Docker
Running Docker Compose in production
Docker Compose is excellent for local development. Running it in production requires a few additional considerations: resource limits, health checks, log management, and a strategy for zero-downtime updates.
Resource limits
Always set mem_limit and cpus on every service. Without limits, a misbehaving container can consume all available memory and crash the host.
services:
app:
image: myapp:latest
mem_limit: 512m
cpus: 0.5
restart: unless-stopped
Health checks
Define a healthcheck so Docker knows when a container is actually ready to serve traffic — not just started.
healthcheck: test: ["CMD", "curl", "-f", "http://localhost:3000/health"] interval: 30s timeout: 5s retries: 3 start_period: 10s
Logging
By default Docker uses the json-file driver with no rotation. Set a max size to prevent logs from filling your disk.
logging:
driver: json-file
options:
max-size: "10m"
max-file: "3"
Zero-downtime updates
Docker Compose doesn’t support rolling updates natively. The simplest approach: use docker compose up -d --no-deps service to restart a single service. For true zero-downtime, run two instances behind a reverse proxy (Nginx Front Door) and update them one at a time.
Persistent data
Never store persistent data inside containers. Always use named volumes or bind mounts to a path on persistent block storage. This ensures data survives container rebuilds and host reboots.