compose module
The template file is Compose
the core of using , and there are many instruction keywords involved. But don’t worry, most of the commands and related parameters here docker run
have similar meanings.
The default template file name is docker-compose.yml
, and the format is YAML format.
version: "3" services: webapp: image: examples/web ports: \- "80:80" volumes: \- "/data"
Note that each service must image
specify a mirror through the command or build
the command (requires Dockerfile), etc. to automatically build and generate the mirror.
If build
the command is used, Dockerfile
the options set in (for example: CMD
, EXPOSE
, VOLUME
, ENV
etc.) will be automatically obtained, and there is no need docker-compose.yml
to repeat the settings in .
The usage of each command is introduced below.
build
Specify Dockerfile
the path of the folder where is located (it can be an absolute path, or a path relative to the docker-compose.yml file). Compose
It will be used to automatically build this image, and then use this image.
version: '3' services: webapp: build: ./dir
You can also use context
the directive to specify Dockerfile
the path to the folder where is located.
Use dockerfile
the directive to specify Dockerfile
the filename.
Use arg
the directive to specify variables when building an image.
version: '3' services: webapp: build: context: ./dir dockerfile: Dockerfile-alternate args: buildno: 1
Use to cache_from
specify the cache of the built image
build: context: . cache_from: - alpine:latest - corp/web_app:3.14
cap_add, cap_drop
Specifies the kernel capacity allocation for the container.
For example, making a container have all capabilities can be specified as:
cap_add:
- ALL
The ability to remove NET_ADMIN can be specified as:
cap_drop:
- NET_ADMIN
command
Overrides the command that is executed by default when the container starts.
command: echo "hello world"
configs
For use only , please refer to the section Swarm mode
for details .Swarm mode
cgroup_parent
Specifying a parent cgroup
group means that the resource limits of that group will be inherited.
For example, a cgroup group name is created cgroups_1
.
cgroup_parent: cgroups_1
container_name
Specify a container name. 项目名称_服务名称_序号
This format will be used by default .
container_name: docker-web-container
Note: After specifying the container name, the service will not be able to scale (scale), because Docker does not allow multiple containers with the same name.
deploy
For use only , please refer to the section Swarm mode
for detailsSwarm mode
devices
Specifies the device mapping relationship.
devices:
- "/dev/ttyUSB1:/dev/ttyUSB0"
depends_on
Solve the problem of container dependency and startup sequence. In the following example, it will start first redis
db
and then startweb
version: '3' services: web: build: . depends_on: - db - redis redis: image: redis db: image: postgres
Note:
web
The service does not wait forredis
db
"Full Start" before starting.
dns
Custom DNS
server. Can be a value or a list.
dns: 8.8.8.8
dns: - 8.8.8.8 - 114.114.114.114
dns_search
Configure DNS
search domains. Can be a value or a list.
dns_search: example.com
dns_search: \- domain1.example.com \- domain2.example.com
tmpfs
Mount a tmpfs file system to the container.
tmpfs: /run
tmpfs: \- /run \- /tmp
env_file
Get environment variables from a file, which can be a single file path or a list.
If docker-compose -f FILE
the Compose template file is specified by way, env_file
the path of the variable in will be based on the path of the template file.
If a variable name environment
conflicts with a directive, by convention, the latter takes precedence.
env_file: .env
env_file: \- ./common.env \- ./apps/web.env \- /opt/secrets.env
Each line in the environment variable file must conform to the format, supporting #
comment lines beginning with .
# common.env: Set development environment
PROG_ENV=development
environment
Set environment variables. You can use both array and dictionary formats.
A variable with only a given name will automatically get the value of the corresponding variable on the host running Compose, which can be used to prevent unnecessary data leakage.
environment: RACK_ENV: development SESSION_SECRET:
environment: \- RACK_ENV=development \- SESSION_SECRET
If the variable name or value uses words that true|false,yes|no
express the meaning of Boolean , it is best to put them in quotation marks to prevent YAML from automatically parsing certain content into corresponding Boolean semantics. These specific words, including
y|Y|yes|Yes|YES|n|N|no|No|NO|true|True|TRUE|false|False|FALSE|on|On|ON|off|Off|OFF
expose
Ports are exposed, but not mapped to the host, only accessed by connected services.
Only internal ports can be specified as parameters
expose: - "3000" - "8000"
external_links
Note: This command is deprecated.
Links to docker-compose.yml
containers outside of , not even Compose
external containers managed by .
external_links: - redis_1 - project_db_1:mysql - project_db_1:postgresql
extra_hosts
Similar to the parameter in Docker --add-host
, specify additional host name mapping information.
extra_hosts: - "googledns:8.8.8.8" - "dockerhub:52.1.157.61"
/etc/hosts
The following two entries will be added to the file in the service container after startup .
8.8.8.8 googledns
52.1.157.61 dockerhub
healthcheck
Check whether the container is healthy and running with the command.
healthcheck: test: ["CMD", "curl", "-f", "http://localhost"] interval: 1m30s timeout: 10s retries: 3
image
Specified as an image name or image ID. If the mirror does not exist locally, Compose
an attempt will be made to pull the mirror.
image: free
image: orchardup/postgresql
image: a4bc65fd
labels
Add Docker metadata (metadata) information for the container. For example, auxiliary description information can be added to the container.
labels: com.startupteam.description: "webapp for a startup team" com.startupteam.department: "devops department" com.startupteam.release: "rc3 for v1.0"
links
Note: This command is deprecated.
logging
Configure logging options.
logging: driver: syslog options: syslog-address: "tcp://192.168.0.42:123"
Currently three log driver types are supported.
driver: "json-file" driver: "syslog" driver: "none"
options
Configure related parameters of the log driver.
options: max-size: "200k" max-file: "10"
network_mode
Set the network mode. Use the same value as for the parameter docker run
of --network
.
network_mode: "bridge" network_mode: "host" network_mode: "none" network_mode: "service:[service name]" network_mode: "container:[container name/id]"
networks
Configure the network the container is connected to.
version: "3" services: some-service: networks: \- some-network \- other-network networks: some-network: other-network:
pid
Share the process namespace with the host system. The containers with this option enabled, as well as the container and the host system, can access and operate each other through the process ID.
pid: "host"
ports
Expose port information.
Use the hostport:containerport (HOST:CONTAINER)
format, or just specify the container's port (the host will choose a port randomly).
ports: - "3000" - "8000:8000" - "49100:22" - "127.0.0.1:8001:8001"
Note: When using *HOST:CONTAINER*
format to map ports, if you use a container port less than 60 and don't put it in quotes, you may get wrong results, because this number format *YAML*
is automatically parsed as base 60. *xx:yy*
To avoid this kind of problem, it is recommended that all numeric strings use the string format enclosed in quotation marks.
secrets
Store sensitive data, such as mysql
service passwords.
version: "3.1" services: mysql: image: mysql environment: MYSQL_ROOT_PASSWORD_FILE: /run/secrets/db_root_password secrets: - db_root_password - my_other_secret secrets: my_secret: file: ./my_secret.txt my_other_secret: external: true
security_opt
Specifies the default attributes (user, role, type, level, etc.) of the container template label (label) mechanism. For example, configure the user name and role name of the label.
security_opt: - label:user:USER - label:role:ROLE
stop_signal
Set another signal to stop the container. By default it uses SIGTERM to stop the container.
stop_signal: SIGUSR1
sysctls
Configure container kernel parameters.
sysctls: net.core.somaxconn: 1024 net.ipv4.tcp_syncookies: 0 sysctls: - net.core.somaxconn=1024 - net.ipv4.tcp_syncookies=0
ulimits
Specifies the ulimits limit value for the container.
For example, specify the maximum number of processes as 65535, specify the number of file handles as 20000 (soft limit, which can be modified by the application at any time, and cannot exceed the hard limit) and 40000 (system hard limit, which can only be increased by the root user).
ulimits: nproc: 65535 nofile: soft: 20000 hard: 40000
volumes
The path setting where the data volume is mounted. It can be set as host path ( HOST:CONTAINER
) or data volume name ( VOLUME:CONTAINER
), and access mode ( HOST:CONTAINER:ro
).
The path in this directive supports relative paths.
volumes: - /var/lib/mysql - cache/:/tmp/cache - ~/configs:/etc/configs/:ro
If the path is a data volume name, the data volume must be configured in the file.
version: "3" services: my_src: image: mysql:8.0 volumes: - mysql_data:/var/lib/mysql volumes: mysql_data:
other instructions
In addition, there are domainname, entrypoint, hostname, ipc, mac_address, privileged, read_only, shm_size, restart, stdin_open, tty, user, working_dir
instructions including and so on, which are basically docker run
consistent with the functions of the corresponding parameters in .
Specify the entry file to be executed after the service container starts.
entrypoint: /code/entrypoint.sh
Specifies the username running the application in the container.
user: nginx
Specifies the working directory in the container.
working_dir: /code
Search the domain name, host name, mac address, etc. in the specified container.
domain name: your_website.com
hostname: test
mac_address: 08-00-27-00-0C-0A
Allow some privileged commands to run in the container.
privileged: true
Specifies that the restart policy after the container exits is always restart. always
This command is very effective for keeping the service running all the time, and it is recommended to configure it as or in a production environment unless-stopped
.
restart: always
Mounting the root filesystem of a container in read-only mode means that the contents of the container cannot be modified.
read_only: true
Open standard input, which can accept external input.
stdin_open: true
Simulate a pseudo-terminal.
tty: true
read variable
Compose template files support dynamic reading of host system environment variables and .env
variables in files in the current directory.
For example, the Compose file below will read ${MONGO_VERSION}
the values of variables from the environment in which it is run, and write them to the executed instructions.
version: "3"
services:
db:
image: "mongo:${MONGO_VERSION}"
If executed MONGO_VERSION=3.2 docker-compose up
, a mongo:3.2
mirrored container will be started; if executed, MONGO_VERSION=2.8 docker-compose up
a mongo:2.8
mirrored container will be started.
If there is .env
a file in the current directory, docker-compose
variables will be read from the file when the command is executed.
Create a new file in the current directory .env
and write the following content.
# Support # comments
MONGO_VERSION=3.6
Executing docker-compose up
will start a mongo:3.6
mirrored container.
Common modules
1. build command
Build the image according to the dockerfile before starting the container through docker-compose, and then start the container according to the built image
2.command
Override the command executed by default after the container starts
3.container_name
Used to specify the docker-compose startup container name Note: It is not recommended to specify the container name
4.depends_on
Solve the problem of container dependency and startup sequence
5.environment
Used to specify environment variables for container startup equivalent to docker run -e
6.env_file
Used to specify the environment variable file for container startup
7.expose
Used to specify the port number exposed by the container during image building docker run -p port: port
8.image
Used to specify the starting container to use the image docker run image (image name or ID)
9.networks
Used to specify the network docker run --network for container startup
10.ports
Used to specify host and container port mapping docker run -p
11.volumes
Used to specify the container directory mapping docker run -v in the host
12.restart
Used to specify whether the docker container always runs docker run --restart=always