d8b95ceee32e43c5e8a3648544"]
+
+    :statuscode 200: OK
+    :statuscode 401: Requires authorization
+    :statuscode 404: Image not found
+
+
+2.2 Tags
 --------

-.. image:: /static_files/docker_pull_chart.png
+.. http:get:: /v1/repositories/(namespace)/(repository)/tags

-1. Contact the Index to know where I should download “samalba/busybox”
-2. Index replies:
-   a. “samalba/busybox” is on Registry A
-   b. here are the checksums for “samalba/busybox” (for all layers)
-   c. token
-3. Contact Registry A to receive the layers for “samalba/busybox” (all of them to the base image). Registry A is authoritative for “samalba/busybox” but keeps a copy of all inherited layers and serve them all from the same location.
-4. registry contacts index to verify if token/user is allowed to download images
-5. Index returns true/false lettings registry know if it should proceed or error out
-6. Get the payload for all layers
+    get all of the tags for the given repo.

-It’s possible to run docker pull \https://<registry>/repositories/samalba/busybox. In this case, docker bypasses the Index. However the security is not guaranteed (in case Registry A is corrupted) because there won’t be any checksum checks.
+    **Example Request**:

-Currently registry redirects to s3 urls for downloads, going forward all downloads need to be streamed through the registry. The Registry will then abstract the calls to S3 by a top-level class which implements sub-classes for S3 and local storage.
+    .. sourcecode:: http

-Token is only returned when the 'X-Docker-Token' header is sent with request.
-
-Basic Auth is required to pull private repos. Basic auth isn't required for pulling public repos, but if one is provided, it needs to be valid and for an active account.
-
-API (pulling repository foo/bar):
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-1. (Docker -> Index) GET /v1/repositories/foo/bar/images
-    **Headers**:
-        Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
-        X-Docker-Token: true
-    **Action**:
-        (looking up the foo/bar in db and gets images and checksums for that repo (all if no tag is specified, if tag, only checksums for those tags) see part 4.4.1)
-
-2. (Index -> Docker) HTTP 200 OK
-
-    **Headers**:
-        - Authorization: Token signature=123abc,repository=”foo/bar”,access=write
-        - X-Docker-Endpoints: registry.docker.io [, registry2.docker.io]
-    **Body**:
-        Jsonified checksums (see part 4.4.1)
-
-3. (Docker -> Registry) GET /v1/repositories/foo/bar/tags/latest
-    **Headers**:
-        Authorization: Token signature=123abc,repository=”foo/bar”,access=write
-
-4. (Registry -> Index) GET /v1/repositories/foo/bar/images
-
-    **Headers**:
-        Authorization: Token signature=123abc,repository=”foo/bar”,access=read
-
-    **Body**:
-        <ids and checksums in payload>
-
-    **Action**:
-        ( Lookup token see if they have access to pull.)
-
-        If good:
-            HTTP 200 OK
-            Index will invalidate the token
-        If bad:
-            HTTP 401 Unauthorized
-
-5. (Docker -> Registry) GET /v1/images/928374982374/ancestry
-    **Action**:
-        (for each image id returned in the registry, fetch /json + /layer)
-
-.. note::
-
-    If someone makes a second request, then we will always give a new token, never reuse tokens.
-
-2.2 Push
--------
-
-.. image:: /static_files/docker_push_chart.png
-
-1. Contact the index to allocate the repository name “samalba/busybox” (authentication required with user credentials)
-2. If authentication works and namespace available, “samalba/busybox” is allocated and a temporary token is returned (namespace is marked as initialized in index)
-3. Push the image on the registry (along with the token)
-4. Registry A contacts the Index to verify the token (token must corresponds to the repository name)
-5. Index validates the token. Registry A starts reading the stream pushed by docker and store the repository (with its images)
-6. docker contacts the index to give checksums for upload images
-
-.. note::
-
-    **It’s possible not to use the Index at all!** In this case, a deployed version of the Registry is deployed to store and serve images. Those images are not authentified and the security is not guaranteed.
-
-.. note::
-
-    **Index can be replaced!** For a private Registry deployed, a custom Index can be used to serve and validate token according to different policies.
-
-Docker computes the checksums and submit them to the Index at the end of the push. When a repository name does not have checksums on the Index, it means that the push is in progress (since checksums are submitted at the end).
-
-API (pushing repos foo/bar):
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-1. (Docker -> Index) PUT /v1/repositories/foo/bar/
-    **Headers**:
-        Authorization: Basic sdkjfskdjfhsdkjfh==
-        X-Docker-Token: true
-
-    **Action**::
-        - in index, we allocated a new repository, and set to initialized
-
-    **Body**::
-        (The body contains the list of images that are going to be pushed, with empty checksums. The checksums will be set at the end of the push)::
-
-        [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”}]
-
-2. (Index -> Docker) 200 Created
-    **Headers**:
-        - WWW-Authenticate: Token signature=123abc,repository=”foo/bar”,access=write
-        - X-Docker-Endpoints: registry.docker.io [, registry2.docker.io]
-
-3. (Docker -> Registry) PUT /v1/images/98765432_parent/json
-    **Headers**:
-        Authorization: Token signature=123abc,repository=”foo/bar”,access=write
-
-4. (Registry->Index) GET /v1/repositories/foo/bar/images
-    **Headers**:
-        Authorization: Token signature=123abc,repository=”foo/bar”,access=write
-    **Action**::
-        - Index:
-            will invalidate the token.
-        - Registry:
-            grants a session (if token is approved) and fetches the images id
-
-5. (Docker -> Registry) PUT /v1/images/98765432_parent/json
-    **Headers**::
-        - Authorization: Token signature=123abc,repository=”foo/bar”,access=write
-        - Cookie: (Cookie provided by the Registry)
-
-6. (Docker -> Registry) PUT /v1/images/98765432/json
-    **Headers**:
+        GET /v1/repositories/foo/bar/tags HTTP/1.1
+        Host: registry-1.docker.io
+        Accept: application/json
+        Content-Type: application/json
        Cookie: (Cookie provided by the Registry)

-7. (Docker -> Registry) PUT /v1/images/98765432_parent/layer
-    **Headers**:
+    :parameter namespace: namespace for the repo
+    :parameter repository: name for the repo
+
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+
+        {
+            "latest": "9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f",
+            “0.1.1”:  “b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”
+        }
+
+    :statuscode 200: OK
+    :statuscode 401: Requires authorization
+    :statuscode 404: Repository not found
+
+
+.. http:get:: /v1/repositories/(namespace)/(repository)/tags/(tag)
+
+    get a tag for the given repo.
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        GET /v1/repositories/foo/bar/tags/latest HTTP/1.1
+        Host: registry-1.docker.io
+        Accept: application/json
+        Content-Type: application/json
        Cookie: (Cookie provided by the Registry)

-8. (Docker -> Registry) PUT /v1/images/98765432/layer
-    **Headers**:
-        X-Docker-Checksum: sha256:436745873465fdjkhdfjkgh
+    :parameter namespace: namespace for the repo
+    :parameter repository: name for the repo
+    :parameter tag: name of tag you want to get

-9. (Docker -> Registry) PUT /v1/repositories/foo/bar/tags/latest
-    **Headers**:
+    **Example Response**:
+
+    .. sourcecode:: http
+
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json
+
+        "9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f"
+
+    :statuscode 200: OK
+    :statuscode 401: Requires authorization
+    :statuscode 404: Tag not found
+
+.. http:delete:: /v1/repositories/(namespace)/(repository)/tags/(tag)
+
+    delete the tag for the repo
+
+    **Example Request**:
+
+    .. sourcecode:: http
+
+        DELETE /v1/repositories/foo/bar/tags/latest HTTP/1.1
+        Host: registry-1.docker.io
+        Accept: application/json
+        Content-Type: application/json
        Cookie: (Cookie provided by the Registry)
-    **Body**:
-        “98765432”

-10. (Docker -> Index) PUT /v1/repositories/foo/bar/images
+    :parameter namespace: namespace for the repo
+    :parameter repository: name for the repo
+    :parameter tag: name of tag you want to delete

-    **Headers**:
-        Authorization: Basic 123oislifjsldfj==
-        X-Docker-Endpoints: registry1.docker.io (no validation on this right now)
+    **Example Response**:

-    **Body**:
-        (The image, id’s, tags and checksums)
+    .. sourcecode:: http

-        [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”,
-        “checksum”: “b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”}]
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json

-    **Return** HTTP 204
+        ""

-.. note::
+    :statuscode 200: OK
+    :statuscode 401: Requires authorization
+    :statuscode 404: Tag not found

-     If push fails and they need to start again, what happens in the index, there will already be a record for the namespace/name, but it will be initialized. Should we allow it, or mark as name already used? One edge case could be if someone pushes the same thing at the same time with two different shells.

-     If it's a retry on the Registry, Docker has a cookie (provided by the registry after token validation). So the Index won’t have to provide a new token.
+.. http:put:: /v1/repositories/(namespace)/(repository)/tags/(tag)

-3. How to use the Registry in standalone mode
-=============================================
+    put a tag for the given repo.

-The Index has two main purposes (along with its fancy social features):
+    **Example Request**:

- Resolve short names (to avoid passing absolute URLs all the time)
-   - username/projectname -> \https://registry.docker.io/users/<username>/repositories/<projectname>/
- Authenticate a user as a repos owner (for a central referenced repository)
+    .. sourcecode:: http

-3.1 Without an Index
--------------------
-Using the Registry without the Index can be useful to store the images on a private network without having to rely on an external entity controlled by dotCloud.
+        PUT /v1/repositories/foo/bar/tags/latest HTTP/1.1
+        Host: registry-1.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Cookie: (Cookie provided by the Registry)

-In this case, the registry will be launched in a special mode (--standalone? --no-index?). In this mode, the only thing which changes is that Registry will never contact the Index to verify a token. It will be the Registry owner responsibility to authenticate the user who pushes (or even pulls) an image using any mechanism (HTTP auth, IP based, etc...).
+        “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”

-In this scenario, the Registry is responsible for the security in case of data corruption since the checksums are not delivered by a trusted entity.
+    :parameter namespace: namespace for the repo
+    :parameter repository: name for the repo
+    :parameter tag: name of tag you want to add

-As hinted previously, a standalone registry can also be implemented by any HTTP server handling GET/PUT requests (or even only GET requests if no write access is necessary).
+    **Example Response**:

-3.2 With an Index
-----------------
+    .. sourcecode:: http

-The Index data needed by the Registry are simple:
- Serve the checksums
- Provide and authorize a Token
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json

-In the scenario of a Registry running on a private network with the need of centralizing and authorizing, it’s easy to use a custom Index.
+        ""

-The only challenge will be to tell Docker to contact (and trust) this custom Index. Docker will be configurable at some point to use a specific Index, it’ll be the private entity responsibility (basically the organization who uses Docker in a private environment) to maintain the Index and the Docker’s configuration among its consumers.
+    :statuscode 200: OK
+    :statuscode 400: Invalid data
+    :statuscode 401: Requires authorization
+    :statuscode 404: Image not found

-4. The API
-==========
+2.3 Repositories
+----------------

-The first version of the api is available here: https://github.com/jpetazzo/docker/blob/acd51ecea8f5d3c02b00a08176171c59442df8b3/docs/images-repositories-push-pull.md
+.. http:delete:: /v1/repositories/(namespace)/(repository)/

-4.1 Images
----------
+    delete a repository

-The format returned in the images is not defined here (for layer and json), basically because Registry stores exactly the same kind of information as Docker uses to manage them.
+    **Example Request**:

-The format of ancestry is a line-separated list of image ids, in age order. I.e. the image’s parent is on the last line, the parent of the parent on the next-to-last line, etc.; if the image has no parent, the file is empty.
+    .. sourcecode:: http

-GET /v1/images/<image_id>/layer
-PUT /v1/images/<image_id>/layer
-GET /v1/images/<image_id>/json
-PUT /v1/images/<image_id>/json
-GET /v1/images/<image_id>/ancestry
-PUT /v1/images/<image_id>/ancestry
+        DELETE /v1/repositories/foo/bar/ HTTP/1.1
+        Host: registry-1.docker.io
+        Accept: application/json
+        Content-Type: application/json
+        Cookie: (Cookie provided by the Registry)

-4.2 Users
---------
+        ""

-4.2.1 Create a user (Index)
-^^^^^^^^^^^^^^^^^^^^^^^^^^^
+    :parameter namespace: namespace for the repo
+    :parameter repository: name for the repo

-POST /v1/users
+    **Example Response**:

-**Body**:
-    {"email": "sam@dotcloud.com", "password": "toto42", "username": "foobar"'}
+    .. sourcecode:: http

-**Validation**:
-    - **username** : min 4 character, max 30 characters, must match the regular expression [a-z0-9_].
-    - **password**: min 5 characters
+        HTTP/1.1 200
+        Vary: Accept
+        Content-Type: application/json

-**Valid**: return HTTP 200
+        ""

-Errors: HTTP 400 (we should create error codes for possible errors)
- invalid json
- missing field
- wrong format (username, password, email, etc)
- forbidden name
- name already exists
+    :statuscode 200: OK
+    :statuscode 401: Requires authorization
+    :statuscode 404: Repository not found

-.. note::
+3.0 Authorization
+=================
+This is where we describe the authorization process, including the tokens and cookies. 

-    A user account will be valid only if the email has been validated (a validation link is sent to the email address).
-
-4.2.2 Update a user (Index)
-^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-PUT /v1/users/<username>
-
-**Body**:
-    {"password": "toto"}
-
-.. note::
-
-    We can also update email address, if they do, they will need to reverify their new email address.
-
-4.2.3 Login (Index)
-^^^^^^^^^^^^^^^^^^^
-Does nothing else but asking for a user authentication. Can be used to validate credentials. HTTP Basic Auth for now, maybe change in future.
-
-GET /v1/users
-
-**Return**:
-    - Valid: HTTP 200
-    - Invalid login: HTTP 401
-    - Account inactive: HTTP 403 Account is not Active
-
-4.3 Tags (Registry)
-------------------
-
-The Registry does not know anything about users. Even though repositories are under usernames, it’s just a namespace for the registry. Allowing us to implement organizations or different namespaces per user later, without modifying the Registry’s API.
-
-The following naming restrictions apply:
-
- Namespaces must match the same regular expression as usernames (See 4.2.1.)
- Repository names must match the regular expression [a-zA-Z0-9-_.]
-
-4.3.1 Get all tags
-^^^^^^^^^^^^^^^^^^
-
-GET /v1/repositories/<namespace>/<repository_name>/tags
-
-**Return**: HTTP 200
-    {
-    "latest": "9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f",
-    “0.1.1”:  “b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”
-    }
-
-4.3.2 Read the content of a tag (resolve the image id)
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-GET /v1/repositories/<namespace>/<repo_name>/tags/<tag>
-
-**Return**:
-    "9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f"
-
-4.3.3 Delete a tag (registry)
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-DELETE /v1/repositories/<namespace>/<repo_name>/tags/<tag>
-
-4.4 Images (Index)
------------------
-
-For the Index to “resolve” the repository name to a Registry location, it uses the X-Docker-Endpoints header. In other terms, this requests always add a “X-Docker-Endpoints” to indicate the location of the registry which hosts this repository.
-
-4.4.1 Get the images
-^^^^^^^^^^^^^^^^^^^^^
-
-GET /v1/repositories/<namespace>/<repo_name>/images
-
-**Return**: HTTP 200
-    [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”, “checksum”: “md5:b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”}]
-
-
-4.4.2 Add/update the images
-^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-You always add images, you never remove them.
-
-PUT /v1/repositories/<namespace>/<repo_name>/images
-
-**Body**:
-    [ {“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”, “checksum”: “sha256:b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”} ]
-
-**Return** 204
-
-5. Chaining Registries
-======================
-
-It’s possible to chain Registries server for several reasons:
- Load balancing
- Delegate the next request to another server
-
-When a Registry is a reference for a repository, it should host the entire images chain in order to avoid breaking the chain during the download.
-
-The Index and Registry use this mechanism to redirect on one or the other.
-
-Example with an image download:
-On every request, a special header can be returned:
-
-X-Docker-Endpoints: server1,server2
-
-On the next request, the client will always pick a server from this list.
-
-6. Authentication & Authorization
-=================================
-
-6.1 On the Index
-----------------
-
-The Index supports both “Basic” and “Token” challenges. Usually when there is a “401 Unauthorized”, the Index replies this::
-
-    401 Unauthorized
-    WWW-Authenticate: Basic realm="auth required",Token
-
-You have 3 options:
-
-1. Provide user credentials and ask for a token
-
-    **Header**:
-        - Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
-        - X-Docker-Token: true
-
-    In this case, along with the 200 response, you’ll get a new token (if user auth is ok):
-    If authorization isn't correct you get a 401 response.
-    If account isn't active you will get a 403 response.
-
-    **Response**:
-        - 200 OK
-        - X-Docker-Token: Token signature=123abc,repository=”foo/bar”,access=read
-
-2. Provide user credentials only
-
-    **Header**:
-        Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
-
-3. Provide Token
-
-    **Header**:
-        Authorization: Token signature=123abc,repository=”foo/bar”,access=read
-
-6.2 On the Registry
-------------------
-
-The Registry only supports the Token challenge::
-
-    401 Unauthorized
-    WWW-Authenticate: Token
-
-The only way is to provide a token on “401 Unauthorized” responses::
-
-    Authorization: Token signature=123abc,repository=”foo/bar”,access=read
-
-Usually, the Registry provides a Cookie when a Token verification succeeded. Every time the Registry passes a Cookie, you have to pass it back the same cookie.::
-
-    200 OK
-    Set-Cookie: session="wD/J7LqL5ctqw8haL10vgfhrb2Q=?foo=UydiYXInCnAxCi4=&timestamp=RjEzNjYzMTQ5NDcuNDc0NjQzCi4="; Path=/; HttpOnly
-
-Next request::
-
-    GET /(...)
-    Cookie: session="wD/J7LqL5ctqw8haL10vgfhrb2Q=?foo=UydiYXInCnAxCi4=&timestamp=RjEzNjYzMTQ5NDcuNDc0NjQzCi4="
+TODO: add more info.
--- a/docs/sources/api/registry_index_spec.rst
+++ b/docs/sources/api/registry_index_spec.rst
@@ -0,0 +1,569 @@
+:title: Registry Documentation
+:description: Documentation for docker Registry and Registry API
+:keywords: docker, registry, api, index
+
+
+=====================
+Registry & index Spec
+=====================
+
+.. contents:: Table of Contents
+
+1. The 3 roles
+===============
+
+1.1 Index
+---------
+
+The Index is responsible for centralizing information about:
+- User accounts
+- Checksums of the images
+- Public namespaces
+
+The Index has different components:
+- Web UI
+- Meta-data store (comments, stars, list public repositories)
+- Authentication service
+- Tokenization
+
+The index is authoritative for those information.
+
+We expect that there will be only one instance of the index, run and managed by dotCloud.
+
+1.2 Registry
+------------
+- It stores the images and the graph for a set of repositories
+- It does not have user accounts data
+- It has no notion of user accounts or authorization
+- It delegates authentication and authorization to the Index Auth service using tokens
+- It supports different storage backends (S3, cloud files, local FS)
+- It doesn’t have a local database
+- It will be open-sourced at some point
+
+We expect that there will be multiple registries out there. To help to grasp the context, here are some examples of registries:
+
+- **sponsor registry**: such a registry is provided by a third-party hosting infrastructure as a convenience for their customers and the docker community as a whole. Its costs are supported by the third party, but the management and operation of the registry are supported by dotCloud. It features read/write access, and delegates authentication and authorization to the Index.
+- **mirror registry**: such a registry is provided by a third-party hosting infrastructure but is targeted at their customers only. Some mechanism (unspecified to date) ensures that public images are pulled from a sponsor registry to the mirror registry, to make sure that the customers of the third-party provider can “docker pull” those images locally.
+- **vendor registry**: such a registry is provided by a software vendor, who wants to distribute docker images. It would be operated and managed by the vendor. Only users authorized by the vendor would be able to get write access. Some images would be public (accessible for anyone), others private (accessible only for authorized users). Authentication and authorization would be delegated to the Index. The goal of vendor registries is to let someone do “docker pull basho/riak1.3” and automatically push from the vendor registry (instead of a sponsor registry); i.e. get all the convenience of a sponsor registry, while retaining control on the asset distribution.
+- **private registry**: such a registry is located behind a firewall, or protected by an additional security layer (HTTP authorization, SSL client-side certificates, IP address authorization...). The registry is operated by a private entity, outside of dotCloud’s control. It can optionally delegate additional authorization to the Index, but it is not mandatory.
+
+.. note::
+
+    Mirror registries and private registries which do not use the Index don’t even need to run the registry code. They can be implemented by any kind of transport implementing HTTP GET and PUT. Read-only registries can be powered by a simple static HTTP server.
+
+.. note::
+
+    The latter implies that while HTTP is the protocol of choice for a registry, multiple schemes are possible (and in some cases, trivial):
+        - HTTP with GET (and PUT for read-write registries);
+        - local mount point;
+        - remote docker addressed through SSH.
+
+The latter would only require two new commands in docker, e.g. “registryget” and “registryput”, wrapping access to the local filesystem (and optionally doing consistency checks). Authentication and authorization are then delegated to SSH (e.g. with public keys).
+
+1.3 Docker
+----------
+
+On top of being a runtime for LXC, Docker is the Registry client. It supports:
+- Push / Pull on the registry
+- Client authentication on the Index
+
+2. Workflow
+===========
+
+2.1 Pull
+--------
+
+.. image:: /static_files/docker_pull_chart.png
+
+1. Contact the Index to know where I should download “samalba/busybox”
+2. Index replies:
+   a. “samalba/busybox” is on Registry A
+   b. here are the checksums for “samalba/busybox” (for all layers)
+   c. token
+3. Contact Registry A to receive the layers for “samalba/busybox” (all of them to the base image). Registry A is authoritative for “samalba/busybox” but keeps a copy of all inherited layers and serve them all from the same location.
+4. registry contacts index to verify if token/user is allowed to download images
+5. Index returns true/false lettings registry know if it should proceed or error out
+6. Get the payload for all layers
+
+It’s possible to run docker pull \https://<registry>/repositories/samalba/busybox. In this case, docker bypasses the Index. However the security is not guaranteed (in case Registry A is corrupted) because there won’t be any checksum checks.
+
+Currently registry redirects to s3 urls for downloads, going forward all downloads need to be streamed through the registry. The Registry will then abstract the calls to S3 by a top-level class which implements sub-classes for S3 and local storage.
+
+Token is only returned when the 'X-Docker-Token' header is sent with request.
+
+Basic Auth is required to pull private repos. Basic auth isn't required for pulling public repos, but if one is provided, it needs to be valid and for an active account.
+
+API (pulling repository foo/bar):
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+1. (Docker -> Index) GET /v1/repositories/foo/bar/images
+    **Headers**:
+        Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
+        X-Docker-Token: true
+    **Action**:
+        (looking up the foo/bar in db and gets images and checksums for that repo (all if no tag is specified, if tag, only checksums for those tags) see part 4.4.1)
+
+2. (Index -> Docker) HTTP 200 OK
+
+    **Headers**:
+        - Authorization: Token signature=123abc,repository=”foo/bar”,access=write
+        - X-Docker-Endpoints: registry.docker.io [, registry2.docker.io]
+    **Body**:
+        Jsonified checksums (see part 4.4.1)
+
+3. (Docker -> Registry) GET /v1/repositories/foo/bar/tags/latest
+    **Headers**:
+        Authorization: Token signature=123abc,repository=”foo/bar”,access=write
+
+4. (Registry -> Index) GET /v1/repositories/foo/bar/images
+
+    **Headers**:
+        Authorization: Token signature=123abc,repository=”foo/bar”,access=read
+
+    **Body**:
+        <ids and checksums in payload>
+
+    **Action**:
+        ( Lookup token see if they have access to pull.)
+
+        If good:
+            HTTP 200 OK
+            Index will invalidate the token
+        If bad:
+            HTTP 401 Unauthorized
+
+5. (Docker -> Registry) GET /v1/images/928374982374/ancestry
+    **Action**:
+        (for each image id returned in the registry, fetch /json + /layer)
+
+.. note::
+
+    If someone makes a second request, then we will always give a new token, never reuse tokens.
+
+2.2 Push
+--------
+
+.. image:: /static_files/docker_push_chart.png
+
+1. Contact the index to allocate the repository name “samalba/busybox” (authentication required with user credentials)
+2. If authentication works and namespace available, “samalba/busybox” is allocated and a temporary token is returned (namespace is marked as initialized in index)
+3. Push the image on the registry (along with the token)
+4. Registry A contacts the Index to verify the token (token must corresponds to the repository name)
+5. Index validates the token. Registry A starts reading the stream pushed by docker and store the repository (with its images)
+6. docker contacts the index to give checksums for upload images
+
+.. note::
+
+    **It’s possible not to use the Index at all!** In this case, a deployed version of the Registry is deployed to store and serve images. Those images are not authentified and the security is not guaranteed.
+
+.. note::
+
+    **Index can be replaced!** For a private Registry deployed, a custom Index can be used to serve and validate token according to different policies.
+
+Docker computes the checksums and submit them to the Index at the end of the push. When a repository name does not have checksums on the Index, it means that the push is in progress (since checksums are submitted at the end).
+
+API (pushing repos foo/bar):
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+1. (Docker -> Index) PUT /v1/repositories/foo/bar/
+    **Headers**:
+        Authorization: Basic sdkjfskdjfhsdkjfh==
+        X-Docker-Token: true
+
+    **Action**::
+        - in index, we allocated a new repository, and set to initialized
+
+    **Body**::
+        (The body contains the list of images that are going to be pushed, with empty checksums. The checksums will be set at the end of the push)::
+
+        [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”}]
+
+2. (Index -> Docker) 200 Created
+    **Headers**:
+        - WWW-Authenticate: Token signature=123abc,repository=”foo/bar”,access=write
+        - X-Docker-Endpoints: registry.docker.io [, registry2.docker.io]
+
+3. (Docker -> Registry) PUT /v1/images/98765432_parent/json
+    **Headers**:
+        Authorization: Token signature=123abc,repository=”foo/bar”,access=write
+
+4. (Registry->Index) GET /v1/repositories/foo/bar/images
+    **Headers**:
+        Authorization: Token signature=123abc,repository=”foo/bar”,access=write
+    **Action**::
+        - Index:
+            will invalidate the token.
+        - Registry:
+            grants a session (if token is approved) and fetches the images id
+
+5. (Docker -> Registry) PUT /v1/images/98765432_parent/json
+    **Headers**::
+        - Authorization: Token signature=123abc,repository=”foo/bar”,access=write
+        - Cookie: (Cookie provided by the Registry)
+
+6. (Docker -> Registry) PUT /v1/images/98765432/json
+    **Headers**:
+        Cookie: (Cookie provided by the Registry)
+
+7. (Docker -> Registry) PUT /v1/images/98765432_parent/layer
+    **Headers**:
+        Cookie: (Cookie provided by the Registry)
+
+8. (Docker -> Registry) PUT /v1/images/98765432/layer
+    **Headers**:
+        X-Docker-Checksum: sha256:436745873465fdjkhdfjkgh
+
+9. (Docker -> Registry) PUT /v1/repositories/foo/bar/tags/latest
+    **Headers**:
+        Cookie: (Cookie provided by the Registry)
+    **Body**:
+        “98765432”
+
+10. (Docker -> Index) PUT /v1/repositories/foo/bar/images
+
+    **Headers**:
+        Authorization: Basic 123oislifjsldfj==
+        X-Docker-Endpoints: registry1.docker.io (no validation on this right now)
+
+    **Body**:
+        (The image, id’s, tags and checksums)
+
+        [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”,
+        “checksum”: “b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”}]
+
+    **Return** HTTP 204
+
+.. note::
+
+     If push fails and they need to start again, what happens in the index, there will already be a record for the namespace/name, but it will be initialized. Should we allow it, or mark as name already used? One edge case could be if someone pushes the same thing at the same time with two different shells.
+
+     If it's a retry on the Registry, Docker has a cookie (provided by the registry after token validation). So the Index won’t have to provide a new token.
+
+2.3 Delete
+----------
+
+If you need to delete something from the index or registry, we need a nice clean way to do that. Here is the workflow.
+
+1. Docker contacts the index to request a delete of a repository “samalba/busybox” (authentication required with user credentials)
+2. If authentication works and repository is valid, “samalba/busybox” is marked as deleted and a temporary token is returned
+3. Send a delete request to the registry for the repository (along with the token)
+4. Registry A contacts the Index to verify the token (token must corresponds to the repository name)
+5. Index validates the token. Registry A deletes the repository and everything associated to it.
+6. docker contacts the index to let it know it was removed from the registry, the index removes all records from the database.
+
+.. note::
+
+    The Docker client should present an "Are you sure?" prompt to confirm the deletion before starting the process. Once it starts it can't be undone.
+
+API (deleting repository foo/bar):
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+1. (Docker -> Index) DELETE /v1/repositories/foo/bar/
+    **Headers**:
+        Authorization: Basic sdkjfskdjfhsdkjfh==
+        X-Docker-Token: true
+
+    **Action**::
+        - in index, we make sure it is a valid repository, and set to deleted (logically)
+
+    **Body**::
+        Empty
+
+2. (Index -> Docker) 202 Accepted
+    **Headers**:
+        - WWW-Authenticate: Token signature=123abc,repository=”foo/bar”,access=delete
+        - X-Docker-Endpoints: registry.docker.io [, registry2.docker.io]   # list of endpoints where this repo lives.
+
+3. (Docker -> Registry) DELETE /v1/repositories/foo/bar/
+    **Headers**:
+        Authorization: Token signature=123abc,repository=”foo/bar”,access=delete
+
+4. (Registry->Index) PUT /v1/repositories/foo/bar/auth
+    **Headers**:
+        Authorization: Token signature=123abc,repository=”foo/bar”,access=delete
+    **Action**::
+        - Index:
+            will invalidate the token.
+        - Registry:
+            deletes the repository (if token is approved)
+
+5. (Registry -> Docker) 200 OK
+        200 If success 
+        403 if forbidden
+        400 if bad request
+        404 if repository isn't found
+
+6. (Docker -> Index) DELETE /v1/repositories/foo/bar/
+
+    **Headers**:
+        Authorization: Basic 123oislifjsldfj==
+        X-Docker-Endpoints: registry-1.docker.io (no validation on this right now)
+
+    **Body**:
+        Empty
+
+    **Return** HTTP 200
+
+
+3. How to use the Registry in standalone mode
+=============================================
+
+The Index has two main purposes (along with its fancy social features):
+
+- Resolve short names (to avoid passing absolute URLs all the time)
+   - username/projectname -> \https://registry.docker.io/users/<username>/repositories/<projectname>/
+   - team/projectname -> \https://registry.docker.io/team/<team>/repositories/<projectname>/
+- Authenticate a user as a repos owner (for a central referenced repository)
+
+3.1 Without an Index
+--------------------
+Using the Registry without the Index can be useful to store the images on a private network without having to rely on an external entity controlled by dotCloud.
+
+In this case, the registry will be launched in a special mode (--standalone? --no-index?). In this mode, the only thing which changes is that Registry will never contact the Index to verify a token. It will be the Registry owner responsibility to authenticate the user who pushes (or even pulls) an image using any mechanism (HTTP auth, IP based, etc...).
+
+In this scenario, the Registry is responsible for the security in case of data corruption since the checksums are not delivered by a trusted entity.
+
+As hinted previously, a standalone registry can also be implemented by any HTTP server handling GET/PUT requests (or even only GET requests if no write access is necessary).
+
+3.2 With an Index
+-----------------
+
+The Index data needed by the Registry are simple:
+- Serve the checksums
+- Provide and authorize a Token
+
+In the scenario of a Registry running on a private network with the need of centralizing and authorizing, it’s easy to use a custom Index.
+
+The only challenge will be to tell Docker to contact (and trust) this custom Index. Docker will be configurable at some point to use a specific Index, it’ll be the private entity responsibility (basically the organization who uses Docker in a private environment) to maintain the Index and the Docker’s configuration among its consumers.
+
+4. The API
+==========
+
+The first version of the api is available here: https://github.com/jpetazzo/docker/blob/acd51ecea8f5d3c02b00a08176171c59442df8b3/docs/images-repositories-push-pull.md
+
+4.1 Images
+----------
+
+The format returned in the images is not defined here (for layer and json), basically because Registry stores exactly the same kind of information as Docker uses to manage them.
+
+The format of ancestry is a line-separated list of image ids, in age order. I.e. the image’s parent is on the last line, the parent of the parent on the next-to-last line, etc.; if the image has no parent, the file is empty.
+
+GET /v1/images/<image_id>/layer
+PUT /v1/images/<image_id>/layer
+GET /v1/images/<image_id>/json
+PUT /v1/images/<image_id>/json
+GET /v1/images/<image_id>/ancestry
+PUT /v1/images/<image_id>/ancestry
+
+4.2 Users
+---------
+
+4.2.1 Create a user (Index)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+POST /v1/users
+
+**Body**:
+    {"email": "sam@dotcloud.com", "password": "toto42", "username": "foobar"'}
+
+**Validation**:
+    - **username** : min 4 character, max 30 characters, must match the regular expression [a-z0-9_].
+    - **password**: min 5 characters
+
+**Valid**: return HTTP 200
+
+Errors: HTTP 400 (we should create error codes for possible errors)
+- invalid json
+- missing field
+- wrong format (username, password, email, etc)
+- forbidden name
+- name already exists
+
+.. note::
+
+    A user account will be valid only if the email has been validated (a validation link is sent to the email address).
+
+4.2.2 Update a user (Index)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+PUT /v1/users/<username>
+
+**Body**:
+    {"password": "toto"}
+
+.. note::
+
+    We can also update email address, if they do, they will need to reverify their new email address.
+
+4.2.3 Login (Index)
+^^^^^^^^^^^^^^^^^^^
+Does nothing else but asking for a user authentication. Can be used to validate credentials. HTTP Basic Auth for now, maybe change in future.
+
+GET /v1/users
+
+**Return**:
+    - Valid: HTTP 200
+    - Invalid login: HTTP 401
+    - Account inactive: HTTP 403 Account is not Active
+
+4.3 Tags (Registry)
+-------------------
+
+The Registry does not know anything about users. Even though repositories are under usernames, it’s just a namespace for the registry. Allowing us to implement organizations or different namespaces per user later, without modifying the Registry’s API.
+
+The following naming restrictions apply:
+
+- Namespaces must match the same regular expression as usernames (See 4.2.1.)
+- Repository names must match the regular expression [a-zA-Z0-9-_.]
+
+4.3.1 Get all tags
+^^^^^^^^^^^^^^^^^^
+
+GET /v1/repositories/<namespace>/<repository_name>/tags
+
+**Return**: HTTP 200
+    {
+    "latest": "9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f",
+    “0.1.1”:  “b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”
+    }
+
+4.3.2 Read the content of a tag (resolve the image id)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+GET /v1/repositories/<namespace>/<repo_name>/tags/<tag>
+
+**Return**:
+    "9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f"
+
+4.3.3 Delete a tag (registry)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+DELETE /v1/repositories/<namespace>/<repo_name>/tags/<tag>
+
+4.4 Images (Index)
+------------------
+
+For the Index to “resolve” the repository name to a Registry location, it uses the X-Docker-Endpoints header. In other terms, this requests always add a “X-Docker-Endpoints” to indicate the location of the registry which hosts this repository.
+
+4.4.1 Get the images
+^^^^^^^^^^^^^^^^^^^^^
+
+GET /v1/repositories/<namespace>/<repo_name>/images
+
+**Return**: HTTP 200
+    [{“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”, “checksum”: “md5:b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”}]
+
+
+4.4.2 Add/update the images
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+You always add images, you never remove them.
+
+PUT /v1/repositories/<namespace>/<repo_name>/images
+
+**Body**:
+    [ {“id”: “9e89cc6f0bc3c38722009fe6857087b486531f9a779a0c17e3ed29dae8f12c4f”, “checksum”: “sha256:b486531f9a779a0c17e3ed29dae8f12c4f9e89cc6f0bc3c38722009fe6857087”} ]
+
+**Return** 204
+
+4.5 Repositories
+----------------
+
+4.5.1 Remove a Repository (Registry)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+DELETE /v1/repositories/<namespace>/<repo_name>
+
+Return 200 OK
+
+4.5.2 Remove a Repository (Index)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+This starts the delete process. see 2.3 for more details.
+
+DELETE /v1/repositories/<namespace>/<repo_name>
+
+Return 202 OK
+
+5. Chaining Registries
+======================
+
+It’s possible to chain Registries server for several reasons:
+- Load balancing
+- Delegate the next request to another server
+
+When a Registry is a reference for a repository, it should host the entire images chain in order to avoid breaking the chain during the download.
+
+The Index and Registry use this mechanism to redirect on one or the other.
+
+Example with an image download:
+On every request, a special header can be returned:
+
+X-Docker-Endpoints: server1,server2
+
+On the next request, the client will always pick a server from this list.
+
+6. Authentication & Authorization
+=================================
+
+6.1 On the Index
+-----------------
+
+The Index supports both “Basic” and “Token” challenges. Usually when there is a “401 Unauthorized”, the Index replies this::
+
+    401 Unauthorized
+    WWW-Authenticate: Basic realm="auth required",Token
+
+You have 3 options:
+
+1. Provide user credentials and ask for a token
+
+    **Header**:
+        - Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
+        - X-Docker-Token: true
+
+    In this case, along with the 200 response, you’ll get a new token (if user auth is ok):
+    If authorization isn't correct you get a 401 response.
+    If account isn't active you will get a 403 response.
+
+    **Response**:
+        - 200 OK
+        - X-Docker-Token: Token signature=123abc,repository=”foo/bar”,access=read
+
+2. Provide user credentials only
+
+    **Header**:
+        Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
+
+3. Provide Token
+
+    **Header**:
+        Authorization: Token signature=123abc,repository=”foo/bar”,access=read
+
+6.2 On the Registry
+-------------------
+
+The Registry only supports the Token challenge::
+
+    401 Unauthorized
+    WWW-Authenticate: Token
+
+The only way is to provide a token on “401 Unauthorized” responses::
+
+    Authorization: Token signature=123abc,repository=”foo/bar”,access=read
+
+Usually, the Registry provides a Cookie when a Token verification succeeded. Every time the Registry passes a Cookie, you have to pass it back the same cookie.::
+
+    200 OK
+    Set-Cookie: session="wD/J7LqL5ctqw8haL10vgfhrb2Q=?foo=UydiYXInCnAxCi4=&timestamp=RjEzNjYzMTQ5NDcuNDc0NjQzCi4="; Path=/; HttpOnly
+
+Next request::
+
+    GET /(...)
+    Cookie: session="wD/J7LqL5ctqw8haL10vgfhrb2Q=?foo=UydiYXInCnAxCi4=&timestamp=RjEzNjYzMTQ5NDcuNDc0NjQzCi4="
+
+
+7.0 Document Version
+---------------------
+
+- 1.0 : May 6th 2013 : initial release 
+- 1.1 : June 1st 2013 : Added Delete Repository and way to handle new source namespace.
--- a/docs/sources/commandline/cli.rst
+++ b/docs/sources/commandline/cli.rst
@@ -15,7 +15,7 @@ To list available commands, either run ``docker`` with no parameters or execute

  $ docker
    Usage: docker [OPTIONS] COMMAND [arg...]
-      -H="127.0.0.1:4243": Host:port to bind/connect to
+      -H=[tcp://127.0.0.1:4243]: tcp://host:port to bind/connect to or unix://path/to/socket to use

    A self-sufficient runtime for linux containers.

--- a/docs/sources/commandline/command/build.rst
+++ b/docs/sources/commandline/command/build.rst
@@ -19,10 +19,15 @@ Examples

    docker build .

-This will take the local Dockerfile
+| This will read the Dockerfile from the current directory. It will also send any other files and directories found in the current directory to the docker daemon.
+| The contents of this directory would be used by ADD commands found within the Dockerfile.
+| This will send a lot of data to the docker daemon if the current directory contains a lot of data.
+| If the absolute path is provided instead of '.', only the files and directories required by the ADD commands from the Dockerfile will be added to the context and transferred to the docker daemon.
+|

 .. code-block:: bash

    docker build -

-This will read a Dockerfile form Stdin without context
+| This will read a Dockerfile from Stdin without context. Due to the lack of a context, no contents of any local directory will be sent to the docker daemon.
+| ADD doesn't work when running in this mode due to the absence of the context, thus having no source files to copy to the container.
--- a/docs/sources/commandline/command/import.rst
+++ b/docs/sources/commandline/command/import.rst
@@ -8,6 +8,33 @@

 ::

-    Usage: docker import [OPTIONS] URL|- [REPOSITORY [TAG]]
+    Usage: docker import URL|- [REPOSITORY [TAG]]

    Create a new filesystem image from the contents of a tarball
+
+At this time, the URL must start with ``http`` and point to a single file archive (.tar, .tar.gz, .bzip) 
+containing a root filesystem. If you would like to import from a local directory or archive, 
+you can use the ``-`` parameter to take the data from standard in.
+
+Examples
+--------
+
+Import from a remote location
+.............................
+
+``$ docker import http://example.com/exampleimage.tgz exampleimagerepo``
+
+Import from a local file
+........................
+
+Import to docker via pipe and standard in
+
+``$ cat exampleimage.tgz | docker import - exampleimagelocal``
+  
+Import from a local directory
+.............................
+
+``$ sudo tar -c . | docker import - exampleimagedir``
+
+Note the ``sudo`` in this example -- you must preserve the ownership of the files (especially root ownership)
+during the archiving with tar. If you are not root (or sudo) when you tar, then the ownerships might not get preserved.
--- a/docs/sources/concepts/containers.rst
+++ b/docs/sources/concepts/containers.rst
@@ -1,8 +0,0 @@
-:title: Introduction
-:description: An introduction to docker and standard containers?
-:keywords: containers, lxc, concepts, explanation, docker, documentation
-
-
-:note: This version of the introduction is temporary, just to make sure we don't break the links from the website when the documentation is updated
-
-This document has been moved to  :ref:`introduction`, please update your bookmarks.
--- a/docs/sources/concepts/introduction.rst
+++ b/docs/sources/concepts/introduction.rst
@@ -1,125 +0,0 @@
-:title: Introduction
-:description: An introduction to docker and standard containers?
-:keywords: containers, lxc, concepts, explanation
-
-Introduction
-============
-
-Docker -- The Linux container runtime
-------------------------------------
-
-Docker complements LXC with a high-level API which operates at the process level. It runs unix processes with strong guarantees of isolation and repeatability across servers.
-
-Docker is a great building block for automating distributed systems: large-scale web deployments, database clusters, continuous deployment systems, private PaaS, service-oriented architectures, etc.
-
-
- **Heterogeneous payloads** Any combination of binaries, libraries, configuration files, scripts, virtualenvs, jars, gems, tarballs, you name it. No more juggling between domain-specific tools. Docker can deploy and run them all.
- **Any server** Docker can run on any x64 machine with a modern linux kernel - whether it's a laptop, a bare metal server or a VM. This makes it perfect for multi-cloud deployments.
- **Isolation** docker isolates processes from each other and from the underlying host, using lightweight containers.
- **Repeatability** Because containers are isolated in their own filesystem, they behave the same regardless of where, when, and alongside what they run.
-
-.. image:: images/lego_docker.jpg
-
-
-What is a Standard Container?
-----------------------------
-
-Docker defines a unit of software delivery called a Standard Container. The goal of a Standard Container is to encapsulate a software component and all its dependencies in
-a format that is self-describing and portable, so that any compliant runtime can run it without extra dependency, regardless of the underlying machine and the contents of the container.
-
-The spec for Standard Containers is currently work in progress, but it is very straightforward. It mostly defines 1) an image format, 2) a set of standard operations, and 3) an execution environment.
-
-A great analogy for this is the shipping container. Just like Standard Containers are a fundamental unit of software delivery, shipping containers (http://bricks.argz.com/ins/7823-1/12) are a fundamental unit of physical delivery.
-
-Standard operations
-~~~~~~~~~~~~~~~~~~~
-
-Just like shipping containers, Standard Containers define a set of STANDARD OPERATIONS. Shipping containers can be lifted, stacked, locked, loaded, unloaded and labelled. Similarly, standard containers can be started, stopped, copied, snapshotted, downloaded, uploaded and tagged.
-
-
-Content-agnostic
-~~~~~~~~~~~~~~~~~~~
-
-Just like shipping containers, Standard Containers are CONTENT-AGNOSTIC: all standard operations have the same effect regardless of the contents. A shipping container will be stacked in exactly the same way whether it contains Vietnamese powder coffee or spare Maserati parts. Similarly, Standard Containers are started or uploaded in the same way whether they contain a postgres database, a php application with its dependencies and application server, or Java build artifacts.
-
-
-Infrastructure-agnostic
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Both types of containers are INFRASTRUCTURE-AGNOSTIC: they can be transported to thousands of facilities around the world, and manipulated by a wide variety of equipment. A shipping container can be packed in a factory in Ukraine, transported by truck to the nearest routing center, stacked onto a train, loaded into a German boat by an Australian-built crane, stored in a warehouse at a US facility, etc. Similarly, a standard container can be bundled on my laptop, uploaded to S3, downloaded, run and snapshotted by a build server at Equinix in Virginia, uploaded to 10 staging servers in a home-made Openstack cluster, then sent to 30 production instances across 3 EC2 regions.
-
-
-Designed for automation
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Because they offer the same standard operations regardless of content and infrastructure, Standard Containers, just like their physical counterpart, are extremely well-suited for automation. In fact, you could say automation is their secret weapon.
-
-Many things that once required time-consuming and error-prone human effort can now be programmed. Before shipping containers, a bag of powder coffee was hauled, dragged, dropped, rolled and stacked by 10 different people in 10 different locations by the time it reached its destination. 1 out of 50 disappeared. 1 out of 20 was damaged. The process was slow, inefficient and cost a fortune - and was entirely different depending on the facility and the type of goods.
-
-Similarly, before Standard Containers, by the time a software component ran in production, it had been individually built, configured, bundled, documented, patched, vendored, templated, tweaked and instrumented by 10 different people on 10 different computers. Builds failed, libraries conflicted, mirrors crashed, post-it notes were lost, logs were misplaced, cluster updates were half-broken. The process was slow, inefficient and cost a fortune - and was entirely different depending on the language and infrastructure provider.
-
-
-Industrial-grade delivery
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-There are 17 million shipping containers in existence, packed with every physical good imaginable. Every single one of them can be loaded on the same boats, by the same cranes, in the same facilities, and sent anywhere in the World with incredible efficiency. It is embarrassing to think that a 30 ton shipment of coffee can safely travel half-way across the World in *less time* than it takes a software team to deliver its code from one datacenter to another sitting 10 miles away.
-
-With Standard Containers we can put an end to that embarrassment, by making INDUSTRIAL-GRADE DELIVERY of software a reality.
-
-
-Standard Container Specification
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-(TODO)
-
-Image format
-~~~~~~~~~~~~
-
-Standard operations
-~~~~~~~~~~~~~~~~~~~
-
-  Copy
-  Run
-  Stop
-  Wait
-  Commit
-  Attach standard streams
-  List filesystem changes
-  ...
-
-Execution environment
-~~~~~~~~~~~~~~~~~~~~~
-
-Root filesystem
-^^^^^^^^^^^^^^^
-
-Environment variables
-^^^^^^^^^^^^^^^^^^^^^
-
-Process arguments
-^^^^^^^^^^^^^^^^^
-
-Networking
-^^^^^^^^^^
-
-Process namespacing
-^^^^^^^^^^^^^^^^^^^
-
-Resource limits
-^^^^^^^^^^^^^^^
-
-Process monitoring
-^^^^^^^^^^^^^^^^^^
-
-Logging
-^^^^^^^
-
-Signals
-^^^^^^^
-
-Pseudo-terminal allocation
-^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Security
-^^^^^^^^
-
--- a/docs/sources/conf.py
+++ b/docs/sources/conf.py
@@ -20,6 +20,20 @@ import sys, os

 # -- General configuration -----------------------------------------------------

+
+
+# Additional templates that should be rendered to pages, maps page names to
+# template names.
+# the 'redirect_home.html' page redirects using a http meta refresh which, according
+# to official sources is more or less equivalent of a 301.
+
+html_additional_pages = {
+    'concepts/containers': 'redirect_home.html',
+    'concepts/introduction': 'redirect_home.html',
+    }
+
+
+
 # If your documentation needs a minimal Sphinx version, state it here.
 #needs_sphinx = '1.0'

@@ -120,7 +134,11 @@ html_theme_path = ['../theme']
 # The name of an image file (within the static path) to use as favicon of the
 # docs.  This file should be a Windows icon file (.ico) being 16x16 or 32x32
 # pixels large.
-#html_favicon = None
+
+# We use a png favicon. This is not compatible with internet explorer, but looks
+# much better on all other browsers. However, sphynx doesn't like it (it likes
+# .ico better) so we have just put it in the template rather than used this setting
+# html_favicon = 'favicon.png'

 # Add any paths that contain custom static files (such as style sheets) here,
 # relative to this directory. They are copied after the builtin static files,
@@ -138,10 +156,6 @@ html_static_path = ['static_files']
 # Custom sidebar templates, maps document names to template names.
 #html_sidebars = {}

-# Additional templates that should be rendered to pages, maps page names to
-# template names.
-#html_additional_pages = {}
-
 # If false, no module index is generated.
 #html_domain_indices = True

--- a/docs/sources/contributing/contributing.rst
+++ b/docs/sources/contributing/contributing.rst
@@ -5,5 +5,5 @@
 Contributing to Docker
 ======================

-Want to hack on Docker? Awesome! The repository includes `all the instructions you need to get started <https://github.com/dotcloud/docker/blob/master/CONTRIBUTING.md>`.
+Want to hack on Docker? Awesome! The repository includes `all the instructions you need to get started <https://github.com/dotcloud/docker/blob/master/CONTRIBUTING.md>`_.

--- a/docs/sources/contributing/devenvironment.rst
+++ b/docs/sources/contributing/devenvironment.rst
@@ -5,11 +5,35 @@
 Setting Up a Dev Environment
 ============================

-Instructions that have been verified to work on Ubuntu 12.10,
+Instructions that have been verified to work on Ubuntu Precise 12.04 (LTS) (64-bit),
+
+
+Dependencies
+------------
+
+**Linux kernel 3.8**
+
+Due to a bug in LXC docker works best on the 3.8 kernel. Precise comes with a 3.2 kernel, so we need to upgrade it. The kernel we install comes with AUFS built in.
+

 .. code-block:: bash

-    sudo apt-get -y install lxc wget bsdtar curl golang git
+   # install the backported kernel
+   sudo apt-get update && sudo apt-get install linux-image-generic-lts-raring
+
+   # reboot
+   sudo reboot
+
+
+Installation
+------------
+
+.. code-block:: bash
+		
+    sudo apt-get install python-software-properties
+    sudo add-apt-repository ppa:gophers/go
+    sudo apt-get update
+    sudo apt-get -y install lxc xz-utils curl golang-stable git aufs-tools

    export GOPATH=~/go/
    export PATH=$GOPATH/bin:$PATH
--- a/docs/sources/examples/running_redis_service.rst
+++ b/docs/sources/examples/running_redis_service.rst
@@ -72,7 +72,7 @@ Connect to the host os with the redis-cli.

    docker ps  # grab the new container id
    docker port <container_id> 6379  # grab the external port
-    ifconfig   # grab the host ip address
+    ip addr show   # grab the host ip address
    redis-cli -h <host ipaddress> -p <external port>
    redis 192.168.0.1:49153> set docker awesome
    OK
--- a/docs/sources/examples/running_ssh_service.rst
+++ b/docs/sources/examples/running_ssh_service.rst
@@ -59,6 +59,7 @@ The password is 'screencast'
 	 # it has now given us a port to connect to
 	 # we have to connect using a public ip of our host
 	 $ hostname
+	 # *ifconfig* is deprecated, better use *ip addr show* now
 	 $ ifconfig
 	 $ ssh root@192.168.33.10 -p 49153
 	 # Ah! forgot to set root passwd
@@ -70,6 +71,7 @@ The password is 'screencast'
 	 $ docker commit 9e863f0ca0af31c8b951048ba87641d67c382d08d655c2e4879c51410e0fedc1 dhrp/sshd
 	 $ docker run -d -p 22 dhrp/sshd /usr/sbin/sshd -D
 	 $ docker port a0aaa9558c90cf5c7782648df904a82365ebacce523e4acc085ac1213bfe2206 22
+	 # *ifconfig* is deprecated, better use *ip addr show* now
 	 $ ifconfig
 	 $ ssh root@192.168.33.10 -p 49154
 	 # Thanks for watching, Thatcher thatcher@dotcloud.com
--- a/docs/sources/faq.rst
+++ b/docs/sources/faq.rst
@@ -19,7 +19,8 @@ Most frequently asked questions.

 3. **Does Docker run on Mac OS X or Windows?**

-   Not at this time, Docker currently only runs on Linux, but you can use VirtualBox to run Docker in a virtual machine on your box, and get the best of both worlds. Check out the MacOSX_ and Windows_ installation guides.
+   Not at this time, Docker currently only runs on Linux, but you can use VirtualBox to run Docker in a
+   virtual machine on your box, and get the best of both worlds. Check out the :ref:`install_using_vagrant` and :ref:`windows` installation guides.

 4. **How do containers compare to virtual machines?**

@@ -34,15 +35,16 @@ Most frequently asked questions.

    You can find more answers on:

-    * `IRC: docker on freenode`_
+    * `Docker club mailinglist`_
+    * `IRC, docker on freenode`_
    * `Github`_
    * `Ask questions on Stackoverflow`_
    * `Join the conversation on Twitter`_

-    .. _Windows: ../installation/windows/
-    .. _MacOSX: ../installation/vagrant/
+
+    .. _Docker club mailinglist: https://groups.google.com/d/forum/docker-club
    .. _the repo: http://www.github.com/dotcloud/docker
-    .. _IRC\: docker on freenode: irc://chat.freenode.net#docker
+    .. _IRC, docker on freenode: irc://chat.freenode.net#docker
    .. _Github: http://www.github.com/dotcloud/docker
    .. _Ask questions on Stackoverflow: http://stackoverflow.com/search?q=docker
    .. _Join the conversation on Twitter: http://twitter.com/getdocker
--- a/docs/sources/index/variable.rst
+++ b/docs/sources/index/variable.rst
@@ -1,27 +0,0 @@
-:title: Index Environment Variable
-:description: Setting this environment variable on the docker server will change the URL docker index.
-:keywords: docker, index environment variable, documentation 
-
-=================================
-Docker Index Environment Variable
-=================================
-
-Variable
--------
-
-.. code-block:: sh
-
-    DOCKER_INDEX_URL
-
-Setting this environment variable on the docker server will change the URL docker index.
-This address is used in commands such as ``docker login``, ``docker push`` and ``docker pull``.
-The docker daemon doesn't need to be restarted for this parameter to take effect.
-
-Example
-------
-
-.. code-block:: sh
-
-    docker -d &
-    export DOCKER_INDEX_URL="https://index.docker.io"
-
--- a/docs/sources/installation/binaries.rst
+++ b/docs/sources/installation/binaries.rst
@@ -30,8 +30,7 @@ Dependencies:
 * 3.8 Kernel (read more about :ref:`kernel`)
 * AUFS filesystem support
 * lxc
-* bsdtar
-
+* xz-utils

 Get the docker binary:
 ----------------------
--- a/docs/sources/installation/ubuntulinux.rst
+++ b/docs/sources/installation/ubuntulinux.rst
@@ -92,6 +92,16 @@ have AUFS filesystem support enabled, so we need to install it.
   sudo apt-get update
   sudo apt-get install linux-image-extra-`uname -r`

+**add-apt-repository support**
+
+Some installations of Ubuntu 13.04 require ``software-properties-common`` to be
+installed before being able to use add-apt-repository.
+
+.. code-block:: bash
+
+  sudo apt-get install software-properties-common
+
+
 Installation
 ------------

--- a/docs/sources/installation/windows.rst
+++ b/docs/sources/installation/windows.rst
@@ -2,6 +2,7 @@
 :description: Docker's tutorial to run docker on Windows
 :keywords: Docker, Docker documentation, Windows, requirements, virtualbox, vagrant, git, ssh, putty, cygwin

+.. _windows:

 Using Vagrant (Windows)
 =======================
--- a/docs/sources/use/basics.rst
+++ b/docs/sources/use/basics.rst
@@ -33,11 +33,20 @@ Running an interactive shell
  # allocate a tty, attach stdin and stdout
  docker run -i -t base /bin/bash

-Bind Docker to another host/port
--------------------------------
+Bind Docker to another host/port or a unix socket
+-------------------------------------------------

-If you want Docker to listen to another port and bind to another ip
-use -host and -port on both deamon and client
+With -H it is possible to make the Docker daemon to listen on a specific ip and port. By default, it will listen on 127.0.0.1:4243 to allow only local connections but you can set it to 0.0.0.0:4243 or a specific host ip to give access to everybody.
+
+Similarly, the Docker client can use -H to connect to a custom port.
+
+-H accepts host and port assignment in the following format: tcp://[host][:port] or unix://path
+For example:
+
+* tcp://host -> tcp connection on host:4243
+* tcp://host:port -> tcp connection on host:port
+* tcp://:port -> tcp connection on 127.0.0.1:port
+* unix://path/to/socket -> unix socket located at path/to/socket

 .. code-block:: bash

@@ -46,6 +55,17 @@ use -host and -port on both deamon and client
   # Download a base image
   docker -H :5555 pull base

+You can use multiple -H, for example, if you want to listen
+on both tcp and a unix socket
+
+.. code-block:: bash
+
+   # Run docker in daemon mode
+   sudo <path to>/docker -H tcp://127.0.0.1:4243 -H unix:///var/run/docker.sock
+   # Download a base image
+   docker pull base
+   # OR
+   docker -H unix:///var/run/docker.sock pull base

 Starting a long-running worker process
 --------------------------------------
@@ -82,7 +102,8 @@ Expose a service on a TCP port

  # Connect to the public port via the host's public address
  # Please note that because of how routing works connecting to localhost or 127.0.0.1 $PORT will not work.
-  IP=$(ifconfig eth0 | perl -n -e 'if (m/inet addr:([\d\.]+)/g) { print $1 }')
+  # Replace *eth0* according to your local interface name.
+  IP=$(ip -o -4 addr list eth0 | perl -n -e 'if (m{inet\s([\d\.]+)\/\d+\s}xms) { print $1 }')
  echo hello world | nc $IP $PORT

  # Verify that the network connection worked
--- a/docs/sources/use/builder.rst
+++ b/docs/sources/use/builder.rst
@@ -15,10 +15,18 @@ steps and commit them along the way, giving you a final image.
 1. Usage
 ========

-To use Docker Builder, assemble the steps into a text file (commonly referred to
-as a Dockerfile) and supply this to `docker build` on STDIN, like so:
+To build an image from a source repository, create a description file called `Dockerfile`
+at the root of your repository. This file will describe the steps to assemble
+the image.

-    ``docker build < Dockerfile``
+Then call `docker build` with the path of your source repository as argument:
+
+    ``docker build .``
+
+You can specify a repository and tag at which to save the new image if the
+build succeeds:
+
+    ``docker build -t shykes/myapp .``

 Docker will run your steps one-by-one, committing the result if necessary, 
 before finally outputting the ID of your new image.
@@ -130,9 +138,32 @@ curl was installed within the image.

    ``ADD <src> <dest>``

-The `ADD` instruction will insert the files from the `<src>` path of the context into `<dest>` path 
-of the container.
-The context must be set in order to use this instruction. (see examples)
+The `ADD` instruction will copy new files from <src> and add them to the container's filesystem at path `<dest>`.
+
+`<src>` must be the path to a file or directory relative to the source directory being built (also called the
+context of the build).
+
+`<dest>` is the path at which the source will be copied in the destination container.
+
+The copy obeys the following rules:
+
+If `<src>` is a directory, the entire directory is copied, including filesystem metadata.
+
+If `<src>` is a tar archive in a recognized compression format (identity, gzip, bzip2 or xz), it
+is unpacked as a directory.
+
+When a directory is copied or unpacked, it has the same behavior as 'tar -x': the result is the union of
+a) whatever existed at the destination path and b) the contents of the source tree, with conflicts resolved
+in favor of b on a file-by-file basis.
+
+If `<src>` is any other kind of file, it is copied individually along with its metadata. In this case,
+if `<dst>` ends with a trailing slash '/', it will be considered a directory and the contents of `<src>`
+will be written at `<dst>/base(<src>)`.
+If `<dst>` does not end with a trailing slash, it will be considered a regular file and the contents
+of `<src>` will be written at `<dst>`.
+
+If `<dest>` doesn't exist, it is created along with all missing directories in its path. All new
+files and directories are created with mode 0700, uid and gid 0.

 3. Dockerfile Examples
 ======================
--- a/docs/sources/use/index.rst
+++ b/docs/sources/use/index.rst
@@ -14,6 +14,7 @@ Contents:

   basics
   workingwithrepository
+   port_redirection
   builder
   puppet

--- a/docs/sources/use/port_redirection.rst
+++ b/docs/sources/use/port_redirection.rst
@@ -0,0 +1,25 @@
+:title: Port redirection
+:description: usage about port redirection
+:keywords: Usage, basic port, docker, documentation, examples
+
+
+Port redirection
+================
+
+Docker can redirect public tcp ports to your container, so it can be reached over the network.
+Port redirection is done on ``docker run`` using the -p flag.
+
+A port redirect is specified as PUBLIC:PRIVATE, where tcp port PUBLIC will be redirected to
+tcp port PRIVATE. As a special case, the public port can be omitted, in which case a random
+public port will be allocated.
+
+.. code-block:: bash
+
+    # A random PUBLIC port is redirected to PRIVATE port 80 on the container
+    docker run -p 80 <image> <cmd>
+
+    # PUBLIC port 80 is redirected to PRIVATE port 80
+    docker run -p 80:80 <image> <cmd>
+
+
+Default port redirects can be built into a container with the EXPOSE build command.
--- a/docs/sources/use/workingwithrepository.rst
+++ b/docs/sources/use/workingwithrepository.rst
@@ -77,3 +77,28 @@ Now you can commit this image to the repository
    # for example docker push dhrp/kickassapp
    docker push <image-name>

+
+Changing the server to connect to
+----------------------------------
+
+When you are running your own index and/or registry, You can change the server the docker client will connect to.
+
+Variable
+^^^^^^^^
+
+.. code-block:: sh
+
+    DOCKER_INDEX_URL
+
+Setting this environment variable on the docker server will change the URL docker index.
+This address is used in commands such as ``docker login``, ``docker push`` and ``docker pull``.
+The docker daemon doesn't need to be restarted for this parameter to take effect.
+
+Example
+^^^^^^^
+
+.. code-block:: sh
+
+    docker -d &
+    export DOCKER_INDEX_URL="https://index.docker.io"
+
--- a/docs/theme/docker/layout.html
+++ b/docs/theme/docker/layout.html
@@ -40,6 +40,8 @@

    {%- set script_files = script_files + ['_static/js/docs.js'] %}

+    <link rel="canonical" href="http://docs.docker.io/en/latest/{{ pagename }}/">
+
    {%- for cssfile in css_files %}
    <link rel="stylesheet" href="{{ pathto(cssfile, 1) }}" type="text/css" />
    {%- endfor %}
@@ -48,9 +50,8 @@
    <script type="text/javascript" src="{{ pathto(scriptfile, 1) }}"></script>
    {%- endfor %}

-    {%- if favicon %}
-    <link rel="shortcut icon" href="{{ pathto('_static/' + favicon, 1) }}"/>
-    {%- endif %}
+    <link rel="shortcut icon" href="{{ pathto('_static/favicon.png', 1) }}"/>
+

    {%- block extrahead %}{% endblock %}

@@ -64,14 +65,15 @@

            <div style="float: right" class="pull-right">
                <ul class="nav">
-                    <li><a href="http://www.docker.io/">Introduction</a></li>
-                    <li><a href="http://www.docker.io/gettingstarted/">Getting started</a></li>
-                    <li class="active"><a href="http://docs.docker.io/en/latest/">Documentation</a></li>
+                    <li id="nav-introduction"><a href="http://www.docker.io/">Introduction</a></li>
+                    <li id="nav-gettingstarted"><a href="http://www.docker.io/gettingstarted/">Getting started</a></li>
+                    <li id="nav-documentation" class="active"><a href="http://docs.docker.io/en/latest/">Documentation</a></li>
+                    <li id="nav-blog"><a href="http://blog.docker.io/">Blog</a></li>
                </ul>
-                <div class="social links" style="float: right; margin-top: 14px; margin-left: 12px">
-                    <a class="twitter" href="http://twitter.com/getdocker">Twitter</a>
-                    <a class="github" href="https://github.com/dotcloud/docker/">GitHub</a>
-                </div>
+                <!--<div class="social links" style="float: right; margin-top: 14px; margin-left: 12px">-->
+                    <!--<a class="twitter" href="http://twitter.com/getdocker">Twitter</a>-->
+                    <!--<a class="github" href="https://github.com/dotcloud/docker/">GitHub</a>-->
+                <!--</div>-->
            </div>

            <div style="margin-left: -12px; float: left;">
@@ -86,8 +88,13 @@

 <div class="container">
    <div class="row">
-        <div class="span12 titlebar"><h1 class="pageheader">DOCUMENTATION</h1>
+        <div class="span12 titlebar">
            <!--<span class="pull-right" style="margin-left: 20px; font-size: 20px">{{version}}</span>-->
+            <div class="pull-right" id="fork-us" style="margin-top: 16px; margin-right: 16px;">
+                <a  href="http://github.com/dotcloud/docker/"><img src="{{ pathto('_static/img/fork-us.png', 1) }}"> Fork us on Github</a>
+            </div>
+            <h1 class="pageheader">DOCUMENTATION</h1>
+
        </div>
    </div>

@@ -98,11 +105,8 @@
    <!-- Docs nav
     ================================================== -->
    <div class="row" style="position: relative">
-        <div class="span3" style="height:100%;" >

-        </div>
-
-        <div class="span3 sidebar bs-docs-sidebar" style="position: absolute">
+        <div class="span3 sidebar bs-docs-sidebar">
            {{ toctree(collapse=False, maxdepth=3) }}
        </div>

@@ -123,8 +127,14 @@
    <div class="row">

        <div class="span12 footer">
+            <div class="tbox textright forceleftmargin social links pull-right">
+                <a class="twitter" href="http://twitter.com/getdocker">Twitter</a>
+                <a class="github" href="https://github.com/dotcloud/docker/">GitHub</a>
+            </div>

            Docker is a project by <a href="http://www.dotcloud.com">dotCloud</a>
+
+
 {#            {%- if show_source and has_source and sourcename %}#}
 {#            ·#}
 {#            <a href="{{ pathto('_sources/' + sourcename, true)|e }}"#}
@@ -157,7 +167,7 @@
  <!-- script which should be loaded after everything else -->
 <script type="text/javascript">

-
+    // Function to make the sticky header possible
    var shiftWindow = function() {
        scrollBy(0, -70);
        console.log("window shifted")
--- a/docs/theme/docker/redirect_home.html
+++ b/docs/theme/docker/redirect_home.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Page Moved</title>
+    <meta http-equiv="refresh" content="0; url=http://docks.docker.io/en/latest/">
+</head>
+<body>
+
+This page has moved. Perhaps you should visit the <a href="http://docs.docker.io/" title="documentation homepage">Documentation Homepage</a>
+
+</body>
+</html>
--- a/docs/theme/docker/static/css/main.css
+++ b/docs/theme/docker/static/css/main.css
@@ -168,10 +168,13 @@ section.header {
 .sidebar {
  font-weight: normal;
  float: left;
-  min-height: 475px;
+  /*  min-height: 475px;*/
+
  background: #ececec;
-  border-left: 1px solid #bbbbbb;
-  border-right: 1px solid #cccccc;
+  /*  border-left: 1px solid #bbbbbb;*/
+
+  /*  border-right: 1px solid #cccccc;*/
+
  position: relative;
 }
 .sidebar ul {
@@ -285,6 +288,40 @@ section.header {
 .social .github {
  background-position: -59px 2px;
 }
+#fork-us {
+  /*font-family: 'Maven Pro';*/
+
+  /*font-weight: bold;*/
+
+  font-size: 12px;
+  /*text-transform: uppercase;*/
+
+  display: block;
+  padding: 0px 1em;
+  height: 28px;
+  line-height: 28px;
+  background-color: #43484c;
+  filter: progid:dximagetransform.microsoft.gradient(gradientType=0, startColorstr='#FFFF6E56', endColorstr='#FFED4F35');
+  background-image: -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(0%, #747474), color-stop(100%, #43484c));
+  background-image: -webkit-linear-gradient(top, #747474 0%, #43484c 100%);
+  background-image: -moz-linear-gradient(top, #747474 0%, #43484c 100%);
+  background-image: -o-linear-gradient(top, #747474 0%, #43484c 100%);
+  background-image: linear-gradient(top, #747474 0%, #43484c 100%);
+  border: 1px solid #43484c;
+  -webkit-border-radius: 4px;
+  -moz-border-radius: 4px;
+  -ms-border-radius: 4px;
+  -o-border-radius: 4px;
+  border-radius: 4px;
+  -webkit-box-shadow: inset rgba(255, 255, 255, 0.17) 0 1px 1px;
+  -moz-box-shadow: inset rgba(255, 255, 255, 0.17) 0 1px 1px;
+  box-shadow: inset rgba(255, 255, 255, 0.17) 0 1px 1px;
+  margin: 8px;
+}
+#fork-us a {
+  color: #faf2ee;
+  text-shadow: rgba(0, 0, 0, 0.3) 0px 1px 0px;
+}
 /* =======================
   Media size overrides
 ======================= */
@@ -323,12 +360,16 @@ section.header {
  #global {
    /* TODO: Fix this to be relative to the navigation size */
  
-    padding-top: 600px;
+  }
+  #fork-us {
+    display: none;
  }
 }
 /* Landscape phones and down */
@media (max-width: 480px) {
-  
+  #nav-gettingstarted {
+    display: none;
+  }
 }
 /* Misc fixes */
 table th {
--- a/docs/theme/docker/static/css/main.less
+++ b/docs/theme/docker/static/css/main.less
@@ -226,20 +226,21 @@ section.header {

 }

+  .sidebar {
+  //  font-family: "Maven Pro";
+    font-weight: normal;
+  //  margin-top: 38px;
+    float: left;
+  //  width: 220px;
+  /*  min-height: 475px;*/
+  //  margin-bottom: 28px;
+  //  padding-bottom: 120px;
+    background: #ececec;
+  /*  border-left: 1px solid #bbbbbb;*/
+  /*  border-right: 1px solid #cccccc;*/
+    position: relative;
+

-.sidebar {
-//  font-family: "Maven Pro";
-  font-weight: normal;
-//  margin-top: 38px;
-  float: left;
-//  width: 220px;
-  min-height: 475px;
-//  margin-bottom: 28px;
-//  padding-bottom: 120px;
-  background: #ececec;
-  border-left: 1px solid #bbbbbb;
-  border-right: 1px solid #cccccc;
-  position: relative;

  ul {
    padding: 0px;
@@ -391,6 +392,38 @@ section.header {
 }


+#fork-us {
+  /*font-family: 'Maven Pro';*/
+  /*font-weight: bold;*/
+  font-size: 12px;
+  /*text-transform: uppercase;*/
+  display: block;
+  padding: 0px 1em;
+  height: 28px;
+  line-height: 28px;
+  background-color: #43484c;
+  filter: progid:DXImageTransform.Microsoft.gradient(gradientType=0, startColorstr='#FFFF6E56', endColorstr='#FFED4F35');
+  background-image: -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(0%, #747474), color-stop(100%, #43484c));
+  background-image: -webkit-linear-gradient(top, #747474 0%, #43484c 100%);
+  background-image: -moz-linear-gradient(top, #747474 0%, #43484c 100%);
+  background-image: -o-linear-gradient(top, #747474 0%, #43484c 100%);
+  background-image: linear-gradient(top, #747474 0%, #43484c 100%);
+  border: 1px solid #43484c;
+  -webkit-border-radius: 4px;
+  -moz-border-radius: 4px;
+  -ms-border-radius: 4px;
+  -o-border-radius: 4px;
+  border-radius: 4px;
+  -webkit-box-shadow: inset rgba(255, 255, 255, 0.17) 0 1px 1px;
+  -moz-box-shadow: inset rgba(255, 255, 255, 0.17) 0 1px 1px;
+  box-shadow: inset rgba(255, 255, 255, 0.17) 0 1px 1px;
+  margin: 8px;
+
+  a {
+    color: #faf2ee;
+    text-shadow: rgba(0, 0, 0, 0.3) 0px 1px 0px;
+  }
+}
 /* =======================
   Media size overrides
 ======================= */
@@ -439,16 +472,19 @@ section.header {
  }
  #global {
  /* TODO: Fix this to be relative to the navigation size */
-    padding-top: 600px;
+//    padding-top: 600px;
+  }
+  #fork-us {
+    display: none;
  }
-
 }


 /* Landscape phones and down */
@media (max-width: 480px) {
-
-
+  #nav-gettingstarted {
+    display: none;
+  }
 }

 /* Misc fixes */
--- a/docs/theme/docker/static/favicon.ico
+++ b/docs/theme/docker/static/favicon.ico
--- a/docs/theme/docker/static/favicon.png
+++ b/docs/theme/docker/static/favicon.png
--- a/docs/website/gettingstarted/index.html
+++ b/docs/website/gettingstarted/index.html
@@ -34,15 +34,11 @@

            <div style="float: right" class="pull-right">
                <ul class="nav">
-                    <li><a href="../">Introduction</a></li>
-                    <li class="active"><a href="">Getting started</a></li>
-                    <li class=""><a href="http://docs.docker.io/en/latest/">Documentation</a></li>
+                    <li id="nav-introduction"><a href="../">Introduction</a></li>
+                    <li id="nav-gettingstarted" class="active"><a href="">Getting started</a></li>
+                    <li id="nav-documentation" class=""><a href="http://docs.docker.io/en/latest/">Documentation</a></li>
+                    <li id="nav-blog"><a href="http://blog.docker.io/">Blog</a></li>
                </ul>
-
-                <div class="social links" style="float: right; margin-top: 14px; margin-left: 12px">
-                    <a class="twitter" href="http://twitter.com/getdocker">Twitter</a>
-                    <a class="github" href="https://github.com/dotcloud/docker/">GitHub</a>
-                </div>
            </div>

            <div style="margin-left: -12px; float: left;">
@@ -55,14 +51,22 @@

 <div class="container">
    <div class="row">
-        <div class="span12 titlebar"><h1 class="pageheader">GETTING STARTED</h1>
+
+        <div class="span12 titlebar">
+
+            <div class="pull-right" id="fork-us" style="margin-top: 16px; margin-right: 16px;">
+                <a  href="http://github.com/dotcloud/docker/"><img src="../static/img/fork-us.png"> Fork us on Github</a>
+            </div>
+
+            <h1 class="pageheader"> GETTING STARTED</h1>
        </div>
+
    </div>

 </div>

 <div class="container">
-    <div class="alert alert-info">
+    <div class="alert alert-info" style="margin-bottom: 0;">
        <strong>Docker is still under heavy development.</strong> It should not yet be used in production. Check <a href="http://github.com/dotcloud/docker">the repo</a> for recent progress.
    </div>
    <div class="row">
@@ -133,13 +137,13 @@
            </section>

            <section class="contentblock">
-                <h2>More resources</h2>
-                <ul>
-                    <li><a href="irc://chat.freenode.net#docker">IRC: docker on freenode</a></li>
-                    <li><a href="http://www.github.com/dotcloud/docker">Github</a></li>
-                    <li><a href="http://stackoverflow.com/tags/docker/">Ask questions on Stackoverflow</a></li>
-                    <li><a href="http://twitter.com/getdocker/">Join the conversation on Twitter</a></li>
-                </ul>
+                <h2>Questions? Want to get in touch?</h2>
+                <p>There are several ways to get in touch:</p>
+                <p><strong>Join the discussion on IRC.</strong> We can be found in the <a href="irc://chat.freenode.net#docker">#docker</a> channel on chat.freenode.net</p>
+                <p><strong>Discussions</strong> happen on our google group: <a href="https://groups.google.com/d/forum/docker-club">docker-club at googlegroups.com</a></p>
+                <p>All our <strong>development and decisions</strong> are made out in the open on Github <a href="http://www.github.com/dotcloud/docker">github.com/dotcloud/docker</a></p>
+                <p><strong>Get help on using Docker</strong> by asking on <a href="http://stackoverflow.com/tags/docker/">Stackoverflow</a></p>
+                <p>And of course, <strong>tweet</strong> your tweets to <a href="http://twitter.com/getdocker/">twitter.com/getdocker</a></p>
            </section>


@@ -172,7 +176,10 @@
    <footer id="footer" class="footer">
        <div class="row">
            <div class="span12 social">
-
+                <div class="tbox textright forceleftmargin social links pull-right">
+                    <a class="twitter" href="http://twitter.com/getdocker">Twitter</a>
+                    <a class="github" href="https://github.com/dotcloud/docker/">GitHub</a>
+                </div>
                Docker is a project by <a href="http://www.dotcloud.com">dotCloud</a>

            </div>
--- a/docs/website/index.html
+++ b/docs/website/index.html
@@ -44,9 +44,18 @@
        .debug {
            border: 1px red dotted;
        }
+        .twitterblock {
+            min-height: 75px;
+        }
+
+        .twitterblock img {
+            float: left;
+            margin-right: 10px;
+        }

    </style>

+
 </head>


@@ -56,17 +65,18 @@
    <div class="navbar-dotcloud">
        <div class="container" style="text-align: center;">

+
+            <div class="pull-left" id="fork-us" style="margin-top: 16px;">
+                <a  href="http://github.com/dotcloud/docker/"><img src="static/img/fork-us.png" alt="fork-icon"> Fork us on Github</a>
+            </div>
+
            <div class="pull-right" >
                <ul class="nav">
-                    <li class="active"><a href="/">Introduction</a></li>
-                    <li ><a href="gettingstarted">Getting started</a></li>
-                    <li class=""><a href="http://docs.docker.io/en/latest/">Documentation</a></li>
+                    <li id="nav-introduction" class="active"><a href="/">Introduction</a></li>
+                    <li id="nav-gettingstarted"><a href="gettingstarted">Getting started</a></li>
+                    <li id="nav-documentation" class=""><a href="http://docs.docker.io/en/latest/">Documentation</a></li>
+                    <li id="nav-blog"><a href="http://blog.docker.io/">Blog</a></li>
                </ul>
-
-                <div class="social links" style="float: right; margin-top: 14px; margin-left: 12px">
-                    <a class="twitter" href="http://twitter.com/getdocker">Twitter</a>
-                    <a class="github" href="https://github.com/dotcloud/docker/">GitHub</a>
-                </div>
            </div>
        </div>
    </div>
@@ -81,7 +91,7 @@

                <div class="span5" style="margin-bottom: 15px;">
                    <div style="text-align: center;" >
-                        <img src="static/img/docker_letters_500px.png">
+                        <img src="static/img/docker_letters_500px.png" alt="docker letters">

                        <h2>The Linux container engine</h2>
                    </div>
@@ -130,7 +140,7 @@
            <section class="contentblock">
                <div class="container">
                <div class="span2" style="margin-left: 0" >
-                    <a href="http://dotcloud.theresumator.com/apply/mWjkD4/Software-Engineer.html" title="Job description"><img src="static/img/hiring_graphic.png" width="140px" style="margin-top: 25px"></a>
+                    <a href="http://dotcloud.theresumator.com/apply/mWjkD4/Software-Engineer.html" title="Job description"><img src="static/img/hiring_graphic.png" alt="we're hiring" width="140" style="margin-top: 25px"></a>
                </div>
                <div class="span4" style="margin-left: 0">
                    <h4>Do you think it is cool to hack on docker? Join us!</h4>
@@ -156,7 +166,7 @@
                    </div>
                </a>
                &nbsp;
-                <input type="button" class="searchbutton" type="submit" value="Search images"
+                <input type="button" class="searchbutton" value="Search images"
                       onClick="window.open('https://index.docker.io')" />

            </section>
@@ -184,32 +194,19 @@

 </div>

-<style>
-    .twitterblock {
-        min-height: 75px;
-    }
-
-    .twitterblock img {
-        float: left;
-        margin-right: 10px;
-    }
-
-</style>
-
-
 <div class="container">

    <div class="row">
        <div class="span6">
            <section class="contentblock twitterblock">
                <img src="https://si0.twimg.com/profile_images/2707460527/252a64411a339184ff375a96fb68dcb0_bigger.png">
-                <em>Mitchell Hashimoto‏@mitchellh:</em> Docker launched today. It is incredible. They’re also working RIGHT NOW on a Vagrant provider. LXC is COMING!!
+                <em>Mitchell Hashimoto ‏@mitchellh:</em> Docker launched today. It is incredible. They’re also working RIGHT NOW on a Vagrant provider. LXC is COMING!!
            </section>
        </div>
        <div class="span6">
            <section class="contentblock twitterblock">
                <img src="https://si0.twimg.com/profile_images/1108290260/Adam_Jacob-114x150_original_bigger.jpg">
-                <em>Adam Jacob‏@adamhjk:</em> Docker is clearly the right idea. @solomonstre absolutely killed it. Containerized app deployment is the future, I think.
+                <em>Adam Jacob ‏@adamhjk:</em> Docker is clearly the right idea. @solomonstre absolutely killed it. Containerized app deployment is the future, I think.
            </section>
        </div>
    </div>
@@ -217,13 +214,13 @@
        <div class="span6">
            <section class="contentblock twitterblock">
                <img src="https://si0.twimg.com/profile_images/14872832/twitter_pic_bigger.jpg">
-                <em>Matt Townsend‏@mtownsend:</em> I have a serious code crush on docker.io - it's Lego for PaaS. Motherfucking awesome Lego.
+                <em>Matt Townsend ‏@mtownsend:</em> I have a serious code crush on docker.io - it's Lego for PaaS. Motherfucking awesome Lego.
            </section>
        </div>
        <div class="span6">
            <section class="contentblock twitterblock">
                <img src="https://si0.twimg.com/profile_images/1312352395/rupert-259x300_bigger.jpg">
-                <em>Rob Harrop‏@robertharrop:</em> Impressed by @getdocker - it's all kinds of magic. Serious rethink of AWS architecture happening @skillsmatter.
+                <em>Rob Harrop ‏@robertharrop:</em> Impressed by @getdocker - it's all kinds of magic. Serious rethink of AWS architecture happening @skillsmatter.
            </section>
        </div>
    </div>
@@ -317,7 +314,10 @@
    <footer id="footer" class="footer">
        <div class="row">
            <div class="span12">
-
+                <div class="tbox textright forceleftmargin social links pull-right">
+                    <a class="twitter" href="http://twitter.com/getdocker">Twitter</a>
+                    <a class="github" href="https://github.com/dotcloud/docker/">GitHub</a>
+                </div>
                Docker is a project by <a href="http://www.dotcloud.com">dotCloud</a>

            </div>
--- a/graph.go
+++ b/graph.go
@@ -86,14 +86,23 @@ func (graph *Graph) Get(name string) (*Image, error) {
 	if err != nil {
 		return nil, err
 	}
-	if img.Id != id {
-		return nil, fmt.Errorf("Image stored at '%s' has wrong id '%s'", id, img.Id)
+	if img.ID != id {
+		return nil, fmt.Errorf("Image stored at '%s' has wrong id '%s'", id, img.ID)
 	}
 	img.graph = graph
+	if img.Size == 0 {
+		root, err := img.root()
+		if err != nil {
+			return nil, err
+		}
+		if err := StoreSize(img, root); err != nil {
+			return nil, err
+		}
+	}
 	graph.lockSumMap.Lock()
 	defer graph.lockSumMap.Unlock()
-	if _, exists := graph.checksumLock[img.Id]; !exists {
-		graph.checksumLock[img.Id] = &sync.Mutex{}
+	if _, exists := graph.checksumLock[img.ID]; !exists {
+		graph.checksumLock[img.ID] = &sync.Mutex{}
 	}
 	return img, nil
 }
@@ -101,7 +110,7 @@ func (graph *Graph) Get(name string) (*Image, error) {
 // Create creates a new image and registers it in the graph.
 func (graph *Graph) Create(layerData Archive, container *Container, comment, author string, config *Config) (*Image, error) {
 	img := &Image{
-		Id:            GenerateId(),
+		ID:            GenerateID(),
 		Comment:       comment,
 		Created:       time.Now(),
 		DockerVersion: VERSION,
@@ -111,7 +120,7 @@ func (graph *Graph) Create(layerData Archive, container *Container, comment, aut
 	}
 	if container != nil {
 		img.Parent = container.Image
-		img.Container = container.Id
+		img.Container = container.ID
 		img.ContainerConfig = *container.Config
 	}
 	if err := graph.Register(layerData, layerData != nil, img); err != nil {
@@ -124,12 +133,12 @@ func (graph *Graph) Create(layerData Archive, container *Container, comment, aut
 // Register imports a pre-existing image into the graph.
 // FIXME: pass img as first argument
 func (graph *Graph) Register(layerData Archive, store bool, img *Image) error {
-	if err := ValidateId(img.Id); err != nil {
+	if err := ValidateID(img.ID); err != nil {
 		return err
 	}
 	// (This is a convenience to save time. Race conditions are taken care of by os.Rename)
-	if graph.Exists(img.Id) {
-		return fmt.Errorf("Image %s already exists", img.Id)
+	if graph.Exists(img.ID) {
+		return fmt.Errorf("Image %s already exists", img.ID)
 	}
 	tmp, err := graph.Mktemp("")
 	defer os.RemoveAll(tmp)
@@ -140,12 +149,12 @@ func (graph *Graph) Register(layerData Archive, store bool, img *Image) error {
 		return err
 	}
 	// Commit
-	if err := os.Rename(tmp, graph.imageRoot(img.Id)); err != nil {
+	if err := os.Rename(tmp, graph.imageRoot(img.ID)); err != nil {
 		return err
 	}
 	img.graph = graph
-	graph.idIndex.Add(img.Id)
-	graph.checksumLock[img.Id] = &sync.Mutex{}
+	graph.idIndex.Add(img.ID)
+	graph.checksumLock[img.ID] = &sync.Mutex{}
 	return nil
 }

@@ -173,7 +182,7 @@ func (graph *Graph) TempLayerArchive(id string, compression Compression, output
 // Mktemp creates a temporary sub-directory inside the graph's filesystem.
 func (graph *Graph) Mktemp(id string) (string, error) {
 	if id == "" {
-		id = GenerateId()
+		id = GenerateID()
 	}
 	tmp, err := graph.tmp()
 	if err != nil {
@@ -230,7 +239,7 @@ func (graph *Graph) Map() (map[string]*Image, error) {
 	}
 	images := make(map[string]*Image, len(all))
 	for _, image := range all {
-		images[image.Id] = image
+		images[image.ID] = image
 	}
 	return images, nil
 }
@@ -273,10 +282,10 @@ func (graph *Graph) ByParent() (map[string][]*Image, error) {
 		if err != nil {
 			return
 		}
-		if children, exists := byParent[parent.Id]; exists {
-			byParent[parent.Id] = []*Image{image}
+		if children, exists := byParent[parent.ID]; exists {
+			byParent[parent.ID] = []*Image{image}
 		} else {
-			byParent[parent.Id] = append(children, image)
+			byParent[parent.ID] = append(children, image)
 		}
 	})
 	return byParent, err
@@ -293,8 +302,8 @@ func (graph *Graph) Heads() (map[string]*Image, error) {
 	err = graph.WalkAll(func(image *Image) {
 		// If it's not in the byParent lookup table, then
 		// it's not a parent -> so it's a head!
-		if _, exists := byParent[image.Id]; !exists {
-			heads[image.Id] = image
+		if _, exists := byParent[image.ID]; !exists {
+			heads[image.ID] = image
 		}
 	})
 	return heads, err
@@ -317,11 +326,11 @@ func (graph *Graph) getStoredChecksums() (map[string]string, error) {
 }

 func (graph *Graph) storeChecksums(checksums map[string]string) error {
-	checksumJson, err := json.Marshal(checksums)
+	checksumJSON, err := json.Marshal(checksums)
 	if err != nil {
 		return err
 	}
-	if err := ioutil.WriteFile(path.Join(graph.Root, "checksums"), checksumJson, 0600); err != nil {
+	if err := ioutil.WriteFile(path.Join(graph.Root, "checksums"), checksumJSON, 0600); err != nil {
 		return err
 	}
 	return nil
--- a/graph_test.go
+++ b/graph_test.go
@@ -34,14 +34,14 @@ func TestInterruptedRegister(t *testing.T) {
 	defer os.RemoveAll(graph.Root)
 	badArchive, w := io.Pipe() // Use a pipe reader as a fake archive which never yields data
 	image := &Image{
-		Id:      GenerateId(),
+		ID:      GenerateID(),
 		Comment: "testing",
 		Created: time.Now(),
 	}
 	go graph.Register(badArchive, false, image)
 	time.Sleep(200 * time.Millisecond)
 	w.CloseWithError(errors.New("But I'm not a tarball!")) // (Nobody's perfect, darling)
-	if _, err := graph.Get(image.Id); err == nil {
+	if _, err := graph.Get(image.ID); err == nil {
 		t.Fatal("Image should not exist after Register is interrupted")
 	}
 	// Registering the same image again should succeed if the first register was interrupted
@@ -67,7 +67,7 @@ func TestGraphCreate(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	if err := ValidateId(image.Id); err != nil {
+	if err := ValidateID(image.ID); err != nil {
 		t.Fatal(err)
 	}
 	if image.Comment != "Testing" {
@@ -91,7 +91,7 @@ func TestRegister(t *testing.T) {
 		t.Fatal(err)
 	}
 	image := &Image{
-		Id:      GenerateId(),
+		ID:      GenerateID(),
 		Comment: "testing",
 		Created: time.Now(),
 	}
@@ -104,11 +104,11 @@ func TestRegister(t *testing.T) {
 	} else if l := len(images); l != 1 {
 		t.Fatalf("Wrong number of images. Should be %d, not %d", 1, l)
 	}
-	if resultImg, err := graph.Get(image.Id); err != nil {
+	if resultImg, err := graph.Get(image.ID); err != nil {
 		t.Fatal(err)
 	} else {
-		if resultImg.Id != image.Id {
-			t.Fatalf("Wrong image ID. Should be '%s', not '%s'", image.Id, resultImg.Id)
+		if resultImg.ID != image.ID {
+			t.Fatalf("Wrong image ID. Should be '%s', not '%s'", image.ID, resultImg.ID)
 		}
 		if resultImg.Comment != image.Comment {
 			t.Fatalf("Wrong image comment. Should be '%s', not '%s'", image.Comment, resultImg.Comment)
@@ -156,7 +156,7 @@ func TestDeletePrefix(t *testing.T) {
 	graph := tempGraph(t)
 	defer os.RemoveAll(graph.Root)
 	img := createTestImage(graph, t)
-	if err := graph.Delete(utils.TruncateId(img.Id)); err != nil {
+	if err := graph.Delete(utils.TruncateID(img.ID)); err != nil {
 		t.Fatal(err)
 	}
 	assertNImages(graph, t, 0)
@@ -187,21 +187,29 @@ func TestDelete(t *testing.T) {
 		t.Fatal(err)
 	}
 	assertNImages(graph, t, 1)
-	if err := graph.Delete(img.Id); err != nil {
+	if err := graph.Delete(img.ID); err != nil {
 		t.Fatal(err)
 	}
 	assertNImages(graph, t, 0)

+	archive, err = fakeTar()
+	if err != nil {
+		t.Fatal(err)
+	}
 	// Test 2 create (same name) / 1 delete
 	img1, err := graph.Create(archive, nil, "Testing", "", nil)
 	if err != nil {
 		t.Fatal(err)
 	}
+	archive, err = fakeTar()
+	if err != nil {
+		t.Fatal(err)
+	}
 	if _, err = graph.Create(archive, nil, "Testing", "", nil); err != nil {
 		t.Fatal(err)
 	}
 	assertNImages(graph, t, 2)
-	if err := graph.Delete(img1.Id); err != nil {
+	if err := graph.Delete(img1.ID); err != nil {
 		t.Fatal(err)
 	}
 	assertNImages(graph, t, 1)
@@ -212,11 +220,15 @@ func TestDelete(t *testing.T) {
 	}
 	assertNImages(graph, t, 1)

+	archive, err = fakeTar()
+	if err != nil {
+		t.Fatal(err)
+	}
 	// Test delete twice (pull -> rm -> pull -> rm)
 	if err := graph.Register(archive, false, img1); err != nil {
 		t.Fatal(err)
 	}
-	if err := graph.Delete(img1.Id); err != nil {
+	if err := graph.Delete(img1.ID); err != nil {
 		t.Fatal(err)
 	}
 	assertNImages(graph, t, 1)
--- a/hack/PRINCIPLES.md
+++ b/hack/PRINCIPLES.md
@@ -0,0 +1,19 @@
+# Docker principles
+
+In the design and development of Docker we try to follow these principles:
+
+(Work in progress)
+
+* Don't try to replace every tool. Instead, be an ingredient to improve them.
+* Less code is better.
+* Less components is better. Do you really need to add one more class?
+* 50 lines of straightforward, readable code is better than 10 lines of magic that nobody can understand.
+* Don't do later what you can do now. "//FIXME: refactor" is not acceptable in new code.
+* When hesitating between 2 options, choose the one that is easier to reverse.
+* No is temporary, Yes is forever. If you're not sure about a new feature, say no. You can change your mind later.
+* Containers must be portable to the greatest possible number of machines. Be suspicious of any change which makes machines less interchangeable.
+* The less moving parts in a container, the better.
+* Don't merge it unless you document it.
+* Don't document it unless you can keep it up-to-date.
+* Don't merge it unless you test it!
+* Everyone's problem is slightly different. Focus on the part that is the same for everyone, and solve that.
--- a/hack/ROADMAP.md
+++ b/hack/ROADMAP.md
@@ -0,0 +1,105 @@
+# Docker: what's next?
+
+This document is a high-level overview of where we want to take Docker next.
+It is a curated selection of planned improvements which are either important, difficult, or both.
+
+For a more complete view of planned and requested improvements, see [the Github issues](https://github.com/dotcloud/docker/issues).
+
+Tu suggest changes to the roadmap, including additions, please write the change as if it were already in effect, and make a pull request.
+
+Broader kernel support
+----------------------
+
+Our goal is to make Docker run everywhere, but currently Docker requires [Linux version 3.8 or higher with lxc and aufs support](http://docs.docker.io/en/latest/installation/kernel.html). If you're deploying new machines for the purpose of running Docker, this is a fairly easy requirement to meet.
+However, if you're adding Docker to an existing deployment, you may not have the flexibility to update and patch the kernel.
+
+Expanding Docker's kernel support is a priority. This includes running on older kernel versions,
+but also on kernels with no AUFS support, or with incomplete lxc capabilities.
+
+
+Cross-architecture support
+--------------------------
+
+Our goal is to make Docker run everywhere. However currently Docker only runs on x86_64 systems.
+We plan on expanding architecture support, so that Docker containers can be created and used on more architectures.
+
+
+Even more integrations
+----------------------
+
+We want Docker to be the secret ingredient that makes your existing tools more awesome.
+Thanks to this philosophy, Docker has already been integrated with
+[Puppet](http://forge.puppetlabs.com/garethr/docker),  [Chef](http://www.opscode.com/chef),
+[Openstack Nova](https://github.com/dotcloud/openstack-docker), [Jenkins](https://github.com/georgebashi/jenkins-docker-plugin),
+[DotCloud sandbox](http://github.com/dotcloud/sandbox), [Pallet](https://github.com/pallet/pallet-docker),
+[Strider CI](http://blog.frozenridge.co/next-generation-continuous-integration-deployment-with-dotclouds-docker-and-strider/)
+and even [Heroku buildpacks](https://github.com/progrium/buildstep).
+
+Expect Docker to integrate with even more of your favorite tools going forward, including:
+
+* Alternative storage backends such as ZFS, LVM or [BTRFS](github.com/dotcloud/docker/issues/443)
+* Alternative containerization backends such as [OpenVZ](http://openvz.org), Solaris Zones, BSD Jails and even plain Chroot.
+* Process managers like [Supervisord](http://supervisord.org/), [Runit](http://smarden.org/runit/), [Gaffer](https://gaffer.readthedocs.org/en/latest/#gaffer) and [Systemd](http://www.freedesktop.org/wiki/Software/systemd/)
+* Build and integration tools like Make, Maven, Scons, Jenkins, Buildbot and Cruise Control.
+* Configuration management tools like [Puppet](http://puppetlabs.com), [Chef](http://www.opscode.com/chef/) and [Salt](http://saltstack.org)
+* Personal development environments like [Vagrant](http://vagrantup.com), [Boxen](http://boxen.github.com/), [Koding](http://koding.com) and [Cloud9](http://c9.io).
+* Orchestration tools like [Zookeeper](http://zookeeper.apache.org/), [Mesos](http://incubator.apache.org/mesos/) and [Galaxy](https://github.com/ning/galaxy)
+* Infrastructure deployment tools like [Openstack](http://openstack.org), [Apache Cloudstack](http://apache.cloudstack.org), [Ganeti](https://code.google.com/p/ganeti/)
+
+
+Plugin API
+----------
+
+We want Docker to run everywhere, and to integrate with every devops tool.
+Those are ambitious goals, and the only way to reach them is with the Docker community.
+For the community to participate fully, we need an API which allows Docker to be deeply and easily customized.
+
+We are working on a plugin API which will make Docker very, very customization-friendly.
+We believe it will facilitate the integrations listed above - and many more we didn't even think about.
+
+Let us know if you want to start playing with the API before it's generally available.
+
+
+Externally mounted volumes
+--------------------------
+
+In 0.3 we [introduced data volumes](https://github.com/dotcloud/docker/wiki/Docker-0.3.0-release-note%2C-May-6-2013#data-volumes),
+a great mechanism for manipulating persistent data such as database files, log files, etc.
+
+Data volumes can be shared between containers, a powerful capability [which allows many advanced use cases](http://docs.docker.io/en/latest/examples/couchdb_data_volumes.html). In the future it will also be possible to share volumes between a container and the underlying host. This will make certain scenarios much easier, such as using a high-performance storage backend for your production database,
+making live development changes available to a container, etc.
+
+
+Better documentation
+--------------------
+
+We believe that great documentation is worth 10 features. We are often told that "Docker's documentation is great for a 2-month old project".
+Our goal is to make it great, period.
+
+If you have feedback on how to improve our documentation, please get in touch by replying to this email,
+or by [filing an issue](https://github.com/dotcloud/docker/issues). We always appreciate it!
+
+
+Production-ready
+----------------
+
+Docker is still alpha software, and not suited for production.
+We are working hard to get there, and we are confident that it will be possible within a few months.
+
+
+Advanced port redirections
+--------------------------
+
+Docker currently supports 2 flavors of port redirection: STATIC->STATIC (eg. "redirect public port 80 to private port 80")
+and RANDOM->STATIC (eg. "redirect any public port to private port 80").
+
+With these 2 flavors, docker can support the majority of backend programs out there. But some applications have more exotic
+requirements, generally to implement custom clustering techniques. These applications include Hadoop, MongoDB, Riak, RabbitMQ,
+Disco, and all programs relying on Erlang's OTP.
+
+To support these applications, Docker needs to support more advanced redirection flavors, including:
+
+* RANDOM->RANDOM
+* STATIC1->STATIC2
+
+These flavors should be implemented without breaking existing semantics, if at all possible.
--- a/hack/Vagrantfile
+++ b/hack/Vagrantfile
@@ -22,7 +22,7 @@ Vagrant::Config.run do |config|
  pkg_cmd = "touch #{DOCKER_PATH}; "
  # Install docker dependencies
  pkg_cmd << "export DEBIAN_FRONTEND=noninteractive; apt-get -qq update; " \
-    "apt-get install -q -y lxc bsdtar git golang make linux-image-extra-3.8.0-19-generic; " \
+    "apt-get install -q -y lxc git aufs-tools golang make linux-image-extra-3.8.0-19-generic; " \
    "chown -R #{USER}.#{USER} #{GOPATH}; " \
    "install -m 0664 #{CFG_PATH}/bash_profile /home/#{USER}/.bash_profile"
  config.vm.provision :shell, :inline => pkg_cmd
--- a/hack/dockerbuilder/Dockerfile
+++ b/hack/dockerbuilder/Dockerfile
@@ -1,5 +1,13 @@
-# This will build a container capable of producing an official binary build of docker and
-# uploading it to S3
+# DESCRIPTION     Build a container capable of producing official binary and
+#                 PPA packages and uploading them to S3 and Launchpad
+# VERSION         1.2
+# DOCKER_VERSION  0.4
+# AUTHOR          Solomon Hykes <solomon@dotcloud.com>
+#                 Daniel Mizyrycki <daniel@dotcloud.net>
+# BUILD_CMD       docker build -t dockerbuilder .
+# RUN_CMD         docker run -e AWS_ID="$AWS_ID" -e AWS_KEY="$AWS_KEY" -e GPG_KEY="$GPG_KEY" dockerbuilder
+#
+#
 from	ubuntu:12.04
 maintainer	Solomon Hykes <solomon@dotcloud.com>
 # Workaround the upstart issue
@@ -8,24 +16,18 @@ run ln -s /bin/true /sbin/initctl
 # Enable universe and gophers PPA
 run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q python-software-properties
 run	add-apt-repository "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc) universe"
-run	add-apt-repository -y ppa:gophers/go/ubuntu
+run	add-apt-repository -y ppa:dotcloud/docker-golang/ubuntu
 run	apt-get update
 # Packages required to checkout, build and upload docker
-run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q s3cmd
-run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q curl
-run	curl -s -o /go.tar.gz https://go.googlecode.com/files/go1.1.linux-amd64.tar.gz
+run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q s3cmd curl
+run	curl -s -o /go.tar.gz https://go.googlecode.com/files/go1.1.1.linux-amd64.tar.gz
 run	tar -C /usr/local -xzf /go.tar.gz
 run	echo "export PATH=/usr/local/go/bin:$PATH" > /.bashrc
 run	echo "export PATH=/usr/local/go/bin:$PATH" > /.bash_profile
-run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q git
-run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q build-essential
+run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q git build-essential
 # Packages required to build an ubuntu package
-run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q golang-stable
-run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q debhelper
-run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q autotools-dev
-run	apt-get install -y -q devscripts
+run	DEBIAN_FRONTEND=noninteractive apt-get install -y -q golang-stable debhelper autotools-dev devscripts
 # Copy dockerbuilder files into the container
 add	.       /src
 run	cp /src/dockerbuilder /usr/local/bin/ && chmod +x /usr/local/bin/dockerbuilder
-run	cp /src/s3cfg /.s3cfg
 cmd	["dockerbuilder"]
--- a/hack/dockerbuilder/MAINTAINERS
+++ b/hack/dockerbuilder/MAINTAINERS
@@ -0,0 +1 @@
+Daniel Mizyrycki <daniel@dotcloud.com>
--- a/hack/dockerbuilder/dockerbuilder
+++ b/hack/dockerbuilder/dockerbuilder
@@ -13,12 +13,10 @@ fi

 export REVISION=$1

-if [ -z "$AWS_ID" ]; then
-	echo "Warning: environment variable AWS_ID is not set. Won't upload to S3."
-fi
-
-if [ -z "$AWS_KEY" ]; then
-	echo "Warning: environment variable AWS_KEY is not set. Won't upload to S3."
+if [ -z "$AWS_ID" -o -z "$AWS_KEY" ]; then
+	echo "Warning: either AWS_ID or AWS_KEY environment variable not set. Won't upload to S3."
+else
+	/bin/echo -e "[default]\naccess_key = $AWS_ID\nsecret_key = $AWS_KEY\n" > /.s3cfg
 fi

 if [ -z "$GPG_KEY" ]; then
@@ -35,6 +33,9 @@ else
 	make release RELEASE_VERSION=$REVISION
 fi

+# Remove credentials from container
+rm -f /.s3cfg
+
 if [ -z "$NO_UBUNTU" ]; then
 	export PATH=`echo $PATH | sed 's#/usr/local/go/bin:##g'`
 	(cd packaging/ubuntu && make ubuntu)
--- a/hack/dockerbuilder/s3cfg
+++ b/hack/dockerbuilder/s3cfg
@@ -1,3 +0,0 @@
-[default]
-access_key = $AWS_ID
-secret_key = $AWS_KEY
--- a/image.go
+++ b/image.go
@@ -13,12 +13,13 @@ import (
 	"os"
 	"os/exec"
 	"path"
+	"path/filepath"
 	"strings"
 	"time"
 )

 type Image struct {
-	Id              string    `json:"id"`
+	ID              string    `json:"id"`
 	Parent          string    `json:"parent,omitempty"`
 	Comment         string    `json:"comment,omitempty"`
 	Created         time.Time `json:"created"`
@@ -29,6 +30,7 @@ type Image struct {
 	Config          *Config   `json:"config,omitempty"`
 	Architecture    string    `json:"architecture,omitempty"`
 	graph           *Graph
+	Size            int64
 }

 func LoadImage(root string) (*Image, error) {
@@ -42,18 +44,17 @@ func LoadImage(root string) (*Image, error) {
 	if err := json.Unmarshal(jsonData, img); err != nil {
 		return nil, err
 	}
-	if err := ValidateId(img.Id); err != nil {
+	if err := ValidateID(img.ID); err != nil {
 		return nil, err
 	}
 	// Check that the filesystem layer exists
 	if stat, err := os.Stat(layerPath(root)); err != nil {
 		if os.IsNotExist(err) {
-			return nil, fmt.Errorf("Couldn't load image %s: no filesystem layer", img.Id)
-		} else {
-			return nil, err
+			return nil, fmt.Errorf("Couldn't load image %s: no filesystem layer", img.ID)
 		}
+		return nil, err
 	} else if !stat.IsDir() {
-		return nil, fmt.Errorf("Couldn't load image %s: %s is not a directory", img.Id, layerPath(root))
+		return nil, fmt.Errorf("Couldn't load image %s: %s is not a directory", img.ID, layerPath(root))
 	}
 	return img, nil
 }
@@ -61,7 +62,7 @@ func LoadImage(root string) (*Image, error) {
 func StoreImage(img *Image, layerData Archive, root string, store bool) error {
 	// Check that root doesn't already exist
 	if _, err := os.Stat(root); err == nil {
-		return fmt.Errorf("Image %s already exists", img.Id)
+		return fmt.Errorf("Image %s already exists", img.ID)
 	} else if !os.IsNotExist(err) {
 		return err
 	}
@@ -95,6 +96,18 @@ func StoreImage(img *Image, layerData Archive, root string, store bool) error {
 	if err := Untar(layerData, layer); err != nil {
 		return err
 	}
+
+	return StoreSize(img, root)
+}
+
+func StoreSize(img *Image, root string) error {
+	layer := layerPath(root)
+
+	filepath.Walk(layer, func(path string, fileInfo os.FileInfo, err error) error {
+		img.Size += fileInfo.Size()
+		return nil
+	})
+
 	// Store the json ball
 	jsonData, err := json.Marshal(img)
 	if err != nil {
@@ -127,6 +140,8 @@ func MountAUFS(ro []string, rw string, target string) error {
 	}
 	branches := fmt.Sprintf("br:%v:%v", rwBranch, roBranches)

+	branches += ",xino=/dev/shm/aufs.xino"
+
 	//if error, try to load aufs kernel module
 	if err := mount("none", target, "aufs", 0, branches); err != nil {
 		log.Printf("Kernel does not support AUFS, trying to load the AUFS module with modprobe...")
@@ -181,11 +196,11 @@ func (image *Image) Changes(rw string) ([]Change, error) {
 	return Changes(layers, rw)
 }

-func (image *Image) ShortId() string {
-	return utils.TruncateId(image.Id)
+func (image *Image) ShortID() string {
+	return utils.TruncateID(image.ID)
 }

-func ValidateId(id string) error {
+func ValidateID(id string) error {
 	if id == "" {
 		return fmt.Errorf("Image id can't be empty")
 	}
@@ -195,7 +210,7 @@ func ValidateId(id string) error {
 	return nil
 }

-func GenerateId() string {
+func GenerateID() string {
 	id := make([]byte, 32)
 	_, err := io.ReadFull(rand.Reader, id)
 	if err != nil {
@@ -241,7 +256,7 @@ func (img *Image) layers() ([]string, error) {
 		return nil, e
 	}
 	if len(list) == 0 {
-		return nil, fmt.Errorf("No layer found for image %s\n", img.Id)
+		return nil, fmt.Errorf("No layer found for image %s\n", img.ID)
 	}
 	return list, nil
 }
@@ -276,7 +291,7 @@ func (img *Image) root() (string, error) {
 	if img.graph == nil {
 		return "", fmt.Errorf("Can't lookup root of unregistered image")
 	}
-	return img.graph.imageRoot(img.Id), nil
+	return img.graph.imageRoot(img.ID), nil
 }

 // Return the path of an image's layer
@@ -289,8 +304,8 @@ func (img *Image) layer() (string, error) {
 }

 func (img *Image) Checksum() (string, error) {
-	img.graph.checksumLock[img.Id].Lock()
-	defer img.graph.checksumLock[img.Id].Unlock()
+	img.graph.checksumLock[img.ID].Lock()
+	defer img.graph.checksumLock[img.ID].Unlock()

 	root, err := img.root()
 	if err != nil {
@@ -301,7 +316,7 @@ func (img *Image) Checksum() (string, error) {
 	if err != nil {
 		return "", err
 	}
-	if checksum, ok := checksums[img.Id]; ok {
+	if checksum, ok := checksums[img.ID]; ok {
 		return checksum, nil
 	}

@@ -352,7 +367,7 @@ func (img *Image) Checksum() (string, error) {
 		return "", err
 	}

-	checksums[img.Id] = hash
+	checksums[img.ID] = hash

 	// Dump the checksums to disc
 	if err := img.graph.storeChecksums(checksums); err != nil {
@@ -362,8 +377,17 @@ func (img *Image) Checksum() (string, error) {
 	return hash, nil
 }

+func (img *Image) getParentsSize(size int64) int64 {
+	parentImage, err := img.GetParent()
+	if err != nil || parentImage == nil {
+		return size
+	}
+	size += parentImage.Size
+	return parentImage.getParentsSize(size)
+}
+
 // Build an Image object from raw json data
-func NewImgJson(src []byte) (*Image, error) {
+func NewImgJSON(src []byte) (*Image, error) {
 	ret := &Image{}

 	utils.Debugf("Json string: {%s}\n", src)
--- a/lxc_template.go
+++ b/lxc_template.go
@@ -19,7 +19,7 @@ lxc.network.flags = up
 lxc.network.link = {{.NetworkSettings.Bridge}}
 lxc.network.name = eth0
 lxc.network.mtu = 1500
-lxc.network.ipv4 = {{.NetworkSettings.IpAddress}}/{{.NetworkSettings.IpPrefixLen}}
+lxc.network.ipv4 = {{.NetworkSettings.IPAddress}}/{{.NetworkSettings.IPPrefixLen}}

 # root filesystem
 {{$ROOTFS := .RootfsPath}}
@@ -67,7 +67,11 @@ lxc.cgroup.devices.allow = c 10:200 rwm


 # standard mount point
+#  WARNING: procfs is a known attack vector and should probably be disabled
+#           if your userspace allows it. eg. see http://blog.zx2c4.com/749
 lxc.mount.entry = proc {{$ROOTFS}}/proc proc nosuid,nodev,noexec 0 0
+#  WARNING: sysfs is a known attack vector and should probably be disabled
+#           if your userspace allows it. eg. see http://bit.ly/T9CkqJ
 lxc.mount.entry = sysfs {{$ROOTFS}}/sys sysfs nosuid,nodev,noexec 0 0
 lxc.mount.entry = devpts {{$ROOTFS}}/dev/pts devpts newinstance,ptmxmode=0666,nosuid,noexec 0 0
 #lxc.mount.entry = varrun {{$ROOTFS}}/var/run tmpfs mode=755,size=4096k,nosuid,nodev,noexec 0 0
@@ -86,6 +90,9 @@ lxc.mount.entry = {{$realPath}} {{$ROOTFS}}/{{$virtualPath}} none bind,rw 0 0
 {{end}}

 # drop linux capabilities (apply mainly to the user root in the container)
+#  (Note: 'lxc.cap.keep' is coming soon and should replace this under the
+#         security principle 'deny all unless explicitly permitted', see
+#         http://sourceforge.net/mailarchive/message.php?msg_id=31054627 )
 lxc.cap.drop = audit_control audit_write mac_admin mac_override mknod setfcap setpcap sys_admin sys_boot sys_module sys_nice sys_pacct sys_rawio sys_resource sys_time sys_tty_config

 # limits
--- a/mount.go
+++ b/mount.go
@@ -2,13 +2,18 @@ package docker

 import (
 	"fmt"
+	"github.com/dotcloud/docker/utils"
 	"os"
+	"os/exec"
 	"path/filepath"
 	"syscall"
 	"time"
 )

 func Unmount(target string) error {
+	if err := exec.Command("auplink", target, "flush").Run(); err != nil {
+		utils.Debugf("[warning]: couldn't run auplink before unmount: %s", err)
+	}
 	if err := syscall.Unmount(target, 0); err != nil {
 		return err
 	}
--- a/network.go
+++ b/network.go
@@ -52,7 +52,7 @@ func ipToInt(ip net.IP) int32 {
 }

 // Converts 32 bit integer into a 4 bytes IP address
-func intToIp(n int32) net.IP {
+func intToIP(n int32) net.IP {
 	b := make([]byte, 4)
 	binary.BigEndian.PutUint32(b, uint32(n))
 	return net.IP(b)
@@ -132,9 +132,8 @@ func CreateBridgeIface(ifaceName string) error {
 	}
 	if ifaceAddr == "" {
 		return fmt.Errorf("Could not find a free IP address range for interface '%s'. Please configure its address manually and run 'docker -b %s'", ifaceName, ifaceName)
-	} else {
-		utils.Debugf("Creating bridge %s with network %s", ifaceName, ifaceAddr)
 	}
+	utils.Debugf("Creating bridge %s with network %s", ifaceName, ifaceAddr)

 	if output, err := ip("link", "add", ifaceName, "type", "bridge"); err != nil {
 		return fmt.Errorf("Error creating bridge: %s (output: %s)", err, output)
@@ -258,7 +257,7 @@ func proxy(listener net.Listener, proto, address string) error {
 		utils.Debugf("Connected to backend, splicing")
 		splice(src, dst)
 	}
-	return nil
+	panic("Unreachable")
 }

 func halfSplice(dst, src net.Conn) error {
@@ -398,7 +397,7 @@ func (alloc *IPAllocator) run() {
 			}
 		}

-		ip := allocatedIP{ip: intToIp(newNum)}
+		ip := allocatedIP{ip: intToIP(newNum)}
 		if inUse {
 			ip.err = errors.New("No unallocated IP available")
 		}
@@ -465,11 +464,11 @@ func (iface *NetworkInterface) AllocatePort(spec string) (*Nat, error) {
 		return nil, err
 	}
 	// Allocate a random port if Frontend==0
-	if extPort, err := iface.manager.portAllocator.Acquire(nat.Frontend); err != nil {
+	extPort, err := iface.manager.portAllocator.Acquire(nat.Frontend)
+	if err != nil {
 		return nil, err
-	} else {
-		nat.Frontend = extPort
 	}
+	nat.Frontend = extPort
 	if err := iface.manager.portMapper.Map(nat.Frontend, net.TCPAddr{IP: iface.IPNet.IP, Port: nat.Backend}); err != nil {
 		iface.manager.portAllocator.Release(nat.Frontend)
 		return nil, err
@@ -486,20 +485,38 @@ type Nat struct {

 func parseNat(spec string) (*Nat, error) {
 	var nat Nat
-	// If spec starts with ':', external and internal ports must be the same.
-	// This might fail if the requested external port is not available.
-	var sameFrontend bool
-	if spec[0] == ':' {
-		sameFrontend = true
-		spec = spec[1:]
-	}
-	port, err := strconv.ParseUint(spec, 10, 16)
-	if err != nil {
-		return nil, err
-	}
-	nat.Backend = int(port)
-	if sameFrontend {
-		nat.Frontend = nat.Backend
+
+	if strings.Contains(spec, ":") {
+		specParts := strings.Split(spec, ":")
+		if len(specParts) != 2 {
+			return nil, fmt.Errorf("Invalid port format.")
+		}
+		// If spec starts with ':', external and internal ports must be the same.
+		// This might fail if the requested external port is not available.
+		var sameFrontend bool
+		if len(specParts[0]) == 0 {
+			sameFrontend = true
+		} else {
+			front, err := strconv.ParseUint(specParts[0], 10, 16)
+			if err != nil {
+				return nil, err
+			}
+			nat.Frontend = int(front)
+		}
+		back, err := strconv.ParseUint(specParts[1], 10, 16)
+		if err != nil {
+			return nil, err
+		}
+		nat.Backend = int(back)
+		if sameFrontend {
+			nat.Frontend = nat.Backend
+		}
+	} else {
+		port, err := strconv.ParseUint(spec, 10, 16)
+		if err != nil {
+			return nil, err
+		}
+		nat.Backend = int(port)
 	}
 	nat.Proto = "tcp"
 	return &nat, nil
--- a/network_test.go
+++ b/network_test.go
@@ -18,6 +18,32 @@ func TestIptables(t *testing.T) {
 	}
 }

+func TestParseNat(t *testing.T) {
+	if nat, err := parseNat("4500"); err == nil {
+		if nat.Frontend != 0 || nat.Backend != 4500 {
+			t.Errorf("-p 4500 should produce 0->4500, got %d->%d", nat.Frontend, nat.Backend)
+		}
+	} else {
+		t.Fatal(err)
+	}
+
+	if nat, err := parseNat(":4501"); err == nil {
+		if nat.Frontend != 4501 || nat.Backend != 4501 {
+			t.Errorf("-p :4501 should produce 4501->4501, got %d->%d", nat.Frontend, nat.Backend)
+		}
+	} else {
+		t.Fatal(err)
+	}
+
+	if nat, err := parseNat("4502:4503"); err == nil {
+		if nat.Frontend != 4502 || nat.Backend != 4503 {
+			t.Errorf("-p 4502:4503 should produce 4502->4503, got %d->%d", nat.Frontend, nat.Backend)
+		}
+	} else {
+		t.Fatal(err)
+	}
+}
+
 func TestPortAllocation(t *testing.T) {
 	allocator, err := newPortAllocator()
 	if err != nil {
@@ -137,7 +163,7 @@ func TestConversion(t *testing.T) {
 	if i == 0 {
 		t.Fatal("converted to zero")
 	}
-	conv := intToIp(i)
+	conv := intToIP(i)
 	if !ip.Equal(conv) {
 		t.Error(conv.String())
 	}
--- a/packaging/debian/control
+++ b/packaging/debian/control
@@ -10,7 +10,7 @@ Homepage: http://github.com/dotcloud/docker

 Package: lxc-docker
 Architecture: linux-any
-Depends: ${shlibs:Depends}, ${misc:Depends}, lxc, bsdtar
+Depends: ${shlibs:Depends}, ${misc:Depends}, lxc, bsdtar, aufs-tools
 Description: Linux container runtime
 Docker complements LXC with a high-level API which operates at the process
 level. It runs unix processes with strong guarantees of isolation and
--- a/packaging/ubuntu/Makefile
+++ b/packaging/ubuntu/Makefile
@@ -1,20 +1,17 @@
 # Ubuntu package Makefile
 #
-# Dependencies:  debhelper autotools-dev devscripts golang
+# Dependencies:  debhelper autotools-dev devscripts golang-stable
 # Notes:
-# Use 'make ubuntu' to create the ubuntu package
-# GPG_KEY environment variable needs to contain a GPG private key for package to be signed
-# and uploaded to docker PPA.
-# If GPG_KEY is not defined, make ubuntu will create docker package and exit with
-# status code 2
+# Use 'make ubuntu' to create the ubuntu package and push it to stating PPA by
+# default. To push to production, set PUBLISH_PPA=1 before doing 'make ubuntu'
+# GPG_KEY environment variable needs to contain a GPG private key for package
+# to be signed and uploaded to docker PPA. If GPG_KEY is not defined,
+# make ubuntu will create docker package and exit with status code 2

 PKG_NAME=lxc-docker
-VERSION=$(shell head -1 changelog | sed 's/^.\+(\(.\+\)..).\+$$/\1/')
 GITHUB_PATH=github.com/dotcloud/docker
-DOCKER_VERSION=${PKG_NAME}_${VERSION}
-DOCKER_FVERSION=${PKG_NAME}_$(shell head -1 changelog | sed 's/^.\+(\(.\+\)).\+$$/\1/')
 BUILD_SRC=${CURDIR}/../../build_src
-VERSION_TAG=v$(shell head -1 changelog | sed 's/^.\+(\(.\+\)-[0-9]\+).\+$$/\1/')
+VERSION=$(shell sed -En '0,/^\#\# /{s/^\#\# ([^ ]+).+/\1/p}' ../../CHANGELOG.md)

 all:
 	# Compile docker. Used by dpkg-buildpackage.
@@ -35,18 +32,19 @@ ubuntu:
 	# Retrieve docker project and its go structure from internet
 	rm -rf ${BUILD_SRC}
 	git clone $(shell git rev-parse --show-toplevel) ${BUILD_SRC}/${GITHUB_PATH}
-	cd ${BUILD_SRC}/${GITHUB_PATH}; git checkout ${VERSION_TAG} && GOPATH=${BUILD_SRC} go get -d
+	cd ${BUILD_SRC}/${GITHUB_PATH}; git checkout v${VERSION} && GOPATH=${BUILD_SRC} go get -d
 	# Add debianization
 	mkdir ${BUILD_SRC}/debian
 	cp Makefile ${BUILD_SRC}
 	cp -r * ${BUILD_SRC}/debian
 	cp ../../README.md ${BUILD_SRC}
+	./parse_changelog.py < ../../CHANGELOG.md  > ${BUILD_SRC}/debian/changelog
 	# Cleanup
 	for d in `find ${BUILD_SRC} -name '.git*'`; do rm -rf $$d; done
-	rm -rf ${BUILD_SRC}/../${DOCKER_VERSION}.orig.tar.gz
+	rm -rf ${BUILD_SRC}/../${PKG_NAME}_${VERSION}.orig.tar.gz
 	rm -rf ${BUILD_SRC}/pkg
 	# Create docker debian files
-	cd ${BUILD_SRC}; tar czf ../${DOCKER_VERSION}.orig.tar.gz .
+	cd ${BUILD_SRC}; tar czf ../${PKG_NAME}_${VERSION}.orig.tar.gz .
 	cd ${BUILD_SRC}; dpkg-buildpackage -us -uc
 	rm -rf ${BUILD_SRC}
 	# Sign package and upload it to PPA if GPG_KEY environment variable
@@ -54,9 +52,11 @@ ubuntu:
 	if /usr/bin/test "$${GPG_KEY}" == ""; then exit 2; fi
 	mkdir ${BUILD_SRC}
 	# Import gpg signing key
-	echo "$${GPG_KEY}" | gpg --allow-secret-key-import --import
+	echo "$${GPG_KEY}" | gpg --allow-secret-key-import --import || true
 	# Sign the package
-	cd ${BUILD_SRC}; dpkg-source -x ${BUILD_SRC}/../${DOCKER_FVERSION}.dsc
+	cd ${BUILD_SRC}; dpkg-source -x ${BUILD_SRC}/../${PKG_NAME}_${VERSION}-1.dsc
 	cd ${BUILD_SRC}/${PKG_NAME}-${VERSION}; debuild -S -sa
-	cd ${BUILD_SRC};dput ppa:dotcloud/lxc-docker ${DOCKER_FVERSION}_source.changes
+	# Upload to PPA
+	if [ "${PUBLISH_PPA}" = "1" ];  then cd ${BUILD_SRC};dput ppa:dotcloud/lxc-docker ${PKG_NAME}_${VERSION}-1_source.changes; fi
+	if [ "${PUBLISH_PPA}" != "1" ]; then cd ${BUILD_SRC};dput ppa:dotcloud/docker-staging ${PKG_NAME}_${VERSION}-1_source.changes; fi
 	rm -rf ${BUILD_SRC}
--- a/packaging/ubuntu/changelog
+++ b/packaging/ubuntu/changelog
@@ -1,222 +0,0 @@
-lxc-docker (0.4.0-1) precise; urgency=low
-  - Introducing Builder: 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile
-  - Introducing Remote API: control Docker programmatically using a simple HTTP/json API
-  - Runtime: various reliability and usability improvements
-
- -- dotCloud <ops@dotcloud.com>  Mon, 03 Jun 2013 00:00:00 -0700
-
-lxc-docker (0.3.4-1) precise; urgency=low
-  - Builder: 'docker build' builds a container, layer by layer, from a source repository containing a Dockerfile
-  - Builder: 'docker build -t FOO' applies the tag FOO to the newly built container.
-  - Runtime: interactive TTYs correctly handle window resize
-  - Runtime: fix how configuration is merged between layers
-  - Remote API: split stdout and stderr on 'docker run'
-  - Remote API: optionally listen on a different IP and port (use at your own risk)
-  - Documentation: improved install instructions.
-
- -- dotCloud <ops@dotcloud.com>  Thu, 30 May 2013 00:00:00 -0700
-
-
-lxc-docker (0.3.3-1) precise; urgency=low
-  - Registry: Fix push regression
-  - Various bugfixes
-
- -- dotCloud <ops@dotcloud.com>  Thu, 23 May 2013 00:00:00 -0700
-
-
-lxc-docker (0.3.2-1) precise; urgency=low
-  - Runtime: Store the actual archive on commit
-  - Registry: Improve the checksum process
-  - Registry: Use the size to have a good progress bar while pushing
-  - Registry: Use the actual archive if it exists in order to speed up the push
-  - Registry: Fix error 400 on push
-
- -- dotCloud <ops@dotcloud.com>  Fri, 9 May 2013 00:00:00 -0700
-
-
-lxc-docker (0.3.1-1) precise; urgency=low
-  - Builder: Implement the autorun capability within docker builder
-  - Builder: Add caching to docker builder
-  - Builder: Add support for docker builder with native API as top level command
-  - Runtime: Add go version to debug infos
-  - Builder: Implement ENV within docker builder
-  - Registry: Add docker search top level command in order to search a repository
-  - Images: output graph of images to dot (graphviz)
-  - Documentation: new introduction and high-level overview
-  - Documentation: Add the documentation for docker builder
-  - Website: new high-level overview
-  - Makefile: Swap "go get" for "go get -d", especially to compile on go1.1rc
-  - Images: fix ByParent function
-  - Builder: Check the command existance prior create and add Unit tests for the case
-  - Registry: Fix pull for official images with specific tag
-  - Registry: Fix issue when login in with a different user and trying to push
-  - Documentation: CSS fix for docker documentation to make REST API docs look better.
-  - Documentation: Fixed CouchDB example page header mistake
-  - Documentation: fixed README formatting
-  - Registry: Improve checksum - async calculation
-  - Runtime: kernel version - don't show the dash if flavor is empty
-  - Documentation: updated www.docker.io website.
-  - Builder: use any whitespaces instead of tabs
-  - Packaging: packaging ubuntu; issue #510: Use goland-stable PPA package to build docker
-
- -- dotCloud <ops@dotcloud.com>  Fri, 8 May 2013 00:00:00 -0700
-
-
-lxc-docker (0.3.0-1) precise; urgency=low
-  - Registry: Implement the new registry
-  - Documentation: new example: sharing data between 2 couchdb databases
-  - Runtime: Fix the command existance check
-  - Runtime: strings.Split may return an empty string on no match
-  - Runtime: Fix an index out of range crash if cgroup memory is not
-  - Documentation: Various improvments
-  - Vagrant: Use only one deb line in /etc/apt
-
- -- dotCloud <ops@dotcloud.com>  Fri, 5 May 2013 00:00:00 -0700
-
-
-lxc-docker (0.2.2-1) precise; urgency=low
-  - Support for data volumes ('docker run -v=PATH')
-  - Share data volumes between containers ('docker run -volumes-from')
-  - Improved documentation
-  - Upgrade to Go 1.0.3
-  - Various upgrades to the dev environment for contributors
-
- -- dotCloud <ops@dotcloud.com>  Fri, 3 May 2013 00:00:00 -0700
-
-
-lxc-docker (0.2.1-1) precise; urgency=low
-
-  - 'docker commit -run' bundles a layer with default runtime options: command, ports etc.
-  - Improve install process on Vagrant
-  - New Dockerfile operation: "maintainer"
-  - New Dockerfile operation: "expose"
-  - New Dockerfile operation: "cmd"
-  - Contrib script to build a Debian base layer
-  - 'docker -d -r': restart crashed containers at daemon startup
-  - Runtime: improve test coverage
-
- -- dotCloud <ops@dotcloud.com>  Wed, 1 May 2013 00:00:00 -0700
-
-
-lxc-docker (0.2.0-1) precise; urgency=low
-
-  - Runtime: ghost containers can be killed and waited for
-  - Documentation: update install intructions
-  - Packaging: fix Vagrantfile
-  - Development: automate releasing binaries and ubuntu packages
-  - Add a changelog
-  - Various bugfixes
-
- -- dotCloud <ops@dotcloud.com>  Mon, 23 Apr 2013 00:00:00 -0700
-
-
-lxc-docker (0.1.8-1) precise; urgency=low
-
-  - Dynamically detect cgroup capabilities
-  - Issue stability warning on kernels <3.8
-  - 'docker push' buffers on disk instead of memory
-  - Fix 'docker diff' for removed files
-  - Fix 'docker stop' for ghost containers
-  - Fix handling of pidfile
-  - Various bugfixes and stability improvements
-
- -- dotCloud <ops@dotcloud.com>  Mon, 22 Apr 2013 00:00:00 -0700
-
-
-lxc-docker (0.1.7-1) precise; urgency=low
-
-  - Container ports are available on localhost
-  - 'docker ps' shows allocated TCP ports
-  - Contributors can run 'make hack' to start a continuous integration VM
-  - Streamline ubuntu packaging & uploading
-  - Various bugfixes and stability improvements
-
- -- dotCloud <ops@dotcloud.com>  Thu, 18 Apr 2013 00:00:00 -0700
-
-
-lxc-docker (0.1.6-1) precise; urgency=low
-
-  - Record the author an image with 'docker commit -author'
-
- -- dotCloud <ops@dotcloud.com>  Wed, 17 Apr 2013 00:00:00 -0700
-
-
-lxc-docker (0.1.5-1) precise; urgency=low
-
-  - Disable standalone mode
-  - Use a custom DNS resolver with 'docker -d -dns'
-  - Detect ghost containers
-  - Improve diagnosis of missing system capabilities
-  - Allow disabling memory limits at compile time
-  - Add debian packaging
-  - Documentation: installing on Arch Linux
-  - Documentation: running Redis on docker
-  - Fixed lxc 0.9 compatibility
-  - Automatically load aufs module
-  - Various bugfixes and stability improvements
-
- -- dotCloud <ops@dotcloud.com>  Wed, 17 Apr 2013 00:00:00 -0700
-
-
-lxc-docker (0.1.4-1) precise; urgency=low
-
-  - Full support for TTY emulation
-  - Detach from a TTY session with the escape sequence `C-p C-q`
-  - Various bugfixes and stability improvements
-  - Minor UI improvements
-  - Automatically create our own bridge interface 'docker0'
-
- -- dotCloud <ops@dotcloud.com>  Tue,  9 Apr 2013 00:00:00 -0700
-
-
-lxc-docker (0.1.3-1) precise; urgency=low
-
-  - Choose TCP frontend port with '-p :PORT'
-  - Layer format is versioned
-  - Major reliability improvements to the process manager
-  - Various bugfixes and stability improvements
-
- -- dotCloud <ops@dotcloud.com>  Thu,  4 Apr 2013 00:00:00 -0700
-
-
-lxc-docker (0.1.2-1) precise; urgency=low
-
-  - Set container hostname with 'docker run -h'
-  - Selective attach at run with 'docker run -a [stdin[,stdout[,stderr]]]'
-  - Various bugfixes and stability improvements
-  - UI polish
-  - Progress bar on push/pull
-  - Use XZ compression by default
-  - Make IP allocator lazy
-
- -- dotCloud <ops@dotcloud.com>  Wed,  3 Apr 2013 00:00:00 -0700
-
-
-lxc-docker (0.1.1-1) precise; urgency=low
-
-  - Display shorthand IDs for convenience
-  - Stabilize process management
-  - Layers can include a commit message
-  - Simplified 'docker attach'
-  - Fixed support for re-attaching
-  - Various bugfixes and stability improvements
-  - Auto-download at run
-  - Auto-login on push
-  - Beefed up documentation
-
- -- dotCloud <ops@dotcloud.com>  Sun, 31 Mar 2013 00:00:00 -0700
-
-
-lxc-docker (0.1.0-1) precise; urgency=low
-
-  - First release
-  - Implement registry in order to push/pull images
-  - TCP port allocation
-  - Fix termcaps on Linux
-  - Add documentation
-  - Add Vagrant support with Vagrantfile
-  - Add unit tests
-  - Add repository/tags to ease image management
-  - Improve the layer implementation
-
- -- dotCloud <ops@dotcloud.com>  Sat, 23 Mar 2013 00:00:00 -0700
--- a/packaging/ubuntu/control
+++ b/packaging/ubuntu/control
@@ -8,7 +8,7 @@ Homepage: http://github.com/dotcloud/docker

 Package: lxc-docker
 Architecture: linux-any
-Depends: ${misc:Depends},${shlibs:Depends},lxc,bsdtar
+Depends: ${misc:Depends},${shlibs:Depends},lxc,bsdtar,aufs-tools
 Conflicts: docker
 Description: lxc-docker is a Linux container runtime
 Docker complements LXC with a high-level API which operates at the process
--- a/packaging/ubuntu/parse_changelog.py
+++ b/packaging/ubuntu/parse_changelog.py
@@ -0,0 +1,23 @@
+#!/usr/bin/env python
+
+'Parse main CHANGELOG.md from stdin outputing on stdout the ubuntu changelog'
+
+import sys,re, datetime
+
+on_block=False
+for line in sys.stdin.readlines():
+    line = line.strip()
+    if line.startswith('# ') or len(line) == 0:
+        continue
+    if line.startswith('## '):
+        if on_block:
+            print '\n -- dotCloud <ops@dotcloud.com>  {0}\n'.format(date)
+        version, date = line[3:].split()
+        date = datetime.datetime.strptime(date, '(%Y-%m-%d)').strftime(
+            '%a, %d %b %Y 00:00:00 -0700')
+        on_block = True
+        print 'lxc-docker ({0}-1) precise; urgency=low'.format(version)
+        continue
+    if on_block:
+        print '  ' + line
+print '\n -- dotCloud <ops@dotcloud.com>  {0}'.format(date)
--- a/registry/registry.go
+++ b/registry/registry.go
@@ -7,15 +7,16 @@ import (
 	"fmt"
 	"github.com/dotcloud/docker/auth"
 	"github.com/dotcloud/docker/utils"
-	"github.com/shin-/cookiejar"
 	"io"
 	"io/ioutil"
 	"net/http"
+	"net/http/cookiejar"
 	"net/url"
+	"strconv"
 	"strings"
 )

-var ErrAlreadyExists error = errors.New("Image already exists")
+var ErrAlreadyExists = errors.New("Image already exists")

 func doWithCookies(c *http.Client, req *http.Request) (*http.Response, error) {
 	for _, cookie := range c.Jar.Cookies(req.URL) {
@@ -64,7 +65,11 @@ func (r *Registry) LookupRemoteImage(imgId, registry string, authConfig *auth.Au
 	}
 	req.SetBasicAuth(authConfig.Username, authConfig.Password)
 	res, err := rt.RoundTrip(req)
-	return err == nil && res.StatusCode == 307
+	if err != nil {
+		return false
+	}
+	res.Body.Close()
+	return res.StatusCode == 307
 }

 func (r *Registry) getImagesInRepository(repository string, authConfig *auth.AuthConfig) ([]map[string]string, error) {
@@ -102,40 +107,45 @@ func (r *Registry) getImagesInRepository(repository string, authConfig *auth.Aut
 }

 // Retrieve an image from the Registry.
-// Returns the Image object as well as the layer as an Archive (io.Reader)
-func (r *Registry) GetRemoteImageJson(imgId, registry string, token []string) ([]byte, error) {
-	// Get the Json
+func (r *Registry) GetRemoteImageJSON(imgId, registry string, token []string) ([]byte, int, error) {
+	// Get the JSON
 	req, err := http.NewRequest("GET", registry+"/images/"+imgId+"/json", nil)
 	if err != nil {
-		return nil, fmt.Errorf("Failed to download json: %s", err)
+		return nil, -1, fmt.Errorf("Failed to download json: %s", err)
 	}
 	req.Header.Set("Authorization", "Token "+strings.Join(token, ", "))
 	res, err := r.client.Do(req)
 	if err != nil {
-		return nil, fmt.Errorf("Failed to download json: %s", err)
+		return nil, -1, fmt.Errorf("Failed to download json: %s", err)
 	}
 	defer res.Body.Close()
 	if res.StatusCode != 200 {
-		return nil, fmt.Errorf("HTTP code %d", res.StatusCode)
+		return nil, -1, fmt.Errorf("HTTP code %d", res.StatusCode)
 	}
+
+	imageSize, err := strconv.Atoi(res.Header.Get("X-Docker-Size"))
+	if err != nil {
+		return nil, -1, err
+	}
+
 	jsonString, err := ioutil.ReadAll(res.Body)
 	if err != nil {
-		return nil, fmt.Errorf("Failed to parse downloaded json: %s (%s)", err, jsonString)
+		return nil, -1, fmt.Errorf("Failed to parse downloaded json: %s (%s)", err, jsonString)
 	}
-	return jsonString, nil
+	return jsonString, imageSize, nil
 }

-func (r *Registry) GetRemoteImageLayer(imgId, registry string, token []string) (io.ReadCloser, int, error) {
+func (r *Registry) GetRemoteImageLayer(imgId, registry string, token []string) (io.ReadCloser, error) {
 	req, err := http.NewRequest("GET", registry+"/images/"+imgId+"/layer", nil)
 	if err != nil {
-		return nil, -1, fmt.Errorf("Error while getting from the server: %s\n", err)
+		return nil, fmt.Errorf("Error while getting from the server: %s\n", err)
 	}
 	req.Header.Set("Authorization", "Token "+strings.Join(token, ", "))
 	res, err := r.client.Do(req)
 	if err != nil {
-		return nil, -1, err
+		return nil, err
 	}
-	return res.Body, int(res.ContentLength), nil
+	return res.Body, nil
 }

 func (r *Registry) GetRemoteTags(registries []string, repository string, token []string) (map[string]string, error) {
@@ -146,27 +156,30 @@ func (r *Registry) GetRemoteTags(registries []string, repository string, token [
 	}
 	for _, host := range registries {
 		endpoint := fmt.Sprintf("https://%s/v1/repositories/%s/tags", host, repository)
-		req, err := http.NewRequest("GET", endpoint, nil)
+		req, err := r.opaqueRequest("GET", endpoint, nil)
 		if err != nil {
 			return nil, err
 		}
 		req.Header.Set("Authorization", "Token "+strings.Join(token, ", "))
 		res, err := r.client.Do(req)
-		defer res.Body.Close()
+		if err != nil {
+			return nil, err
+		}
 		utils.Debugf("Got status code %d from %s", res.StatusCode, endpoint)
-		if err != nil || (res.StatusCode != 200 && res.StatusCode != 404) {
+		defer res.Body.Close()
+
+		if res.StatusCode != 200 && res.StatusCode != 404 {
 			continue
 		} else if res.StatusCode == 404 {
 			return nil, fmt.Errorf("Repository not found")
 		}

 		result := make(map[string]string)
-
-		rawJson, err := ioutil.ReadAll(res.Body)
+		rawJSON, err := ioutil.ReadAll(res.Body)
 		if err != nil {
 			return nil, err
 		}
-		if err := json.Unmarshal(rawJson, &result); err != nil {
+		if err := json.Unmarshal(rawJSON, &result); err != nil {
 			return nil, err
 		}
 		return result, nil
@@ -177,7 +190,7 @@ func (r *Registry) GetRemoteTags(registries []string, repository string, token [
 func (r *Registry) GetRepositoryData(remote string) (*RepositoryData, error) {
 	repositoryTarget := auth.IndexServerAddress() + "/repositories/" + remote + "/images"

-	req, err := http.NewRequest("GET", repositoryTarget, nil)
+	req, err := r.opaqueRequest("GET", repositoryTarget, nil)
 	if err != nil {
 		return nil, err
 	}
@@ -212,19 +225,19 @@ func (r *Registry) GetRepositoryData(remote string) (*RepositoryData, error) {
 		return nil, fmt.Errorf("Index response didn't contain any endpoints")
 	}

-	checksumsJson, err := ioutil.ReadAll(res.Body)
+	checksumsJSON, err := ioutil.ReadAll(res.Body)
 	if err != nil {
 		return nil, err
 	}
 	remoteChecksums := []*ImgData{}
-	if err := json.Unmarshal(checksumsJson, &remoteChecksums); err != nil {
+	if err := json.Unmarshal(checksumsJSON, &remoteChecksums); err != nil {
 		return nil, err
 	}

 	// Forge a better object from the retrieved data
 	imgsData := make(map[string]*ImgData)
 	for _, elem := range remoteChecksums {
-		imgsData[elem.Id] = elem
+		imgsData[elem.ID] = elem
 	}

 	return &RepositoryData{
@@ -235,10 +248,10 @@ func (r *Registry) GetRepositoryData(remote string) (*RepositoryData, error) {
 }

 // Push a local image to the registry
-func (r *Registry) PushImageJsonRegistry(imgData *ImgData, jsonRaw []byte, registry string, token []string) error {
+func (r *Registry) PushImageJSONRegistry(imgData *ImgData, jsonRaw []byte, registry string, token []string) error {
 	registry = "https://" + registry + "/v1"
 	// FIXME: try json with UTF8
-	req, err := http.NewRequest("PUT", registry+"/images/"+imgData.Id+"/json", strings.NewReader(string(jsonRaw)))
+	req, err := http.NewRequest("PUT", registry+"/images/"+imgData.ID+"/json", strings.NewReader(string(jsonRaw)))
 	if err != nil {
 		return err
 	}
@@ -246,7 +259,7 @@ func (r *Registry) PushImageJsonRegistry(imgData *ImgData, jsonRaw []byte, regis
 	req.Header.Set("Authorization", "Token "+strings.Join(token, ","))
 	req.Header.Set("X-Docker-Checksum", imgData.Checksum)

-	utils.Debugf("Setting checksum for %s: %s", imgData.Id, imgData.Checksum)
+	utils.Debugf("Setting checksum for %s: %s", imgData.ID, imgData.Checksum)
 	res, err := doWithCookies(r.client, req)
 	if err != nil {
 		return fmt.Errorf("Failed to upload metadata: %s", err)
@@ -296,6 +309,15 @@ func (r *Registry) PushImageLayerRegistry(imgId string, layer io.Reader, registr
 	return nil
 }

+func (r *Registry) opaqueRequest(method, urlStr string, body io.Reader) (*http.Request, error) {
+	req, err := http.NewRequest(method, urlStr, body)
+	if err != nil {
+		return nil, err
+	}
+	req.URL.Opaque = strings.Replace(urlStr, req.URL.Scheme + ":", "", 1)
+	return req, err
+}
+
 // push a tag on the registry.
 // Remote has the format '<user>/<repo>
 func (r *Registry) PushRegistryTag(remote, revision, tag, registry string, token []string) error {
@@ -303,7 +325,7 @@ func (r *Registry) PushRegistryTag(remote, revision, tag, registry string, token
 	revision = "\"" + revision + "\""
 	registry = "https://" + registry + "/v1"

-	req, err := http.NewRequest("PUT", registry+"/repositories/"+remote+"/tags/"+tag, strings.NewReader(revision))
+	req, err := r.opaqueRequest("PUT", registry+"/repositories/"+remote+"/tags/"+tag, strings.NewReader(revision))
 	if err != nil {
 		return err
 	}
@@ -321,8 +343,8 @@ func (r *Registry) PushRegistryTag(remote, revision, tag, registry string, token
 	return nil
 }

-func (r *Registry) PushImageJsonIndex(remote string, imgList []*ImgData, validate bool) (*RepositoryData, error) {
-	imgListJson, err := json.Marshal(imgList)
+func (r *Registry) PushImageJSONIndex(remote string, imgList []*ImgData, validate bool, regs []string) (*RepositoryData, error) {
+	imgListJSON, err := json.Marshal(imgList)
 	if err != nil {
 		return nil, err
 	}
@@ -331,15 +353,18 @@ func (r *Registry) PushImageJsonIndex(remote string, imgList []*ImgData, validat
 		suffix = "images"
 	}

-	utils.Debugf("Image list pushed to index:\n%s\n", imgListJson)
+	utils.Debugf("Image list pushed to index:\n%s\n", imgListJSON)

-	req, err := http.NewRequest("PUT", auth.IndexServerAddress()+"/repositories/"+remote+"/"+suffix, bytes.NewReader(imgListJson))
+	req, err := r.opaqueRequest("PUT", auth.IndexServerAddress()+"/repositories/"+remote+"/"+suffix, bytes.NewReader(imgListJSON))
 	if err != nil {
 		return nil, err
 	}
 	req.SetBasicAuth(r.authConfig.Username, r.authConfig.Password)
-	req.ContentLength = int64(len(imgListJson))
+	req.ContentLength = int64(len(imgListJSON))
 	req.Header.Set("X-Docker-Token", "true")
+	if validate {
+		req.Header["X-Docker-Endpoints"] = regs
+	}

 	res, err := r.client.Do(req)
 	if err != nil {
@@ -350,14 +375,16 @@ func (r *Registry) PushImageJsonIndex(remote string, imgList []*ImgData, validat
 	// Redirect if necessary
 	for res.StatusCode >= 300 && res.StatusCode < 400 {
 		utils.Debugf("Redirected to %s\n", res.Header.Get("Location"))
-		req, err = http.NewRequest("PUT", res.Header.Get("Location"), bytes.NewReader(imgListJson))
+		req, err = r.opaqueRequest("PUT", res.Header.Get("Location"), bytes.NewReader(imgListJSON))
 		if err != nil {
 			return nil, err
 		}
 		req.SetBasicAuth(r.authConfig.Username, r.authConfig.Password)
-		req.ContentLength = int64(len(imgListJson))
+		req.ContentLength = int64(len(imgListJSON))
 		req.Header.Set("X-Docker-Token", "true")
-
+		if validate {
+			req.Header["X-Docker-Endpoints"] = regs
+		}
 		res, err = r.client.Do(req)
 		if err != nil {
 			return nil, err
@@ -389,11 +416,11 @@ func (r *Registry) PushImageJsonIndex(remote string, imgList []*ImgData, validat
 	}
 	if validate {
 		if res.StatusCode != 204 {
-			if errBody, err := ioutil.ReadAll(res.Body); err != nil {
+			errBody, err := ioutil.ReadAll(res.Body)
+			if err != nil {
 				return nil, err
-			} else {
-				return nil, fmt.Errorf("Error: Status %d trying to push checksums %s: %s", res.StatusCode, remote, errBody)
 			}
+			return nil, fmt.Errorf("Error: Status %d trying to push checksums %s: %s", res.StatusCode, remote, errBody)
 		}
 	}

@@ -426,11 +453,6 @@ func (r *Registry) SearchRepositories(term string) (*SearchResults, error) {
 	return result, err
 }

-func (r *Registry) ResetClient(authConfig *auth.AuthConfig) {
-	r.authConfig = authConfig
-	r.client.Jar = cookiejar.NewCookieJar()
-}
-
 func (r *Registry) GetAuthConfig(withPasswd bool) *auth.AuthConfig {
 	password := ""
 	if withPasswd {
@@ -456,7 +478,7 @@ type RepositoryData struct {
 }

 type ImgData struct {
-	Id       string `json:"id"`
+	ID       string `json:"id"`
 	Checksum string `json:"checksum,omitempty"`
 	Tag      string `json:",omitempty"`
 }
@@ -466,14 +488,18 @@ type Registry struct {
 	authConfig *auth.AuthConfig
 }

-func NewRegistry(root string) *Registry {
-	// If the auth file does not exist, keep going
-	authConfig, _ := auth.LoadConfig(root)
-
-	r := &Registry{
-		authConfig: authConfig,
-		client:     &http.Client{},
+func NewRegistry(root string, authConfig *auth.AuthConfig) (r *Registry, err error) {
+	httpTransport := &http.Transport{
+		DisableKeepAlives: true,
+		Proxy:             http.ProxyFromEnvironment,
 	}
-	r.client.Jar = cookiejar.NewCookieJar()
-	return r
+
+	r = &Registry{
+		authConfig: authConfig,
+		client: &http.Client{
+			Transport: httpTransport,
+		},
+	}
+	r.client.Jar, err = cookiejar.New(nil)
+	return r, err
 }
--- a/runtime.go
+++ b/runtime.go
@@ -32,6 +32,7 @@ type Runtime struct {
 	autoRestart    bool
 	volumes        *Graph
 	srv            *Server
+	Dns            []string
 }

 var sysInitPath string
@@ -51,7 +52,7 @@ func (runtime *Runtime) List() []*Container {
 func (runtime *Runtime) getContainerElement(id string) *list.Element {
 	for e := runtime.containers.Front(); e != nil; e = e.Next() {
 		container := e.Value.(*Container)
-		if container.Id == id {
+		if container.ID == id {
 			return e
 		}
 	}
@@ -83,8 +84,8 @@ func (runtime *Runtime) Load(id string) (*Container, error) {
 	if err := container.FromDisk(); err != nil {
 		return nil, err
 	}
-	if container.Id != id {
-		return container, fmt.Errorf("Container %s is stored at %s", container.Id, id)
+	if container.ID != id {
+		return container, fmt.Errorf("Container %s is stored at %s", container.ID, id)
 	}
 	if container.State.Running {
 		container.State.Ghost = true
@@ -95,12 +96,12 @@ func (runtime *Runtime) Load(id string) (*Container, error) {
 	return container, nil
 }

-// Register makes a container object usable by the runtime as <container.Id>
+// Register makes a container object usable by the runtime as <container.ID>
 func (runtime *Runtime) Register(container *Container) error {
-	if container.runtime != nil || runtime.Exists(container.Id) {
+	if container.runtime != nil || runtime.Exists(container.ID) {
 		return fmt.Errorf("Container is already loaded")
 	}
-	if err := validateId(container.Id); err != nil {
+	if err := validateID(container.ID); err != nil {
 		return err
 	}

@@ -123,7 +124,7 @@ func (runtime *Runtime) Register(container *Container) error {
 	}
 	// done
 	runtime.containers.PushBack(container)
-	runtime.idIndex.Add(container.Id)
+	runtime.idIndex.Add(container.ID)

 	// When we actually restart, Start() do the monitoring.
 	// However, when we simply 'reattach', we have to restart a monitor
@@ -133,25 +134,25 @@ func (runtime *Runtime) Register(container *Container) error {
 	//        if so, then we need to restart monitor and init a new lock
 	// If the container is supposed to be running, make sure of it
 	if container.State.Running {
-		if output, err := exec.Command("lxc-info", "-n", container.Id).CombinedOutput(); err != nil {
+		output, err := exec.Command("lxc-info", "-n", container.ID).CombinedOutput()
+		if err != nil {
 			return err
-		} else {
-			if !strings.Contains(string(output), "RUNNING") {
-				utils.Debugf("Container %s was supposed to be running be is not.", container.Id)
-				if runtime.autoRestart {
-					utils.Debugf("Restarting")
-					container.State.Ghost = false
-					container.State.setStopped(0)
-					if err := container.Start(); err != nil {
-						return err
-					}
-					nomonitor = true
-				} else {
-					utils.Debugf("Marking as stopped")
-					container.State.setStopped(-127)
-					if err := container.ToDisk(); err != nil {
-						return err
-					}
+		}
+		if !strings.Contains(string(output), "RUNNING") {
+			utils.Debugf("Container %s was supposed to be running be is not.", container.ID)
+			if runtime.autoRestart {
+				utils.Debugf("Restarting")
+				container.State.Ghost = false
+				container.State.setStopped(0)
+				if err := container.Start(); err != nil {
+					return err
+				}
+				nomonitor = true
+			} else {
+				utils.Debugf("Marking as stopped")
+				container.State.setStopped(-127)
+				if err := container.ToDisk(); err != nil {
+					return err
 				}
 			}
 		}
@@ -182,9 +183,9 @@ func (runtime *Runtime) Destroy(container *Container) error {
 		return fmt.Errorf("The given container is <nil>")
 	}

-	element := runtime.getContainerElement(container.Id)
+	element := runtime.getContainerElement(container.ID)
 	if element == nil {
-		return fmt.Errorf("Container %v not found - maybe it was already destroyed?", container.Id)
+		return fmt.Errorf("Container %v not found - maybe it was already destroyed?", container.ID)
 	}

 	if err := container.Stop(3); err != nil {
@@ -194,14 +195,14 @@ func (runtime *Runtime) Destroy(container *Container) error {
 		return err
 	} else if mounted {
 		if err := container.Unmount(); err != nil {
-			return fmt.Errorf("Unable to unmount container %v: %v", container.Id, err)
+			return fmt.Errorf("Unable to unmount container %v: %v", container.ID, err)
 		}
 	}
 	// Deregister the container before removing its directory, to avoid race conditions
-	runtime.idIndex.Delete(container.Id)
+	runtime.idIndex.Delete(container.ID)
 	runtime.containers.Remove(element)
 	if err := os.RemoveAll(container.root); err != nil {
-		return fmt.Errorf("Unable to remove filesystem for %v: %v", container.Id, err)
+		return fmt.Errorf("Unable to remove filesystem for %v: %v", container.ID, err)
 	}
 	return nil
 }
@@ -218,7 +219,7 @@ func (runtime *Runtime) restore() error {
 			utils.Debugf("Failed to load container %v: %v", id, err)
 			continue
 		}
-		utils.Debugf("Loaded container %v", container.Id)
+		utils.Debugf("Loaded container %v", container.ID)
 	}
 	return nil
 }
@@ -245,11 +246,12 @@ func (runtime *Runtime) UpdateCapabilities(quiet bool) {
 }

 // FIXME: harmonize with NewGraph()
-func NewRuntime(autoRestart bool) (*Runtime, error) {
+func NewRuntime(autoRestart bool, dns []string) (*Runtime, error) {
 	runtime, err := NewRuntimeFromDirectory("/var/lib/docker", autoRestart)
 	if err != nil {
 		return nil, err
 	}
+	runtime.Dns = dns

 	if k, err := utils.GetKernelVersion(); err != nil {
 		log.Printf("WARNING: %s\n", err)
--- a/runtime_test.go
+++ b/runtime_test.go
@@ -17,7 +17,7 @@ import (
 )

 const unitTestImageName string = "docker-ut"
-
+const unitTestImageId string = "e9aa60c60128cad1"
 const unitTestStoreBase string = "/var/lib/docker/unit-tests"

 func nuke(runtime *Runtime) error {
@@ -65,10 +65,14 @@ func init() {

 	// Create the "Server"
 	srv := &Server{
-		runtime: runtime,
+		runtime:     runtime,
+		enableCors:  false,
+		lock:        &sync.Mutex{},
+		pullingPool: make(map[string]struct{}),
+		pushingPool: make(map[string]struct{}),
 	}
 	// Retrieve the Image
-	if err := srv.ImagePull(unitTestImageName, "", "", os.Stdout, utils.NewStreamFormatter(false)); err != nil {
+	if err := srv.ImagePull(unitTestImageName, "", "", os.Stdout, utils.NewStreamFormatter(false), nil); err != nil {
 		panic(err)
 	}
 }
@@ -120,7 +124,7 @@ func TestRuntimeCreate(t *testing.T) {
 	builder := NewBuilder(runtime)

 	container, err := builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"ls", "-al"},
 	},
 	)
@@ -140,29 +144,29 @@ func TestRuntimeCreate(t *testing.T) {
 	}

 	// Make sure the container List() returns is the right one
-	if runtime.List()[0].Id != container.Id {
+	if runtime.List()[0].ID != container.ID {
 		t.Errorf("Unexpected container %v returned by List", runtime.List()[0])
 	}

 	// Make sure we can get the container with Get()
-	if runtime.Get(container.Id) == nil {
+	if runtime.Get(container.ID) == nil {
 		t.Errorf("Unable to get newly created container")
 	}

 	// Make sure it is the right container
-	if runtime.Get(container.Id) != container {
+	if runtime.Get(container.ID) != container {
 		t.Errorf("Get() returned the wrong container")
 	}

 	// Make sure Exists returns it as existing
-	if !runtime.Exists(container.Id) {
+	if !runtime.Exists(container.ID) {
 		t.Errorf("Exists() returned false for a newly created container")
 	}

 	// Make sure crete with bad parameters returns an error
 	_, err = builder.Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 		},
 	)
 	if err == nil {
@@ -171,7 +175,7 @@ func TestRuntimeCreate(t *testing.T) {

 	_, err = builder.Create(
 		&Config{
-			Image: GetTestImage(runtime).Id,
+			Image: GetTestImage(runtime).ID,
 			Cmd:   []string{},
 		},
 	)
@@ -187,7 +191,7 @@ func TestDestroy(t *testing.T) {
 	}
 	defer nuke(runtime)
 	container, err := NewBuilder(runtime).Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"ls", "-al"},
 	},
 	)
@@ -210,7 +214,7 @@ func TestDestroy(t *testing.T) {
 	}

 	// Make sure runtime.Get() refuses to return the unexisting container
-	if runtime.Get(container.Id) != nil {
+	if runtime.Get(container.ID) != nil {
 		t.Errorf("Unable to get newly created container")
 	}

@@ -237,7 +241,7 @@ func TestGet(t *testing.T) {
 	builder := NewBuilder(runtime)

 	container1, err := builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"ls", "-al"},
 	},
 	)
@@ -247,7 +251,7 @@ func TestGet(t *testing.T) {
 	defer runtime.Destroy(container1)

 	container2, err := builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"ls", "-al"},
 	},
 	)
@@ -257,7 +261,7 @@ func TestGet(t *testing.T) {
 	defer runtime.Destroy(container2)

 	container3, err := builder.Create(&Config{
-		Image: GetTestImage(runtime).Id,
+		Image: GetTestImage(runtime).ID,
 		Cmd:   []string{"ls", "-al"},
 	},
 	)
@@ -266,16 +270,16 @@ func TestGet(t *testing.T) {
 	}
 	defer runtime.Destroy(container3)

-	if runtime.Get(container1.Id) != container1 {
-		t.Errorf("Get(test1) returned %v while expecting %v", runtime.Get(container1.Id), container1)
+	if runtime.Get(container1.ID) != container1 {
+		t.Errorf("Get(test1) returned %v while expecting %v", runtime.Get(container1.ID), container1)
 	}

-	if runtime.Get(container2.Id) != container2 {
-		t.Errorf("Get(test2) returned %v while expecting %v", runtime.Get(container2.Id), container2)
+	if runtime.Get(container2.ID) != container2 {
+		t.Errorf("Get(test2) returned %v while expecting %v", runtime.Get(container2.ID), container2)
 	}

-	if runtime.Get(container3.Id) != container3 {
-		t.Errorf("Get(test3) returned %v while expecting %v", runtime.Get(container3.Id), container3)
+	if runtime.Get(container3.ID) != container3 {
+		t.Errorf("Get(test3) returned %v while expecting %v", runtime.Get(container3.ID), container3)
 	}

 }
@@ -283,7 +287,7 @@ func TestGet(t *testing.T) {
 func findAvailalblePort(runtime *Runtime, port int) (*Container, error) {
 	strPort := strconv.Itoa(port)
 	container, err := NewBuilder(runtime).Create(&Config{
-		Image:     GetTestImage(runtime).Id,
+		Image:     GetTestImage(runtime).ID,
 		Cmd:       []string{"sh", "-c", "echo well hello there | nc -l -p " + strPort},
 		PortSpecs: []string{strPort},
 	},
@@ -379,7 +383,7 @@ func TestRestore(t *testing.T) {

 	// Create a container with one instance of docker
 	container1, err := builder.Create(&Config{
-		Image: GetTestImage(runtime1).Id,
+		Image: GetTestImage(runtime1).ID,
 		Cmd:   []string{"ls", "-al"},
 	},
 	)
@@ -390,7 +394,7 @@ func TestRestore(t *testing.T) {

 	// Create a second container meant to be killed
 	container2, err := builder.Create(&Config{
-		Image:     GetTestImage(runtime1).Id,
+		Image:     GetTestImage(runtime1).ID,
 		Cmd:       []string{"/bin/cat"},
 		OpenStdin: true,
 	},
@@ -406,7 +410,7 @@ func TestRestore(t *testing.T) {
 	}

 	if !container2.State.Running {
-		t.Fatalf("Container %v should appear as running but isn't", container2.Id)
+		t.Fatalf("Container %v should appear as running but isn't", container2.ID)
 	}

 	// Simulate a crash/manual quit of dockerd: process dies, states stays 'Running'
@@ -426,7 +430,7 @@ func TestRestore(t *testing.T) {
 	}

 	if !container2.State.Running {
-		t.Fatalf("Container %v should appear as running but isn't", container2.Id)
+		t.Fatalf("Container %v should appear as running but isn't", container2.ID)
 	}

 	// Here are are simulating a docker restart - that is, reloading all containers
@@ -442,14 +446,14 @@ func TestRestore(t *testing.T) {
 	runningCount := 0
 	for _, c := range runtime2.List() {
 		if c.State.Running {
-			t.Errorf("Running container found: %v (%v)", c.Id, c.Path)
+			t.Errorf("Running container found: %v (%v)", c.ID, c.Path)
 			runningCount++
 		}
 	}
 	if runningCount != 0 {
 		t.Fatalf("Expected 0 container alive, %d found", runningCount)
 	}
-	container3 := runtime2.Get(container1.Id)
+	container3 := runtime2.Get(container1.ID)
 	if container3 == nil {
 		t.Fatal("Unable to Get container")
 	}
--- a/server.go
+++ b/server.go
@@ -1,6 +1,7 @@
 package docker

 import (
+	"errors"
 	"fmt"
 	"github.com/dotcloud/docker/auth"
 	"github.com/dotcloud/docker/registry"
@@ -14,12 +15,13 @@ import (
 	"path"
 	"runtime"
 	"strings"
+	"sync"
 )

-func (srv *Server) DockerVersion() ApiVersion {
-	return ApiVersion{
+func (srv *Server) DockerVersion() APIVersion {
+	return APIVersion{
 		Version:   VERSION,
-		GitCommit: GIT_COMMIT,
+		GitCommit: GITCOMMIT,
 		GoVersion: runtime.Version(),
 	}
 }
@@ -52,20 +54,20 @@ func (srv *Server) ContainerExport(name string, out io.Writer) error {
 	return fmt.Errorf("No such container: %s", name)
 }

-func (srv *Server) ImagesSearch(term string) ([]ApiSearch, error) {
-
-	results, err := registry.NewRegistry(srv.runtime.root).SearchRepositories(term)
+func (srv *Server) ImagesSearch(term string) ([]APISearch, error) {
+	r, err := registry.NewRegistry(srv.runtime.root, nil)
+	if err != nil {
+		return nil, err
+	}
+	results, err := r.SearchRepositories(term)
 	if err != nil {
 		return nil, err
 	}

-	var outs []ApiSearch
+	var outs []APISearch
 	for _, repo := range results.Results {
-		var out ApiSearch
+		var out APISearch
 		out.Description = repo["description"]
-		if len(out.Description) > 45 {
-			out.Description = utils.Trunc(out.Description, 42) + "..."
-		}
 		out.Name = repo["name"]
 		outs = append(outs, out)
 	}
@@ -85,7 +87,7 @@ func (srv *Server) ImageInsert(name, url, path string, out io.Writer, sf *utils.
 	}
 	defer file.Body.Close()

-	config, _, err := ParseRun([]string{img.Id, "echo", "insert", url, path}, srv.runtime.capabilities)
+	config, _, err := ParseRun([]string{img.ID, "echo", "insert", url, path}, srv.runtime.capabilities)
 	if err != nil {
 		return "", err
 	}
@@ -104,8 +106,8 @@ func (srv *Server) ImageInsert(name, url, path string, out io.Writer, sf *utils.
 	if err != nil {
 		return "", err
 	}
-	out.Write(sf.FormatStatus(img.Id))
-	return img.ShortId(), nil
+	out.Write(sf.FormatStatus(img.ID))
+	return img.ShortID(), nil
 }

 func (srv *Server) ImagesViz(out io.Writer) error {
@@ -125,9 +127,9 @@ func (srv *Server) ImagesViz(out io.Writer) error {
 			return fmt.Errorf("Error while getting parent image: %v", err)
 		}
 		if parentImage != nil {
-			out.Write([]byte(" \"" + parentImage.ShortId() + "\" -> \"" + image.ShortId() + "\"\n"))
+			out.Write([]byte(" \"" + parentImage.ShortID() + "\" -> \"" + image.ShortID() + "\"\n"))
 		} else {
-			out.Write([]byte(" base -> \"" + image.ShortId() + "\" [style=invis]\n"))
+			out.Write([]byte(" base -> \"" + image.ShortID() + "\" [style=invis]\n"))
 		}
 	}

@@ -135,7 +137,7 @@ func (srv *Server) ImagesViz(out io.Writer) error {

 	for name, repository := range srv.runtime.repositories.Repositories {
 		for tag, id := range repository {
-			reporefs[utils.TruncateId(id)] = append(reporefs[utils.TruncateId(id)], fmt.Sprintf("%s:%s", name, tag))
+			reporefs[utils.TruncateID(id)] = append(reporefs[utils.TruncateID(id)], fmt.Sprintf("%s:%s", name, tag))
 		}
 	}

@@ -146,7 +148,7 @@ func (srv *Server) ImagesViz(out io.Writer) error {
 	return nil
 }

-func (srv *Server) Images(all bool, filter string) ([]ApiImages, error) {
+func (srv *Server) Images(all bool, filter string) ([]APIImages, error) {
 	var (
 		allImages map[string]*Image
 		err       error
@@ -159,13 +161,13 @@ func (srv *Server) Images(all bool, filter string) ([]ApiImages, error) {
 	if err != nil {
 		return nil, err
 	}
-	outs := []ApiImages{} //produce [] when empty instead of 'null'
+	outs := []APIImages{} //produce [] when empty instead of 'null'
 	for name, repository := range srv.runtime.repositories.Repositories {
 		if filter != "" && name != filter {
 			continue
 		}
 		for tag, id := range repository {
-			var out ApiImages
+			var out APIImages
 			image, err := srv.runtime.graph.Get(id)
 			if err != nil {
 				log.Printf("Warning: couldn't load %s from %s/%s: %s", id, name, tag, err)
@@ -174,24 +176,28 @@ func (srv *Server) Images(all bool, filter string) ([]ApiImages, error) {
 			delete(allImages, id)
 			out.Repository = name
 			out.Tag = tag
-			out.Id = image.Id
+			out.ID = image.ID
 			out.Created = image.Created.Unix()
+			out.Size = image.Size
+			out.VirtualSize = image.getParentsSize(0) + image.Size
 			outs = append(outs, out)
 		}
 	}
 	// Display images which aren't part of a
 	if filter == "" {
 		for _, image := range allImages {
-			var out ApiImages
-			out.Id = image.Id
+			var out APIImages
+			out.ID = image.ID
 			out.Created = image.Created.Unix()
+			out.Size = image.Size
+			out.VirtualSize = image.getParentsSize(0) + image.Size
 			outs = append(outs, out)
 		}
 	}
 	return outs, nil
 }

-func (srv *Server) DockerInfo() *ApiInfo {
+func (srv *Server) DockerInfo() *APIInfo {
 	images, _ := srv.runtime.graph.All()
 	var imgcount int
 	if images == nil {
@@ -199,7 +205,7 @@ func (srv *Server) DockerInfo() *ApiInfo {
 	} else {
 		imgcount = len(images)
 	}
-	return &ApiInfo{
+	return &APIInfo{
 		Containers:  len(srv.runtime.List()),
 		Images:      imgcount,
 		MemoryLimit: srv.runtime.capabilities.MemoryLimit,
@@ -210,18 +216,30 @@ func (srv *Server) DockerInfo() *ApiInfo {
 	}
 }

-func (srv *Server) ImageHistory(name string) ([]ApiHistory, error) {
+func (srv *Server) ImageHistory(name string) ([]APIHistory, error) {
 	image, err := srv.runtime.repositories.LookupImage(name)
 	if err != nil {
 		return nil, err
 	}

-	var outs []ApiHistory = []ApiHistory{} //produce [] when empty instead of 'null'
+	lookupMap := make(map[string][]string)
+	for name, repository := range srv.runtime.repositories.Repositories {
+		for tag, id := range repository {
+			// If the ID already has a reverse lookup, do not update it unless for "latest"
+			if _, exists := lookupMap[id]; !exists {
+				lookupMap[id] = []string{}
+			}
+			lookupMap[id] = append(lookupMap[id], name+":"+tag)
+		}
+	}
+
+	outs := []APIHistory{} //produce [] when empty instead of 'null'
 	err = image.WalkHistory(func(img *Image) error {
-		var out ApiHistory
-		out.Id = srv.runtime.repositories.ImageName(img.ShortId())
+		var out APIHistory
+		out.ID = srv.runtime.repositories.ImageName(img.ShortID())
 		out.Created = img.Created.Unix()
 		out.CreatedBy = strings.Join(img.ContainerConfig.Cmd, " ")
+		out.Tags = lookupMap[img.ID]
 		outs = append(outs, out)
 		return nil
 	})
@@ -236,17 +254,17 @@ func (srv *Server) ContainerChanges(name string) ([]Change, error) {
 	return nil, fmt.Errorf("No such container: %s", name)
 }

-func (srv *Server) Containers(all bool, n int, since, before string) []ApiContainers {
+func (srv *Server) Containers(all bool, n int, since, before string) []APIContainers {
 	var foundBefore bool
 	var displayed int
-	retContainers := []ApiContainers{}
+	retContainers := []APIContainers{}

 	for _, container := range srv.runtime.List() {
 		if !container.State.Running && !all && n == -1 && since == "" && before == "" {
 			continue
 		}
 		if before != "" {
-			if container.ShortId() == before {
+			if container.ShortID() == before {
 				foundBefore = true
 				continue
 			}
@@ -257,19 +275,21 @@ func (srv *Server) Containers(all bool, n int, since, before string) []ApiContai
 		if displayed == n {
 			break
 		}
-		if container.ShortId() == since {
+		if container.ShortID() == since {
 			break
 		}
 		displayed++

-		c := ApiContainers{
-			Id: container.Id,
+		c := APIContainers{
+			ID: container.ID,
 		}
 		c.Image = srv.runtime.repositories.ImageName(container.Image)
 		c.Command = fmt.Sprintf("%s %s", container.Path, strings.Join(container.Args, " "))
 		c.Created = container.Created.Unix()
 		c.Status = container.State.String()
 		c.Ports = container.NetworkSettings.PortMappingHuman()
+		c.SizeRw, c.SizeRootFs = container.GetSize()
+
 		retContainers = append(retContainers, c)
 	}
 	return retContainers
@@ -284,7 +304,7 @@ func (srv *Server) ContainerCommit(name, repo, tag, author, comment string, conf
 	if err != nil {
 		return "", err
 	}
-	return img.ShortId(), err
+	return img.ShortID(), err
 }

 func (srv *Server) ContainerTag(name, repo, tag string, force bool) error {
@@ -305,23 +325,24 @@ func (srv *Server) pullImage(r *registry.Registry, out io.Writer, imgId, endpoin
 	for _, id := range history {
 		if !srv.runtime.graph.Exists(id) {
 			out.Write(sf.FormatStatus("Pulling %s metadata", id))
-			imgJson, err := r.GetRemoteImageJson(id, endpoint, token)
+			imgJSON, imgSize, err := r.GetRemoteImageJSON(id, endpoint, token)
 			if err != nil {
 				// FIXME: Keep goging in case of error?
 				return err
 			}
-			img, err := NewImgJson(imgJson)
+			img, err := NewImgJSON(imgJSON)
 			if err != nil {
 				return fmt.Errorf("Failed to parse json: %s", err)
 			}

 			// Get the layer
 			out.Write(sf.FormatStatus("Pulling %s fs layer", id))
-			layer, contentLength, err := r.GetRemoteImageLayer(img.Id, endpoint, token)
+			layer, err := r.GetRemoteImageLayer(img.ID, endpoint, token)
 			if err != nil {
 				return err
 			}
-			if err := srv.runtime.graph.Register(utils.ProgressReader(layer, contentLength, out, sf.FormatProgress("Downloading", "%v/%v (%v)"), sf), false, img); err != nil {
+			defer layer.Close()
+			if err := srv.runtime.graph.Register(utils.ProgressReader(layer, imgSize, out, sf.FormatProgress("Downloading", "%v/%v (%v)"), sf), false, img); err != nil {
 				return err
 			}
 		}
@@ -329,8 +350,8 @@ func (srv *Server) pullImage(r *registry.Registry, out io.Writer, imgId, endpoin
 	return nil
 }

-func (srv *Server) pullRepository(r *registry.Registry, out io.Writer, remote, askedTag string, sf *utils.StreamFormatter) error {
-	out.Write(sf.FormatStatus("Pulling repository %s from %s", remote, auth.IndexServerAddress()))
+func (srv *Server) pullRepository(r *registry.Registry, out io.Writer, local, remote, askedTag string, sf *utils.StreamFormatter) error {
+	out.Write(sf.FormatStatus("Pulling repository %s from %s", local, auth.IndexServerAddress()))
 	repoData, err := r.GetRepositoryData(remote)
 	if err != nil {
 		return err
@@ -355,22 +376,22 @@ func (srv *Server) pullRepository(r *registry.Registry, out io.Writer, remote, a
 		}
 	} else {
 		// Otherwise, check that the tag exists and use only that one
-		if id, exists := tagsList[askedTag]; !exists {
-			return fmt.Errorf("Tag %s not found in repositoy %s", askedTag, remote)
-		} else {
-			repoData.ImgList[id].Tag = askedTag
+		id, exists := tagsList[askedTag]
+		if !exists {
+			return fmt.Errorf("Tag %s not found in repositoy %s", askedTag, local)
 		}
+		repoData.ImgList[id].Tag = askedTag
 	}

 	for _, img := range repoData.ImgList {
 		if askedTag != "" && img.Tag != askedTag {
-			utils.Debugf("(%s) does not match %s (id: %s), skipping", img.Tag, askedTag, img.Id)
+			utils.Debugf("(%s) does not match %s (id: %s), skipping", img.Tag, askedTag, img.ID)
 			continue
 		}
-		out.Write(sf.FormatStatus("Pulling image %s (%s) from %s", img.Id, img.Tag, remote))
+		out.Write(sf.FormatStatus("Pulling image %s (%s) from %s", img.ID, img.Tag, remote))
 		success := false
 		for _, ep := range repoData.Endpoints {
-			if err := srv.pullImage(r, out, img.Id, "https://"+ep+"/v1", repoData.Tokens, sf); err != nil {
+			if err := srv.pullImage(r, out, img.ID, "https://"+ep+"/v1", repoData.Tokens, sf); err != nil {
 				out.Write(sf.FormatStatus("Error while retrieving image for tag: %s (%s); checking next endpoint", askedTag, err))
 				continue
 			}
@@ -385,7 +406,7 @@ func (srv *Server) pullRepository(r *registry.Registry, out io.Writer, remote, a
 		if askedTag != "" && tag != askedTag {
 			continue
 		}
-		if err := srv.runtime.repositories.Set(remote, tag, id, true); err != nil {
+		if err := srv.runtime.repositories.Set(local, tag, id, true); err != nil {
 			return err
 		}
 	}
@@ -396,8 +417,51 @@ func (srv *Server) pullRepository(r *registry.Registry, out io.Writer, remote, a
 	return nil
 }

-func (srv *Server) ImagePull(name, tag, endpoint string, out io.Writer, sf *utils.StreamFormatter) error {
-	r := registry.NewRegistry(srv.runtime.root)
+func (srv *Server) poolAdd(kind, key string) error {
+	srv.lock.Lock()
+	defer srv.lock.Unlock()
+
+	if _, exists := srv.pullingPool[key]; exists {
+		return fmt.Errorf("%s %s is already in progress", key, kind)
+	}
+
+	switch kind {
+	case "pull":
+		srv.pullingPool[key] = struct{}{}
+		break
+	case "push":
+		srv.pushingPool[key] = struct{}{}
+		break
+	default:
+		return fmt.Errorf("Unkown pool type")
+	}
+	return nil
+}
+
+func (srv *Server) poolRemove(kind, key string) error {
+	switch kind {
+	case "pull":
+		delete(srv.pullingPool, key)
+		break
+	case "push":
+		delete(srv.pushingPool, key)
+		break
+	default:
+		return fmt.Errorf("Unkown pool type")
+	}
+	return nil
+}
+
+func (srv *Server) ImagePull(name, tag, endpoint string, out io.Writer, sf *utils.StreamFormatter, authConfig *auth.AuthConfig) error {
+	r, err := registry.NewRegistry(srv.runtime.root, authConfig)
+	if err != nil {
+		return err
+	}
+	if err := srv.poolAdd("pull", name+":"+tag); err != nil {
+		return err
+	}
+	defer srv.poolRemove("pull", name+":"+tag)
+
 	out = utils.NewWriteFlusher(out)
 	if endpoint != "" {
 		if err := srv.pullImage(r, out, name, endpoint, nil, sf); err != nil {
@@ -405,11 +469,14 @@ func (srv *Server) ImagePull(name, tag, endpoint string, out io.Writer, sf *util
 		}
 		return nil
 	}
-
-	if err := srv.pullRepository(r, out, name, tag, sf); err != nil {
+	remote := name
+	parts := strings.Split(name, "/")
+	if len(parts) > 2 {
+		remote = fmt.Sprintf("src/%s", url.QueryEscape(strings.Join(parts, "/")))
+	}
+	if err := srv.pullRepository(r, out, name, remote, tag, sf); err != nil {
 		return err
 	}
-
 	return nil
 }

@@ -460,16 +527,16 @@ func (srv *Server) getImageList(localRepo map[string]string) ([]*registry.ImgDat
 			return nil, err
 		}
 		img.WalkHistory(func(img *Image) error {
-			if _, exists := imageSet[img.Id]; exists {
+			if _, exists := imageSet[img.ID]; exists {
 				return nil
 			}
-			imageSet[img.Id] = struct{}{}
-			checksum, err := srv.getChecksum(img.Id)
+			imageSet[img.ID] = struct{}{}
+			checksum, err := srv.getChecksum(img.ID)
 			if err != nil {
 				return err
 			}
 			imgList = append([]*registry.ImgData{{
-				Id:       img.Id,
+				ID:       img.ID,
 				Checksum: checksum,
 				Tag:      tag,
 			}}, imgList...)
@@ -488,7 +555,13 @@ func (srv *Server) pushRepository(r *registry.Registry, out io.Writer, name stri
 	}
 	out.Write(sf.FormatStatus("Sending image list"))

-	repoData, err := r.PushImageJsonIndex(name, imgList, false)
+	srvName := name
+	parts := strings.Split(name, "/")
+	if len(parts) > 2 {
+		srvName = fmt.Sprintf("src/%s", url.QueryEscape(strings.Join(parts, "/")))
+	}
+
+	repoData, err := r.PushImageJSONIndex(srvName, imgList, false, nil)
 	if err != nil {
 		return err
 	}
@@ -497,22 +570,22 @@ func (srv *Server) pushRepository(r *registry.Registry, out io.Writer, name stri
 		out.Write(sf.FormatStatus("Pushing repository %s to %s (%d tags)", name, ep, len(localRepo)))
 		// For each image within the repo, push them
 		for _, elem := range imgList {
-			if _, exists := repoData.ImgList[elem.Id]; exists {
+			if _, exists := repoData.ImgList[elem.ID]; exists {
 				out.Write(sf.FormatStatus("Image %s already on registry, skipping", name))
 				continue
 			}
-			if err := srv.pushImage(r, out, name, elem.Id, ep, repoData.Tokens, sf); err != nil {
+			if err := srv.pushImage(r, out, name, elem.ID, ep, repoData.Tokens, sf); err != nil {
 				// FIXME: Continue on error?
 				return err
 			}
-			out.Write(sf.FormatStatus("Pushing tags for rev [%s] on {%s}", elem.Id, ep+"/users/"+name+"/"+elem.Tag))
-			if err := r.PushRegistryTag(name, elem.Id, elem.Tag, ep, repoData.Tokens); err != nil {
+			out.Write(sf.FormatStatus("Pushing tags for rev [%s] on {%s}", elem.ID, ep+"/repositories/"+srvName+"/tags/"+elem.Tag))
+			if err := r.PushRegistryTag(srvName, elem.ID, elem.Tag, ep, repoData.Tokens); err != nil {
 				return err
 			}
 		}
 	}

-	if _, err := r.PushImageJsonIndex(name, imgList, true); err != nil {
+	if _, err := r.PushImageJSONIndex(srvName, imgList, true, repoData.Endpoints); err != nil {
 		return err
 	}
 	return nil
@@ -532,14 +605,14 @@ func (srv *Server) pushImage(r *registry.Registry, out io.Writer, remote, imgId,
 		return err
 	}
 	imgData := &registry.ImgData{
-		Id:       imgId,
+		ID:       imgId,
 		Checksum: checksum,
 	}

 	// Send the json
-	if err := r.PushImageJsonRegistry(imgData, jsonRaw, ep, token); err != nil {
+	if err := r.PushImageJSONRegistry(imgData, jsonRaw, ep, token); err != nil {
 		if err == registry.ErrAlreadyExists {
-			out.Write(sf.FormatStatus("Image %s already uploaded ; skipping", imgData.Id))
+			out.Write(sf.FormatStatus("Image %s already uploaded ; skipping", imgData.ID))
 			return nil
 		}
 		return err
@@ -572,17 +645,25 @@ func (srv *Server) pushImage(r *registry.Registry, out io.Writer, remote, imgId,
 	}

 	// Send the layer
-	if err := r.PushImageLayerRegistry(imgData.Id, utils.ProgressReader(layerData, int(layerData.Size), out, sf.FormatProgress("", "%v/%v (%v)"), sf), ep, token); err != nil {
+	if err := r.PushImageLayerRegistry(imgData.ID, utils.ProgressReader(layerData, int(layerData.Size), out, sf.FormatProgress("Pushing", "%v/%v (%v)"), sf), ep, token); err != nil {
 		return err
 	}
 	return nil
 }

-func (srv *Server) ImagePush(name, endpoint string, out io.Writer, sf *utils.StreamFormatter) error {
+// FIXME: Allow to interupt current push when new push of same image is done.
+func (srv *Server) ImagePush(name, endpoint string, out io.Writer, sf *utils.StreamFormatter, authConfig *auth.AuthConfig) error {
+	if err := srv.poolAdd("push", name); err != nil {
+		return err
+	}
+	defer srv.poolRemove("push", name)
+
 	out = utils.NewWriteFlusher(out)
 	img, err := srv.runtime.graph.Get(name)
-	r := registry.NewRegistry(srv.runtime.root)
-
+	r, err2 := registry.NewRegistry(srv.runtime.root, authConfig)
+	if err2 != nil {
+		return err2
+	}
 	if err != nil {
 		out.Write(sf.FormatStatus("The push refers to a repository [%s] (len: %d)", name, len(srv.runtime.repositories.Repositories[name])))
 		// If it fails, try to get the repository
@@ -596,7 +677,7 @@ func (srv *Server) ImagePush(name, endpoint string, out io.Writer, sf *utils.Str
 		return err
 	}
 	out.Write(sf.FormatStatus("The push refers to an image: [%s]", name))
-	if err := srv.pushImage(r, out, name, img.Id, endpoint, nil, sf); err != nil {
+	if err := srv.pushImage(r, out, name, img.ID, endpoint, nil, sf); err != nil {
 		return err
 	}
 	return nil
@@ -633,16 +714,20 @@ func (srv *Server) ImageImport(src, repo, tag string, in io.Reader, out io.Write
 	}
 	// Optionally register the image at REPO/TAG
 	if repo != "" {
-		if err := srv.runtime.repositories.Set(repo, tag, img.Id, true); err != nil {
+		if err := srv.runtime.repositories.Set(repo, tag, img.ID, true); err != nil {
 			return err
 		}
 	}
-	out.Write(sf.FormatStatus(img.ShortId()))
+	out.Write(sf.FormatStatus(img.ShortID()))
 	return nil
 }

 func (srv *Server) ContainerCreate(config *Config) (string, error) {

+	if config.Memory != 0 && config.Memory < 524288 {
+		return "", fmt.Errorf("Memory limit must be given in bytes (minimum 524288 bytes)")
+	}
+
 	if config.Memory > 0 && !srv.runtime.capabilities.MemoryLimit {
 		config.Memory = 0
 	}
@@ -658,7 +743,7 @@ func (srv *Server) ContainerCreate(config *Config) (string, error) {
 		}
 		return "", err
 	}
-	return container.ShortId(), nil
+	return container.ShortID(), nil
 }

 func (srv *Server) ContainerRestart(name string, t int) error {
@@ -674,6 +759,9 @@ func (srv *Server) ContainerRestart(name string, t int) error {

 func (srv *Server) ContainerDestroy(name string, removeVolume bool) error {
 	if container := srv.runtime.Get(name); container != nil {
+		if container.State.Running {
+			return fmt.Errorf("Impossible to remove a running container, please stop it first")
+		}
 		volumes := make(map[string]struct{})
 		// Store all the deleted containers volumes
 		for _, volumeId := range container.Volumes {
@@ -695,7 +783,7 @@ func (srv *Server) ContainerDestroy(name string, removeVolume bool) error {
 			for volumeId := range volumes {
 				// If the requested volu
 				if c, exists := usedVolumes[volumeId]; exists {
-					log.Printf("The volume %s is used by the container %s. Impossible to remove it. Skipping.\n", volumeId, c.Id)
+					log.Printf("The volume %s is used by the container %s. Impossible to remove it. Skipping.\n", volumeId, c.ID)
 					continue
 				}
 				if err := srv.runtime.volumes.Delete(volumeId); err != nil {
@@ -709,18 +797,112 @@ func (srv *Server) ContainerDestroy(name string, removeVolume bool) error {
 	return nil
 }

-func (srv *Server) ImageDelete(name string) error {
-	img, err := srv.runtime.repositories.LookupImage(name)
+var ErrImageReferenced = errors.New("Image referenced by a repository")
+
+func (srv *Server) deleteImageAndChildren(id string, imgs *[]APIRmi) error {
+	// If the image is referenced by a repo, do not delete
+	if len(srv.runtime.repositories.ByID()[id]) != 0 {
+		return ErrImageReferenced
+	}
+
+	// If the image is not referenced but has children, go recursive
+	referenced := false
+	byParents, err := srv.runtime.graph.ByParent()
 	if err != nil {
-		return fmt.Errorf("No such image: %s", name)
-	} else {
-		if err := srv.runtime.graph.Delete(img.Id); err != nil {
-			return fmt.Errorf("Error deleting image %s: %s", name, err.Error())
+		return err
+	}
+	for _, img := range byParents[id] {
+		if err := srv.deleteImageAndChildren(img.ID, imgs); err != nil {
+			if err != ErrImageReferenced {
+				return err
+			}
+			referenced = true
 		}
 	}
+	if referenced {
+		return ErrImageReferenced
+	}
+
+	// If the image is not referenced and has no children, remove it
+	byParents, err = srv.runtime.graph.ByParent()
+	if err != nil {
+		return err
+	}
+	if len(byParents[id]) == 0 {
+		if err := srv.runtime.repositories.DeleteAll(id); err != nil {
+			return err
+		}
+		err := srv.runtime.graph.Delete(id)
+		if err != nil {
+			return err
+		}
+		*imgs = append(*imgs, APIRmi{Deleted: utils.TruncateID(id)})
+		return nil
+	}
 	return nil
 }

+func (srv *Server) deleteImageParents(img *Image, imgs *[]APIRmi) error {
+	if img.Parent != "" {
+		parent, err := srv.runtime.graph.Get(img.Parent)
+		if err != nil {
+			return err
+		}
+		// Remove all children images
+		if err := srv.deleteImageAndChildren(img.Parent, imgs); err != nil {
+			return err
+		}
+		return srv.deleteImageParents(parent, imgs)
+	}
+	return nil
+}
+
+func (srv *Server) deleteImage(img *Image, repoName, tag string) (*[]APIRmi, error) {
+	//Untag the current image
+	var imgs []APIRmi
+	tagDeleted, err := srv.runtime.repositories.Delete(repoName, tag)
+	if err != nil {
+		return nil, err
+	}
+	if tagDeleted {
+		imgs = append(imgs, APIRmi{Untagged: img.ShortID()})
+	}
+	if len(srv.runtime.repositories.ByID()[img.ID]) == 0 {
+		if err := srv.deleteImageAndChildren(img.ID, &imgs); err != nil {
+			if err != ErrImageReferenced {
+				return &imgs, err
+			}
+		} else if err := srv.deleteImageParents(img, &imgs); err != nil {
+			if err != ErrImageReferenced {
+				return &imgs, err
+			}
+		}
+	}
+	return &imgs, nil
+}
+
+func (srv *Server) ImageDelete(name string, autoPrune bool) (*[]APIRmi, error) {
+	img, err := srv.runtime.repositories.LookupImage(name)
+	if err != nil {
+		return nil, fmt.Errorf("No such image: %s", name)
+	}
+	if !autoPrune {
+		if err := srv.runtime.graph.Delete(img.ID); err != nil {
+			return nil, fmt.Errorf("Error deleting image %s: %s", name, err.Error())
+		}
+		return nil, nil
+	}
+
+	var tag string
+	if strings.Contains(name, ":") {
+		nameParts := strings.Split(name, ":")
+		name = nameParts[0]
+		tag = nameParts[1]
+	}
+
+	return srv.deleteImage(img, name, tag)
+}
+
 func (srv *Server) ImageGetCached(imgId string, config *Config) (*Image, error) {

 	// Retrieve all images
@@ -735,7 +917,7 @@ func (srv *Server) ImageGetCached(imgId string, config *Config) (*Image, error)
 		if _, exists := imageMap[img.Parent]; !exists {
 			imageMap[img.Parent] = make(map[string]struct{})
 		}
-		imageMap[img.Parent][img.Id] = struct{}{}
+		imageMap[img.Parent][img.ID] = struct{}{}
 	}

 	// Loop on the children of the given image and check the config
@@ -817,9 +999,6 @@ func (srv *Server) ContainerAttach(name string, logs, stream, stdin, stdout, std
 		if container.State.Ghost {
 			return fmt.Errorf("Impossible to attach to a ghost container")
 		}
-		if !container.State.Running {
-			return fmt.Errorf("Impossible to attach to a stopped container, start it first")
-		}

 		var (
 			cStdin           io.ReadCloser
@@ -869,21 +1048,29 @@ func (srv *Server) ImageInspect(name string) (*Image, error) {
 	return nil, fmt.Errorf("No such image: %s", name)
 }

-func NewServer(autoRestart bool) (*Server, error) {
+func NewServer(autoRestart, enableCors bool, dns ListOpts) (*Server, error) {
 	if runtime.GOARCH != "amd64" {
 		log.Fatalf("The docker runtime currently only supports amd64 (not %s). This will change in the future. Aborting.", runtime.GOARCH)
 	}
-	runtime, err := NewRuntime(autoRestart)
+	runtime, err := NewRuntime(autoRestart, dns)
 	if err != nil {
 		return nil, err
 	}
 	srv := &Server{
-		runtime: runtime,
+		runtime:     runtime,
+		enableCors:  enableCors,
+		lock:        &sync.Mutex{},
+		pullingPool: make(map[string]struct{}),
+		pushingPool: make(map[string]struct{}),
 	}
 	runtime.srv = srv
 	return srv, nil
 }

 type Server struct {
-	runtime *Runtime
+	runtime     *Runtime
+	enableCors  bool
+	lock        *sync.Mutex
+	pullingPool map[string]struct{}
+	pushingPool map[string]struct{}
 }
--- a/server_test.go
+++ b/server_test.go
@@ -4,6 +4,58 @@ import (
 	"testing"
 )

+func TestContainerTagImageDelete(t *testing.T) {
+	runtime, err := newTestRuntime()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer nuke(runtime)
+
+	srv := &Server{runtime: runtime}
+
+	if err := srv.runtime.repositories.Set("utest", "tag1", unitTestImageName, false); err != nil {
+		t.Fatal(err)
+	}
+	if err := srv.runtime.repositories.Set("utest/docker", "tag2", unitTestImageName, false); err != nil {
+		t.Fatal(err)
+	}
+
+	images, err := srv.Images(false, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(images) != 3 {
+		t.Errorf("Excepted 3 images, %d found", len(images))
+	}
+
+	if _, err := srv.ImageDelete("utest/docker:tag2", true); err != nil {
+		t.Fatal(err)
+	}
+
+	images, err = srv.Images(false, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(images) != 2 {
+		t.Errorf("Excepted 2 images, %d found", len(images))
+	}
+
+	if _, err := srv.ImageDelete("utest:tag1", true); err != nil {
+		t.Fatal(err)
+	}
+
+	images, err = srv.Images(false, "")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if len(images) != 1 {
+		t.Errorf("Excepted 1 image, %d found", len(images))
+	}
+}
+
 func TestCreateRm(t *testing.T) {
 	runtime, err := newTestRuntime()
 	if err != nil {
@@ -13,7 +65,7 @@ func TestCreateRm(t *testing.T) {

 	srv := &Server{runtime: runtime}

-	config, _, err := ParseRun([]string{GetTestImage(runtime).Id, "echo test"}, nil)
+	config, _, err := ParseRun([]string{GetTestImage(runtime).ID, "echo test"}, nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -46,7 +98,7 @@ func TestCreateStartRestartStopStartKillRm(t *testing.T) {

 	srv := &Server{runtime: runtime}

-	config, _, err := ParseRun([]string{GetTestImage(runtime).Id, "/bin/cat"}, nil)
+	config, _, err := ParseRun([]string{GetTestImage(runtime).ID, "/bin/cat"}, nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -95,3 +147,25 @@ func TestCreateStartRestartStopStartKillRm(t *testing.T) {
 	}

 }
+
+func TestRunWithTooLowMemoryLimit(t *testing.T) {
+	runtime, err := newTestRuntime()
+	srv := &Server{runtime: runtime}
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer nuke(runtime)
+	// Try to create a container with a memory limit of 1 byte less than the minimum allowed limit.
+	_, err = srv.ContainerCreate(
+		&Config{
+			Image:     GetTestImage(runtime).ID,
+			Memory:    524287,
+			CpuShares: 1000,
+			Cmd:       []string{"/bin/cat"},
+		},
+	)
+	if err == nil {
+		t.Errorf("Memory limit is smaller than the allowed limit. Container creation should've failed!")
+	}
+
+}
--- a/tags.go
+++ b/tags.go
@@ -11,7 +11,7 @@ import (
 	"strings"
 )

-const DEFAULT_TAG = "latest"
+const DEFAULTTAG = "latest"

 type TagStore struct {
 	path         string
@@ -72,7 +72,7 @@ func (store *TagStore) LookupImage(name string) (*Image, error) {
 		// (so we can pass all errors here)
 		repoAndTag := strings.SplitN(name, ":", 2)
 		if len(repoAndTag) == 1 {
-			repoAndTag = append(repoAndTag, DEFAULT_TAG)
+			repoAndTag = append(repoAndTag, DEFAULTTAG)
 		}
 		if i, err := store.GetImage(repoAndTag[0], repoAndTag[1]); err != nil {
 			return nil, err
@@ -87,27 +87,73 @@ func (store *TagStore) LookupImage(name string) (*Image, error) {

 // Return a reverse-lookup table of all the names which refer to each image
 // Eg. {"43b5f19b10584": {"base:latest", "base:v1"}}
-func (store *TagStore) ById() map[string][]string {
-	byId := make(map[string][]string)
+func (store *TagStore) ByID() map[string][]string {
+	byID := make(map[string][]string)
 	for repoName, repository := range store.Repositories {
 		for tag, id := range repository {
 			name := repoName + ":" + tag
-			if _, exists := byId[id]; !exists {
-				byId[id] = []string{name}
+			if _, exists := byID[id]; !exists {
+				byID[id] = []string{name}
 			} else {
-				byId[id] = append(byId[id], name)
-				sort.Strings(byId[id])
+				byID[id] = append(byID[id], name)
+				sort.Strings(byID[id])
 			}
 		}
 	}
-	return byId
+	return byID
 }

 func (store *TagStore) ImageName(id string) string {
-	if names, exists := store.ById()[id]; exists && len(names) > 0 {
+	if names, exists := store.ByID()[id]; exists && len(names) > 0 {
 		return names[0]
 	}
-	return utils.TruncateId(id)
+	return utils.TruncateID(id)
+}
+
+func (store *TagStore) DeleteAll(id string) error {
+	names, exists := store.ByID()[id]
+	if !exists || len(names) == 0 {
+		return nil
+	}
+	for _, name := range names {
+		if strings.Contains(name, ":") {
+			nameParts := strings.Split(name, ":")
+			if _, err := store.Delete(nameParts[0], nameParts[1]); err != nil {
+				return err
+			}
+		} else {
+			if _, err := store.Delete(name, ""); err != nil {
+				return err
+			}
+		}
+	}
+	return nil
+}
+
+func (store *TagStore) Delete(repoName, tag string) (bool, error) {
+	deleted := false
+	if err := store.Reload(); err != nil {
+		return false, err
+	}
+	if r, exists := store.Repositories[repoName]; exists {
+		if tag != "" {
+			if _, exists2 := r[tag]; exists2 {
+				delete(r, tag)
+				if len(r) == 0 {
+					delete(store.Repositories, repoName)
+				}
+				deleted = true
+			} else {
+				return false, fmt.Errorf("No such tag: %s:%s", repoName, tag)
+			}
+		} else {
+			delete(store.Repositories, repoName)
+			deleted = true
+		}
+	} else {
+		fmt.Errorf("No such repository: %s", repoName)
+	}
+	return deleted, store.Save()
 }

 func (store *TagStore) Set(repoName, tag, imageName string, force bool) error {
@@ -116,7 +162,7 @@ func (store *TagStore) Set(repoName, tag, imageName string, force bool) error {
 		return err
 	}
 	if tag == "" {
-		tag = DEFAULT_TAG
+		tag = DEFAULTTAG
 	}
 	if err := validateRepoName(repoName); err != nil {
 		return err
@@ -133,11 +179,11 @@ func (store *TagStore) Set(repoName, tag, imageName string, force bool) error {
 	} else {
 		repo = make(map[string]string)
 		if old, exists := store.Repositories[repoName]; exists && !force {
-			return fmt.Errorf("Tag %s:%s is already set to %s", repoName, tag, old)
+			return fmt.Errorf("Conflict: Tag %s:%s is already set to %s", repoName, tag, old)
 		}
 		store.Repositories[repoName] = repo
 	}
-	repo[tag] = img.Id
+	repo[tag] = img.ID
 	return store.Save()
 }

@@ -151,14 +197,20 @@ func (store *TagStore) Get(repoName string) (Repository, error) {
 	return nil, nil
 }

-func (store *TagStore) GetImage(repoName, tag string) (*Image, error) {
+func (store *TagStore) GetImage(repoName, tagOrId string) (*Image, error) {
 	repo, err := store.Get(repoName)
 	if err != nil {
 		return nil, err
 	} else if repo == nil {
 		return nil, nil
 	}
-	if revision, exists := repo[tag]; exists {
+	//go through all the tags, to see if tag is in fact an ID
+	for _, revision := range repo {
+		if strings.HasPrefix(revision, tagOrId) {
+			return store.graph.Get(revision)
+		}
+	}
+	if revision, exists := repo[tagOrId]; exists {
 		return store.graph.Get(revision)
 	}
 	return nil, nil
--- a/tags_test.go
+++ b/tags_test.go
@@ -0,0 +1,49 @@
+package docker
+
+import (
+	"testing"
+)
+
+func TestLookupImage(t *testing.T) {
+	runtime, err := newTestRuntime()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer nuke(runtime)
+
+	if img, err := runtime.repositories.LookupImage(unitTestImageName); err != nil {
+		t.Fatal(err)
+	} else if img == nil {
+		t.Errorf("Expected 1 image, none found")
+	}
+
+	if img, err := runtime.repositories.LookupImage(unitTestImageName + ":" + DEFAULTTAG); err != nil {
+		t.Fatal(err)
+	} else if img == nil {
+		t.Errorf("Expected 1 image, none found")
+	}
+
+	if img, err := runtime.repositories.LookupImage(unitTestImageName + ":" + "fail"); err == nil {
+		t.Errorf("Expected error, none found")
+	} else if img != nil {
+		t.Errorf("Expected 0 image, 1 found")
+	}
+
+	if img, err := runtime.repositories.LookupImage("fail:fail"); err == nil {
+		t.Errorf("Expected error, none found")
+	} else if img != nil {
+		t.Errorf("Expected 0 image, 1 found")
+	}
+
+	if img, err := runtime.repositories.LookupImage(unitTestImageId); err != nil {
+		t.Fatal(err)
+	} else if img == nil {
+		t.Errorf("Expected 1 image, none found")
+	}
+
+	if img, err := runtime.repositories.LookupImage(unitTestImageName + ":" + unitTestImageId); err != nil {
+		t.Fatal(err)
+	} else if img == nil {
+		t.Errorf("Expected 1 image, none found")
+	}
+}
--- a/term/termios_darwin.go
+++ b/term/termios_darwin.go
@@ -9,16 +9,16 @@ const (
 	getTermios = syscall.TIOCGETA
 	setTermios = syscall.TIOCSETA

-	ECHO    = 0x00000008
-	ONLCR   = 0x2
-	ISTRIP  = 0x20
-	INLCR   = 0x40
-	ISIG    = 0x80
-	IGNCR   = 0x80
-	ICANON  = 0x100
-	ICRNL   = 0x100
-	IXOFF   = 0x400
-	IXON    = 0x200
+	ECHO   = 0x00000008
+	ONLCR  = 0x2
+	ISTRIP = 0x20
+	INLCR  = 0x40
+	ISIG   = 0x80
+	IGNCR  = 0x80
+	ICANON = 0x100
+	ICRNL  = 0x100
+	IXOFF  = 0x400
+	IXON   = 0x200
 )

 type Termios struct {
--- a/testing/Vagrantfile
+++ b/testing/Vagrantfile
@@ -30,7 +30,7 @@ Vagrant::Config.run do |config|
    # Install docker dependencies
    pkg_cmd << "apt-get install -q -y python-software-properties; " \
      "add-apt-repository -y ppa:gophers/go/ubuntu; apt-get update -qq; " \
-      "DEBIAN_FRONTEND=noninteractive apt-get install -q -y lxc bsdtar git golang-stable make; "
+      "DEBIAN_FRONTEND=noninteractive apt-get install -q -y lxc git golang-stable aufs-tools make; "
    # Activate new kernel
    pkg_cmd << "shutdown -r +1; "
    config.vm.provision :shell, :inline => pkg_cmd
--- a/utils/utils.go
+++ b/utils/utils.go
@@ -10,6 +10,7 @@ import (
 	"index/suffixarray"
 	"io"
 	"io/ioutil"
+	"log"
 	"net/http"
 	"os"
 	"os/exec"
@@ -34,7 +35,7 @@ func Go(f func() error) chan error {
 // Request a given URL and return an io.Reader
 func Download(url string, stderr io.Writer) (*http.Response, error) {
 	var resp *http.Response
-	var err error = nil
+	var err error
 	if resp, err = http.Get(url); err != nil {
 		return nil, err
 	}
@@ -70,7 +71,7 @@ type progressReader struct {
 	readProgress int           // How much has been read so far (bytes)
 	lastUpdate   int           // How many bytes read at least update
 	template     string        // Template to print. Default "%v/%v (%v)"
-	sf *StreamFormatter
+	sf           *StreamFormatter
 }

 func (r *progressReader) Read(p []byte) (n int, err error) {
@@ -86,7 +87,7 @@ func (r *progressReader) Read(p []byte) (n int, err error) {
 	}
 	if r.readProgress-r.lastUpdate > updateEvery || err != nil {
 		if r.readTotal > 0 {
-			fmt.Fprintf(r.output, r.template, r.readProgress, r.readTotal, fmt.Sprintf("%.0f%%", float64(r.readProgress)/float64(r.readTotal)*100))
+			fmt.Fprintf(r.output, r.template, HumanSize(int64(r.readProgress)), HumanSize(int64(r.readTotal)), fmt.Sprintf("%.0f%%", float64(r.readProgress)/float64(r.readTotal)*100))
 		} else {
 			fmt.Fprintf(r.output, r.template, r.readProgress, "?", "n/a")
 		}
@@ -103,7 +104,7 @@ func (r *progressReader) Close() error {
 	return io.ReadCloser(r.reader).Close()
 }
 func ProgressReader(r io.ReadCloser, size int, output io.Writer, template []byte, sf *StreamFormatter) *progressReader {
-      	tpl := string(template)
+	tpl := string(template)
 	if tpl == "" {
 		tpl = string(sf.FormatProgress("", "%v/%v (%v)"))
 	}
@@ -135,6 +136,20 @@ func HumanDuration(d time.Duration) string {
 	return fmt.Sprintf("%d years", d.Hours()/24/365)
 }

+// HumanSize returns a human-readable approximation of a size
+// using SI standard (eg. "44kB", "17MB")
+func HumanSize(size int64) string {
+	i := 0
+	var sizef float64
+	sizef = float64(size)
+	units := []string{"B", "kB", "MB", "GB", "TB", "PB", "EB", "ZB", "YB"}
+	for sizef >= 1000.0 {
+		sizef = sizef / 1000.0
+		i++
+	}
+	return fmt.Sprintf("%.4g %s", sizef, units[i])
+}
+
 func Trunc(s string, maxlen int) string {
 	if len(s) <= maxlen {
 		return s
@@ -349,11 +364,11 @@ func (idx *TruncIndex) Get(s string) (string, error) {
 	return string(idx.bytes[before:after]), err
 }

-// TruncateId returns a shorthand version of a string identifier for convenience.
+// TruncateID returns a shorthand version of a string identifier for convenience.
 // A collision with other shorthands is very unlikely, but possible.
 // In case of a collision a lookup with TruncIndex.Get() will fail, and the caller
 // will need to use a langer prefix, or the full-length Id.
-func TruncateId(id string) string {
+func TruncateID(id string) string {
 	shortLen := 12
 	if len(id) < shortLen {
 		shortLen = len(id)
@@ -534,6 +549,7 @@ func GetKernelVersion() (*KernelVersionInfo, error) {
 	}, nil
 }

+// FIXME: this is deprecated by CopyWithTar in archive.go
 func CopyDirectory(source, dest string) error {
 	if output, err := exec.Command("cp", "-ra", source, dest).CombinedOutput(); err != nil {
 		return fmt.Errorf("Error copy: %s (%s)", err, output)
@@ -566,7 +582,7 @@ func NewWriteFlusher(w io.Writer) *WriteFlusher {
 	return &WriteFlusher{w: w, flusher: flusher}
 }

-type JsonMessage struct {
+type JSONMessage struct {
 	Status   string `json:"status,omitempty"`
 	Progress string `json:"progress,omitempty"`
 	Error    string `json:"error,omitempty"`
@@ -585,7 +601,7 @@ func (sf *StreamFormatter) FormatStatus(format string, a ...interface{}) []byte
 	sf.used = true
 	str := fmt.Sprintf(format, a...)
 	if sf.json {
-		b, err := json.Marshal(&JsonMessage{Status:str});
+		b, err := json.Marshal(&JSONMessage{Status: str})
 		if err != nil {
 			return sf.FormatError(err)
 		}
@@ -597,7 +613,7 @@ func (sf *StreamFormatter) FormatStatus(format string, a ...interface{}) []byte
 func (sf *StreamFormatter) FormatError(err error) []byte {
 	sf.used = true
 	if sf.json {
-		if b, err := json.Marshal(&JsonMessage{Error:err.Error()}); err == nil {
+		if b, err := json.Marshal(&JSONMessage{Error: err.Error()}); err == nil {
 			return b
 		}
 		return []byte("{\"error\":\"format error\"}")
@@ -608,10 +624,10 @@ func (sf *StreamFormatter) FormatError(err error) []byte {
 func (sf *StreamFormatter) FormatProgress(action, str string) []byte {
 	sf.used = true
 	if sf.json {
-		b, err := json.Marshal(&JsonMessage{Progress:str})
+		b, err := json.Marshal(&JSONMessage{Status: action, Progress: str})
 		if err != nil {
-                        return nil
-                }
+			return nil
+		}
 		return b
 	}
 	return []byte(action + " " + str + "\r")
@@ -620,3 +636,47 @@ func (sf *StreamFormatter) FormatProgress(action, str string) []byte {
 func (sf *StreamFormatter) Used() bool {
 	return sf.used
 }
+
+func CheckLocalDns() bool {
+	resolv, err := ioutil.ReadFile("/etc/resolv.conf")
+	if err != nil {
+		Debugf("Error openning resolv.conf: %s", err)
+		return false
+	}
+	for _, ip := range []string{
+		"127.0.0.1",
+		"127.0.1.1",
+	} {
+		if strings.Contains(string(resolv), ip) {
+			return true
+		}
+	}
+	return false
+}
+
+func ParseHost(host string, port int, addr string) string {
+	if strings.HasPrefix(addr, "unix://") {
+		return addr
+	}
+	if strings.HasPrefix(addr, "tcp://") {
+		addr = strings.TrimPrefix(addr, "tcp://")
+	}
+	if strings.Contains(addr, ":") {
+		hostParts := strings.Split(addr, ":")
+		if len(hostParts) != 2 {
+			log.Fatal("Invalid bind address format.")
+			os.Exit(-1)
+		}
+		if hostParts[0] != "" {
+			host = hostParts[0]
+		}
+		if p, err := strconv.Atoi(hostParts[1]); err == nil {
+			port = p
+		}
+	} else {
+		host = addr
+	}
+	return fmt.Sprintf("tcp://%s:%d", host, port)
+}
+
+
--- a/utils/utils_test.go
+++ b/utils/utils_test.go
@@ -261,3 +261,34 @@ func TestCompareKernelVersion(t *testing.T) {
 		&KernelVersionInfo{Kernel: 3, Major: 8, Minor: 0, Flavor: "0"},
 		-1)
 }
+
+func TestHumanSize(t *testing.T) {
+
+	size1000 := HumanSize(1000)
+	if size1000 != "1 kB" {
+		t.Errorf("1000 -> expected 1 kB, got %s", size1000)
+	}
+
+	size1024 := HumanSize(1024)
+	if size1024 != "1.024 kB" {
+		t.Errorf("1024 -> expected 1.024 kB, got %s", size1024)
+	}
+}
+
+func TestParseHost(t *testing.T) {
+	if addr := ParseHost("127.0.0.1", 4243, "0.0.0.0"); addr != "tcp://0.0.0.0:4243" {
+		t.Errorf("0.0.0.0 -> expected tcp://0.0.0.0:4243, got %s", addr)
+	}
+	if addr := ParseHost("127.0.0.1", 4243, "0.0.0.1:5555"); addr != "tcp://0.0.0.1:5555" {
+		t.Errorf("0.0.0.1:5555 -> expected tcp://0.0.0.1:5555, got %s", addr)
+	}
+	if addr := ParseHost("127.0.0.1", 4243, ":6666"); addr != "tcp://127.0.0.1:6666" {
+		t.Errorf(":6666 -> expected tcp://127.0.0.1:6666, got %s", addr)
+	}
+	if addr := ParseHost("127.0.0.1", 4243, "tcp://:7777"); addr != "tcp://127.0.0.1:7777" {
+		t.Errorf("tcp://:7777 -> expected tcp://127.0.0.1:7777, got %s", addr)
+	}
+	if addr := ParseHost("127.0.0.1", 4243, "unix:///var/run/docker.sock"); addr != "unix:///var/run/docker.sock" {
+		t.Errorf("unix:///var/run/docker.sock -> expected unix:///var/run/docker.sock, got %s", addr)
+	}
+}