Runtime

docker compose up streams logs from every service in a single terminal. That works fine for two or three services. With a stack that includes a chatty proxy, a healthcheck loop, or a model server printing tokenizer warnings every second, the signal-to-noise ratio drops fast. attach: false tells Compose to keep the service running but stop streaming its logs to the foreground. Per-service in the Compose file Mark the noisy service: ...

Linux isolates containers using kernel namespaces. Sometimes you need the opposite: two containers that can see each other’s processes or share memory. The pid and ipc directives give you that escape hatch. Sharing a PID namespace pid: service:<name> lets a container see and act on processes inside another service: services: app: image: myapp debugger: image: alpine pid: service:app cap_add: - SYS_PTRACE command: sleep infinity The debugger container’s ps, strace, and /proc all reflect app’s processes. Combined with cap_add: SYS_PTRACE, you can attach strace or gdb to a running production-style container without baking debug tools into its image. ...

CPU and memory limits (Tip #16) cover the obvious resources. Two more options solve specific problems: ulimits for kernel limits and shm_size for shared memory. ulimits: kernel resource limits ulimits controls per-container limits the Linux kernel enforces: open file descriptors, processes, locked memory, and others. services: api: image: myapi ulimits: nofile: soft: 65536 hard: 65536 nproc: 4096 soft is the default, hard is the maximum the process can raise itself to. For most simple cases, set them equal. ...

Both entrypoint and command define what runs when a container starts. They look similar, but they play different roles, and confusing them leads to surprising behavior. The mental model When a container starts, Docker runs: <entrypoint> <command> entrypoint is the executable command is the default arguments passed to it If the image’s Dockerfile has ENTRYPOINT ["python"] and CMD ["app.py"], the container runs python app.py. Overriding from Compose Both can be overridden in Compose: ...

Running ML models, video processing, or any GPU-accelerated workload? Compose lets you reserve GPU devices for specific services. Basic GPU access Give a service access to all available GPUs: services: ml-training: image: pytorch/pytorch deploy: resources: reservations: devices: - driver: nvidia count: all capabilities: [gpu] Limiting GPU count Reserve a specific number of GPUs instead of all: services: inference: image: mymodel:latest deploy: resources: reservations: devices: - driver: nvidia count: 1 capabilities: [gpu] Selecting specific GPUs by ID Target specific GPU devices when you have multiple: ...