Docker Compose Networking, Volumes, and Runtime Controls

Docker Compose•Permalink

Compose patterns for ports, networks, volumes, secrets, configs, and runtime controls.

View

Standard Detailed Compact

Export

Copy the compact sheet, download it, or print it.

Download

`D` dense toggle · `C` copy all

Ports and Networks

Publish ports and design inter-service connectivity.

Publish container port

Maps host port 8080 to container port 80.

↗#

yamlANYdockercomposeports

yaml

services:
  web:
    image: nginx:alpine
    ports:
      - "8080:80"

Use this for browser access from the host.

Bind only on localhost

Publishes the service only to the local machine.

↗#

yamlANYdockercomposeportssecurity

yaml

services:
  db:
    image: postgres:16
    ports:
      - "127.0.0.1:5432:5432"

Useful for local databases not meant for LAN exposure.

Attach services to custom network

Defines multiple named networks for segmentation.

↗#

yamlANYdockercomposenetworks

yaml

services:
  web:
    image: nginx:alpine
    networks: ["frontend"]
  api:
    image: myapi:latest
    networks: ["frontend", "backend"]

networks:
  frontend: {}
  backend: {}

Great for separating public and private service paths.

Set network aliases

Adds alternate DNS names for a service on a network.

↗#

yamlANYdockercomposenetwork-alias

yaml

services:
  api:
    image: myapi:latest
    networks:
      backend:
        aliases:
          - internal-api

networks:
  backend: {}

Useful when multiple apps expect a specific hostname.

Resolve published port

Shows the host binding for a service port.

↗#

bashANYdockercomposeport

bash

docker compose port web 80

Useful when ports were assigned dynamically.

Volumes and Storage

Persist data and mount source code or configs.

Named volume for persistent data

Stores database data in a managed named volume.

↗#

yamlANYdockercomposevolumesstorage

yaml

services:
  db:
    image: postgres:16
    volumes:
      - pgdata:/var/lib/postgresql/data

volumes:
  pgdata: {}

Preferred over bind mounts for durable container data.

Bind mount local source

Mounts the current directory into the container.

↗#

yamlANYdockercomposebind-mount

yaml

services:
  app:
    image: node:20
    working_dir: /app
    volumes:
      - ./:/app

Very common for live-reload development flows.

Read-only bind mount

Mounts a host file as read-only in the container.

↗#

yamlANYdockercomposereadonlymount

yaml

services:
  nginx:
    image: nginx:alpine
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro

Good for config files that should not be modified in-place.

Use tmpfs mount

Creates an in-memory temporary filesystem for the service.

↗#

yamlANYdockercomposetmpfs

yaml

services:
  app:
    image: myapp:latest
    tmpfs:
      - /tmp

Useful for ephemeral scratch data.

Remove stack and its volumes

Tears down the project and deletes named volumes created for it.

↗#

bashANYdockercomposevolumescleanup

bash

docker compose down -v

Use with caution on any stateful stack.

Configs and Secrets Patterns

Inject files and sensitive values into services.

Mount a secret file

Mounts a file-backed secret into the container.

↗#

yamlANYdockercomposesecrets

yaml

services:
  api:
    image: myapi:latest
    secrets:
      - app_key

secrets:
  app_key:
    file: ./secrets/app_key.txt

Useful for credentials and tokens you do not want inline in YAML.

Mount a config file

Provides a structured way to mount a config artifact.

↗#

yamlANYdockercomposeconfigs

yaml

services:
  nginx:
    image: nginx:alpine
    configs:
      - source: nginx_conf
        target: /etc/nginx/conf.d/default.conf

configs:
  nginx_conf:
    file: ./nginx/default.conf

Helpful when treating config as a managed resource.

Resource and Runtime Controls

Control runtime behavior and limits.

Restart policy

Restarts the service unless it is explicitly stopped.

↗#

yamlANYdockercomposerestart-policy

yaml

services:
  api:
    image: myapi:latest
    restart: unless-stopped

A common default for long-running local or small-host services.

Raise ulimits

Sets per-container ulimits for file handles and similar resources.

↗#

yamlANYdockercomposeulimits

yaml

services:
  app:
    image: myapp:latest
    ulimits:
      nofile:
        soft: 65535
        hard: 65535

Useful for proxies, databases, and event-driven services.

Inject extra hosts

Adds static host entries inside the container.

↗#

yamlANYdockercomposeextra-hosts

yaml

services:
  app:
    image: myapp:latest
    extra_hosts:
      - "host.docker.internal:host-gateway"

Helpful for connecting back to services on the Docker host.

More in Docker Compose

Docker Compose Dev, Debugging, CI, and Production Patterns

Developer workflows, troubleshooting commands, CI flows, and small-host production Compose patterns.

Docker Compose Files and YAML Patterns

compose.yaml examples for services, variables, profiles, overrides, and dependency-aware startup.

Docker Compose Cheat Sheet

Commands for starting, stopping, inspecting, and operating Docker Compose projects.

Recommended next

No recommendations yet.

Browse all sheets →