Networking

Docker Compose Tip #31: Network isolation between services

Secure your application architecture by isolating services in separate networks. Not every service needs to talk to every other service! Default behavior: All connected By default, all services share the same network: # All services can communicate services: web: image: nginx api: image: myapi database: image: postgres Problem: web can directly access database - potential security risk! Network isolation pattern Create separate networks for different tiers: ...

Docker Compose Tip #21: Understanding bridge vs host networking modes

Choose the right networking mode for your containers. Understand when isolation matters and when performance is key. Bridge mode (default) The default and most secure option - containers get their own network namespace: services: web: image: nginx ports: - "8080:80" # Port mapping required networks: - app_network db: image: postgres:15 networks: - app_network networks: app_network: driver: bridge Containers can communicate using service names (web, db) within the network. ...

Docker Compose Tip #13: Using external networks to connect multiple projects

Need your frontend project to talk to a backend in another Compose project? External networks let you connect containers across different stacks. The problem Two separate Compose projects need to communicate: frontend/compose.yml - React app backend/compose.yml - API service By default, each creates its own isolated network. The solution Create a shared external network: # Create the network once docker network create shared-network Then reference it in both projects: backend/compose.yml: ...

Docker Compose Tip #6: Service discovery and internal DNS

Hardcoding IP addresses in your containers? Docker Compose provides automatic DNS-based service discovery. Each service can reach another using just the service name. How it works Docker Compose creates a default network and registers each container with an internal DNS server. The DNS name matches the service name in your compose.yml. services: web: image: nginx environment: # Just use the service name! API_URL: http://api:3000 DB_HOST: postgres api: image: myapi environment: DATABASE_URL: postgres://user:pass@postgres:5432/mydb postgres: image: postgres:15 No configuration needed. The web service connects to api using http://api:3000, and api connects to postgres using the hostname postgres. ...