Docker Compose - Nikola's Digital Garden

# Docker Compose - [[Installing Docker Compose]] ## Anatomy of the Compose Configuration File For full specification see [Compose specification](https://docs.docker.com/compose/compose-file/). - A version used to be specified but is no longer recommended - The file should ideally be called `compose.yaml` A compose file has the following structure: - `services:` - `image: cloudflare/cloudflared:latest`. `docker compose pull` will pull all service images from a compose file - `build:` used for services that are built from a Dockerfile. - `context: dnsperftest` which contains a relative path to the folder which contains the Dockerfile. - These services are built the first time `docker compose up` is called. If you want to rebuild them you can call `up` with the `--build` parameter - Note that these services (or images their Dockerfiles) contained are not pulled automatically with `docker compose pull` - `container_name: cloudflared` - `restart: unless-stopped` valid values are `always`, `unless-stopped` and `no` (default) - `command: tunnel --no-autoupdate run` - `entrypoint: /gluetun/gluetun.sh` - `env_file: ./secrets/cloudflared.env` - `environment:` - `- One=1000` - `user: uid:gid` user and group IDs of the user that will run the container - `ports:` contains a dash bullet list of all port mappings ^l4lb4o - `- "9000:8080"` map TCP 9000 on the host to 8080 on the container for all host interfaces - `- "127.0.0.1:9000:8080"` map 9000 on the host to 8080 on the container, but only for loopback interface - `- 8388:8388/tcp` - `- 8388:8388/udp` - `volumes:` contains a dash bullet list of all volume mappings - `- "./1password-credentials.json:/home/opuser/.op/1password-credentials.json"` - `- "data:/home/opuser/.op/data"` here `data:` is a volume defined below in the `volumes:` section - `network_mode: "container:gluetun"` - `networks:` ^kjfdlo - If the simple structure is used, this section contains a dash bullet list with network names - Because all networks are user-defined ones (even the project default one), container DNS will always work. You can reference containers by both their service name and their container name. - If the object structure is used it allows for configuring options like - `sampleNetwork:` object structure example - `ipv4_address: 192.168.0.60` - `mac_address:` hardcode a MAC address - `dns:` use a custom DNS server. Especially useful for MACVLAN-s, as by default the assigned DNS is that of the parent interface. - `depends_on:` - If the simple structure is used contains a dash bullet list of all services that should be started first - It can also be an object for each service. This allows for a condition to be specified - `secrets:` (sample service this one depends on) - `condition: service_completed_successfully` - `labels`: - `- "com.example.description=Accounting webapp"` - `com.example.description: "Accounting webapp"` - `cap_add`: - `NET_ADMIN` - `sysctls`: - `net.ipv4.conf.all.src_valid_mark=1` - `networks:` ^1qebso - Contains an object for each network used in the compose file - `external: true` is used to define a network that is externally created (not in this project) - `driver:` the name of the driver - `driver_opts:` driver-specific options such as the parent interface - `parent: eth0` (example driver option) - `ipam:` IP options. Subnet should start with a dash (-), associated gateway should be on a separate line without a dash - `subnet: 192.168.0.0/24` - `gateway: 192.168.0.1` - `volumes:` - Contains an object for each volume ## The Default Docker Compose Project Network Docker Compose automatically creates a default bridge network for the compose file called `default` and places all services that do not explicitly specify a network in it. If you want a service to join another network in addition to the default one, you need to explicitly specify both the default network and the name of the other network. The default network is called `default` in the context of the Compose project. In the wider Docker context, Compose will prepend the name of the project to it (so the network will be called `PROJECTNAME_default` in the wider Docker world). Note that because the default Compose network is still a user-defined Docker network, container name resolution will work.