BuildKit is the build backend that replaced Docker’s legacy image builder. When you run docker build on any recent version of Docker, you’re using BuildKit under the hood. It lives in the Moby project and is also the engine behind buildx, nerdctl build, earthly, depot.dev, and most of the third-party container build tools in the ecosystem.
The key idea is LLB (Low-Level Build), an intermediate representation that describes a build as a DAG of filesystem operations. Frontends parse high-level input — Dockerfiles or custom formats — into LLB, and the BuildKit daemon executes that DAG with aggressive parallelism and fine-grained content-addressed caching. Independent stages run concurrently, cache keys are computed per operation from input digests rather than per-line, and cache can be exported to and imported from an OCI registry so CI runners share work. It also supports secret mounts (--mount=type=secret), SSH forwarding (--mount=type=ssh), rootless builds, and cross-platform builds via QEMU emulation or remote builders.
Architecturally it’s buildkitd (the daemon, written in Go) plus buildctl (a thin client), though most users only ever interact with it through docker buildx. Because the Dockerfile frontend is itself pulled from an image (# syntax=docker/dockerfile:1.7), new Dockerfile features ship independently of the BuildKit release cycle. If you care about build performance, BuildKit is not optional — it’s the baseline.
