Docker Compose

Docker-compose

services:
  web:
    build: .
    ports:
      - "8000:5000"
    volumes:
      - .:/code
      - logvolume01:/var/log
    depends_on:
      - redis
  redis:
    image: redis
volumes:
  logvolume01: {}

Docker Compose Best Practices

Docker Compose is a tool for defining and running multi-container Docker applications. Use these best practices to ensure efficient, secure, and maintainable Compose files for real-world DevOps workflows.


Best Practices for Docker Compose

  • Pin image versions (avoid latest) for reproducibility and stability.

  • Use environment variables for secrets and configuration (never hardcode credentials).

  • Leverage named volumes for persistent data and easier backups.

  • Use healthchecks to monitor service health and enable automated recovery.

  • Limit container privileges (avoid privileged mode, use read_only where possible).

  • Define resource limits (mem_limit, cpus) to prevent resource contention.

  • Use .dockerignore to exclude unnecessary files from build context.

  • Document service dependencies with depends_on and comments.

  • Store Compose files in version control and automate deployments with CI/CD (GitHub Actions, Azure Pipelines, GitLab CI).


Example: Production-Ready Compose File

version: '3.8'
services:
  web:
    build: .
    image: myapp/web:1.0.0
    ports:
      - "8000:5000"
    volumes:
      - .:/code
      - logvolume01:/var/log
    depends_on:
      - redis
    environment:
      - APP_ENV=production
      - REDIS_URL=redis://redis:6379
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:5000/health"]
      interval: 30s
      timeout: 10s
      retries: 3
    deploy:
      resources:
        limits:
          cpus: '0.50'
          memory: 512M
  redis:
    image: redis:7.2.4
    volumes:
      - redisdata:/data
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 30s
      timeout: 10s
      retries: 3
volumes:
  logvolume01: {}
  redisdata: {}

Real-Life Usage Tips

  • Use .env files to manage environment variables and secrets.

  • Use docker compose --env-file to specify different environments (dev, staging, prod).

  • Integrate Compose with CI/CD for automated testing and deployment.

  • Use docker compose logs -f and docker compose ps for troubleshooting.

  • Clean up unused resources with docker system prune and docker volume prune.


Common Pitfalls

  • Using latest image tags (can cause unexpected updates)

  • Hardcoding secrets in Compose files

  • Not defining healthchecks (harder to detect failing services)

  • Not setting resource limits (can lead to resource exhaustion)

  • Forgetting to persist data with named volumes


References


Last updated