DockerHow-ToIntermediate · 4 min read

How to Use Docker Compose for Production Environments

Use docker-compose.yml with production-ready settings like specific image tags, environment variables, volumes, and networks. Run docker compose -f docker-compose.yml up -d to start services in detached mode, ensuring stable, repeatable deployments.

📐

Syntax

A docker-compose.yml file defines services, networks, and volumes for your app. Key parts include:

version: Compose file format version.
services: Containers to run, each with image, ports, environment, volumes.
networks: Custom networks for service communication.
volumes: Persistent storage outside containers.

Use docker compose -f docker-compose.yml up -d to start services in the background.

yaml

version: '3.9'
services:
  web:
    image: myapp:1.0.0
    ports:
      - "80:80"
    environment:
      - NODE_ENV=production
    volumes:
      - web-data:/var/www/html
    networks:
      - webnet
volumes:
  web-data:
networks:
  webnet:

💻

Example

This example shows a simple production setup with a web service and a database. It uses fixed image tags, environment variables for secrets, persistent volumes, and a custom network.

yaml

version: '3.9'
services:
  web:
    image: nginx:1.23.3
    ports:
      - "80:80"
    volumes:
      - web-content:/usr/share/nginx/html:ro
    networks:
      - frontend
  db:
    image: postgres:15.2
    environment:
      POSTGRES_USER: produser
      POSTGRES_PASSWORD: securepassword
      POSTGRES_DB: proddb
    volumes:
      - db-data:/var/lib/postgresql/data
    networks:
      - backend
volumes:
  web-content:
  db-data:
networks:
  frontend:
  backend:

Output

Creating network "frontend" with driver "bridge" Creating network "backend" with driver "bridge" Creating volume "web-content" with default driver Creating volume "db-data" with default driver Creating service web ... done Creating service db ... done

⚠️

Common Pitfalls

Common mistakes when using Docker Compose in production include:

Using latest image tags instead of fixed versions, causing unpredictable updates.
Not setting environment variables securely, risking secrets exposure.
Missing persistent volumes, losing data on container restart.
Running containers as root user, which is a security risk.
Not using detached mode (-d), which blocks the terminal.

Always test your compose file in a staging environment before production.

yaml

version: '3.9'
services:
  app:
    image: myapp:latest  # Avoid using 'latest' in production
    environment:
      - SECRET_KEY=mysecret  # Avoid hardcoding secrets
    ports:
      - "8080:8080"

# Corrected version:
version: '3.9'
services:
  app:
    image: myapp:1.0.0
    environment:
      SECRET_KEY: ${SECRET_KEY}  # Use environment variables or secrets management
    ports:
      - "8080:8080"

📊

Quick Reference

Tips for production Docker Compose:

Use fixed image tags, never latest.
Store secrets outside compose files, use environment variables or secret managers.
Use volumes for persistent data.
Run containers as non-root users.
Use docker compose up -d to run in detached mode.
Define networks to isolate services.

✅

Key Takeaways

Always use fixed image tags in production to avoid unexpected updates.

Use environment variables or secret management for sensitive data, not hardcoded values.

Persist data with volumes to prevent data loss on container restarts.

Run containers in detached mode with 'docker compose up -d' for stable background operation.

Test your Docker Compose setup in staging before deploying to production.