**Chapter 7: Docker Compose for Local Development**

Single containers are insufficient for modern applications. A typical web service requires a database, cache, message queue, and possibly additional microservices. **Docker Compose** is the local orchestration tool that defines and runs multi-container applications. This chapter teaches you to replicate production architectures on your development machine—ensuring that what you build locally behaves identically to what deploys to Kubernetes clusters.

---

### 7.1 Docker Compose Introduction

Docker Compose is a tool for defining and running multi-container Docker applications using a declarative YAML configuration file. While Kubernetes orchestrates containers at scale in production, Compose provides the same orchestration paradigm for local development.

#### The Problem Compose Solves

Without Compose, starting a full application stack requires multiple terminal windows and complex `docker run` commands:

```bash
# Manual approach (error-prone and tedious)
docker network create app-network

docker run -d --name postgres \
  -e POSTGRES_PASSWORD=secret \
  -v postgres-data:/var/lib/postgresql/data \
  --network app-network \
  postgres:15

docker run -d --name redis \
  --network app-network \
  redis:7

docker run -d --name api \
  -e DATABASE_URL=postgres://postgres:secret@postgres:5432/app \
  -e REDIS_URL=redis://redis:6379 \
  -p 3000:3000 \
  --network app-network \
  myapp:latest
```

**With Compose**, a single file defines the entire stack, started with one command:

```bash
docker compose up -d
```

#### Compose vs. Kubernetes

While both use declarative YAML and similar concepts (services, networks, volumes), they serve different purposes:

| Aspect | Docker Compose | Kubernetes |
|--------|---------------|------------|
| **Scope** | Single host (laptop/single server) | Distributed cluster (many nodes) |
| **Complexity** | Simple, batteries included | Complex, highly configurable |
| **Production** | Not recommended (use Swarm or K8s) | Industry standard |
| **Scaling** | Limited (`scale` command) | Advanced (HPA, cluster autoscaling) |
| **Networking** | Automatic bridge networks | CNI plugins, ingress controllers |
| **Storage** | Local volumes only | PersistentVolumes, StorageClasses |

**The Development Contract:** If it works in Compose, it should work in Kubernetes. Compose validates your containerization logic before you pay the complexity cost of Kubernetes.

#### Installation

Docker Compose is now included with Docker Desktop. For Linux, install separately:

```bash
# Install Compose plugin (modern method)
docker compose version  # Check if installed

# If not installed:
sudo apt-get install docker-compose-plugin
# OR
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
```

**Note:** Modern Docker uses `docker compose` (space, plugin) while legacy uses `docker-compose` (hyphen, Python binary). This chapter uses the modern plugin syntax.

**Key Takeaway:** Compose is the **local Kubernetes equivalent**—providing service discovery, networking, and volume management for multi-container applications on a single machine. It bridges the gap between `docker run` and production orchestration.

---

### 7.2 compose.yaml Structure

The Compose Specification uses `compose.yaml` (or `compose.yml`) as the default filename (though `docker-compose.yml` remains supported for backwards compatibility). This file defines services, networks, volumes, and configurations.

#### Top-Level Elements

```yaml
# compose.yaml
name: myapp  # Project name (prefixes containers, networks, volumes)

services:    # Containers to run
  # ... service definitions

networks:    # Custom networks (optional, defaults created automatically)
  # ... network definitions

volumes:     # Named volumes for persistence
  # ... volume definitions

configs:     # Configuration files (similar to K8s ConfigMaps)
  # ... config definitions

secrets:     # Sensitive data (similar to K8s Secrets)
  # ... secret definitions
```

#### Service Definition Anatomy

Each service maps to a container and supports extensive configuration:

```yaml
services:
  web:
    # Image source (mutually exclusive with build)
    image: nginx:alpine
    
    # OR build from Dockerfile
    build:
      context: ./web        # Build context path
      dockerfile: Dockerfile # Dockerfile name (if not default)
      args:                 # Build arguments
        NODE_ENV: production
    
    container_name: web-container  # Custom name (optional)
    
    # Command override
    command: ["nginx", "-g", "daemon off;"]
    
    # Environment variables
    environment:
      - DATABASE_URL=postgres://db:5432/app
      - DEBUG=true
    
    env_file:
      - .env
      - .env.local
    
    # Ports (HOST:CONTAINER)
    ports:
      - "8080:80"
      - "443:443"
    
    # Dependencies (startup order, not health checks)
    depends_on:
      - database
      - redis
    
    # Networks
    networks:
      - frontend
      - backend
    
    # Volumes
    volumes:
      - ./html:/usr/share/nginx/html:ro  # Bind mount (read-only)
      - nginx-cache:/var/cache/nginx      # Named volume
    
    # Resource limits
    deploy:
      resources:
        limits:
          cpus: '1.0'
          memory: 512M
        reservations:
          cpus: '0.25'
          memory: 128M
    
    # Restart policy
    restart: unless-stopped
    
    # Health checks
    healthcheck:
      test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost/"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 40s
```

#### Validation and Linting

Validate your compose file before running:

```bash
# Check syntax and structure
docker compose config

# View resolved config (with env vars substituted)
docker compose config --services
docker compose config --volumes
```

**Key Takeaway:** The `compose.yaml` file is a **contract** between your application's components. It explicitly declares dependencies, network topology, and resource requirements—making implicit assumptions explicit and version-controlled.

---

### 7.3 Defining Services

Services in Compose correspond to the containers we built in Chapter 6. Here we define how those containers interact.

#### Building vs. Pulling Images

**Local Development (Build):**
```yaml
services:
  api:
    build:
      context: ./api
      dockerfile: Dockerfile
      target: development  # Multi-stage target
      args:
        - DEBUG=true
    image: myapp-api:dev  # Tag the built image
```

**Using Pre-built Images (CI/CD artifact):**
```yaml
services:
  api:
    image: registry.example.com/myapp-api:${GIT_COMMIT_SHA:-latest}
    pull_policy: always  # Ensure latest version
```

**Hybrid (Pull if exists, else build):**
```yaml
services:
  api:
    build: ./api
    image: myapp-api:latest
```

#### Service Profiles

Use profiles to define optional services (e.g., debugging tools) that don't start by default:

```yaml
services:
  api:
    build: ./api
  
  # Only started with: docker compose --profile debug up
  mailhog:
    image: mailhog/mailhog:latest
    ports:
      - "8025:8025"
    profiles:
      - debug
      - testing
```

#### Scaling Services

Run multiple instances of a service locally:

```bash
docker compose up -d --scale api=3
```

**Configuration for scaling:**
```yaml
services:
  api:
    build: ./api
    ports:
      - "3000-3002:3000"  # Range mapping for scaled instances
```

**Key Takeaway:** Compose services bridge the gap between your Dockerfiles (Chapter 6) and a running system. Use `build` for development iterations and `image` for integration testing with production artifacts.

---

### 7.4 Networking in Compose

By default, Compose creates a single bridge network for your application. All services can resolve each other by service name (DNS).

#### Default Networking

```yaml
services:
  api:
    build: ./api
    # Can reach database at hostname: postgres
  
  postgres:
    image: postgres:15
    # Can reach api at hostname: api
```

**DNS Resolution:** Compose injects DNS entries so `postgres` resolves to the database container's IP. This is identical to Kubernetes DNS service discovery.

#### Custom Networks

Define explicit networks for traffic segregation (frontend vs. backend):

```yaml
services:
  frontend:
    build: ./frontend
    networks:
      - frontend-network
  
  api:
    build: ./api
    networks:
      - frontend-network
      - backend-network
  
  database:
    image: postgres:15
    networks:
      - backend-network
    # database ISOLATED from frontend (security)

networks:
  frontend-network:
    driver: bridge
    ipam:
      config:
        - subnet: 172.20.0.0/16
  
  backend-network:
    driver: bridge
    internal: true  # No external access (no internet)
```

#### External Networks

Connect to networks created outside Compose (useful for shared services):

```yaml
networks:
  shared-network:
    external: true  # Created manually: docker network create shared-network

services:
  api:
    networks:
      - shared-network  # Can talk to containers outside this compose project
```

#### Host Networking (Linux Only)

Use the host's network stack (useful for performance or specific protocols):

```yaml
services:
  api:
    build: ./api
    network_mode: host  # No port mapping needed, uses host ports directly
```

**Warning:** Loses container isolation. Not recommended for general use.

**Key Takeaway:** Compose networking mirrors **Kubernetes Services**—DNS-based service discovery with network policies for isolation. Design your Compose networks to reflect your production network segmentation.

---

### 7.5 Volumes and Data Persistence

Containers are ephemeral; volumes provide persistence. Compose supports named volumes and bind mounts with distinct use cases.

#### Volume Types

**Named Volumes (Managed by Docker):**
```yaml
services:
  postgres:
    image: postgres:15
    volumes:
      - postgres_data:/var/lib/postgresql/data

volumes:
  postgres_data:
    driver: local
```

- Survives `docker compose down`
- Deleted by `docker compose down -v`
- Stored in Docker's storage directory

**Bind Mounts (Host filesystem):**
```yaml
services:
  api:
    build: ./api
    volumes:
      - ./src:/app/src:ro  # Read-only, live code reloading
      - /app/node_modules   # Anonymous volume (protects container's node_modules from host overwrite)
```

- Maps host directory to container path
- Immediate file sync (both directions)
- Essential for development hot-reloading

**Temporary Filesystems (tmpfs):**
```yaml
services:
  api:
    volumes:
      - type: tmpfs
        target: /tmp
        tmpfs:
          size: 100M
          mode: 1777
```

- In-memory storage (RAM)
- Fast I/O, lost on container restart
- Perfect for caches and temporary files

#### Volume Options

```yaml
volumes:
  # Driver options
  db-data:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: /opt/data/postgres  # Specific host path
  
  # Read-only bind mount
  config:
    type: bind
    source: ./config
    target: /etc/app
    read_only: true
  
  # Volume from another container (legacy pattern)
  shared-logs:
    type: volume
    source: logs
    target: /var/log
    volume:
      nocopy: true
```

#### Initialization and Seeding

Populate volumes on first creation:

```yaml
services:
  postgres:
    image: postgres:15
    volumes:
      - postgres_data:/var/lib/postgresql/data
      - ./init-scripts:/docker-entrypoint-initdb.d:ro
```

**Key Takeaway:** Use **bind mounts** for development code (live reload) and **named volumes** for database persistence. Never store production data in bind mounts—use named volumes or external storage systems.

---

### 7.6 Environment Configuration

Managing environment-specific settings (dev vs. staging vs. local) is critical for the "works on my machine" problem.

#### Environment Variable Precedence

Compose resolves variables in this order (highest to lowest):
1. Command line: `docker compose up -e VAR=value`
2. `.env` file in current directory
3. Shell environment variables
4. Variable defaults in `compose.yaml`

#### The .env File

Create `.env` in the same directory as `compose.yaml`:

```bash
# .env
DATABASE_URL=postgres://postgres:password@db:5432/devdb
REDIS_URL=redis://redis:6379
API_PORT=3000
DEBUG=true
LOG_LEVEL=debug
```

**compose.yaml usage:**
```yaml
services:
  api:
    build: ./api
    ports:
      - "${API_PORT}:3000"
    environment:
      - DATABASE_URL=${DATABASE_URL}
      - DEBUG=${DEBUG:-false}  # Default value if not set
```

#### Multiple Environment Files

Separate configurations for different scenarios:

```bash
# .env.development
DATABASE_URL=postgres://localhost:5432/dev

# .env.production (not committed to git)
DATABASE_URL=postgres://prod-server:5432/app
SECRET_KEY=super-secret
```

**Usage:**
```bash
docker compose --env-file .env.development up
```

#### Configs and Secrets (Production-Parity)

Compose supports Docker Swarm-style configs and secrets (even without Swarm):

```yaml
services:
  api:
    image: myapp-api
    configs:
      - source: app_config
        target: /app/config.json
    secrets:
      - db_password
      - api_key

configs:
  app_config:
    file: ./config.json

secrets:
  db_password:
    file: ./secrets/db_password.txt  # Mounted as /run/secrets/db_password
  api_key:
    environment: API_KEY  # From env var
```

**Key Takeaway:** Environment configuration in Compose should mirror **Kubernetes ConfigMaps and Secrets**. Use `.env` files for local development defaults, but never commit secrets to Git—use Docker Secrets or external vaults for sensitive data.

---

### 7.7 Multi-Container Applications

Let's build a complete application stack: a Node.js API, PostgreSQL database, Redis cache, and Nginx reverse proxy.

#### Complete compose.yaml Example

```yaml
name: ecommerce-platform

services:
  # Frontend (React)
  frontend:
    build:
      context: ./frontend
      target: development
    ports:
      - "3000:3000"
    volumes:
      - ./frontend/src:/app/src:ro
    environment:
      - REACT_APP_API_URL=http://localhost:8080
    depends_on:
      - api
    networks:
      - frontend-tier

  # API (Node.js)
  api:
    build:
      context: ./api
      dockerfile: Dockerfile
    environment:
      - NODE_ENV=development
      - DATABASE_URL=postgres://postgres:postgres@postgres:5432/ecommerce
      - REDIS_URL=redis://redis:6379
      - PORT=3000
    ports:
      - "8080:3000"
    volumes:
      - ./api/src:/app/src:ro
      - api-node-modules:/app/node_modules  # Preserve container's node_modules
    depends_on:
      postgres:
        condition: service_healthy  # Wait for healthcheck, not just container start
      redis:
        condition: service_started
    networks:
      - frontend-tier
      - backend-tier
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3000/health"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s

  # Database
  postgres:
    image: postgres:15-alpine
    environment:
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=postgres
      - POSTGRES_DB=ecommerce
    volumes:
      - postgres-data:/var/lib/postgresql/data
      - ./init-scripts:/docker-entrypoint-initdb.d:ro
    ports:
      - "5432:5432"  # Exposed for local debugging only
    networks:
      - backend-tier
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 5s
      timeout: 5s
      retries: 5

  # Cache
  redis:
    image: redis:7-alpine
    command: redis-server --appendonly yes
    volumes:
      - redis-data:/data
    networks:
      - backend-tier

  # Queue/Worker (background job processor)
  worker:
    build:
      context: ./api  # Same code as API, different command
      dockerfile: Dockerfile.worker
    command: ["node", "worker.js"]
    environment:
      - DATABASE_URL=postgres://postgres:postgres@postgres:5432/ecommerce
      - REDIS_URL=redis://redis:6379
    depends_on:
      - postgres
      - redis
    networks:
      - backend-tier
    deploy:
      replicas: 2  # Scale workers horizontally

  # Reverse Proxy (simulates production ingress)
  nginx:
    image: nginx:alpine
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
      - ./nginx/ssl:/etc/nginx/ssl:ro
    depends_on:
      - frontend
      - api
    networks:
      - frontend-tier

volumes:
  postgres-data:
  redis-data:
  api-node-modules:  # Named volume for node_modules persistence

networks:
  frontend-tier:
    driver: bridge
  backend-tier:
    driver: bridge
    internal: true  # Backend isolated from external access
```

#### Startup Ordering and Health Checks

The `depends_on` with `condition: service_healthy` ensures the API waits for PostgreSQL to actually accept connections, not just for the container to exist.

**Available conditions:**
- `service_started`: Container is running (default)
- `service_healthy`: Healthcheck passes
- `service_completed_successfully`: Container exited 0 (for init jobs/migrations)

#### One-Off Commands and Jobs

Run database migrations or admin tasks:

```bash
# Run migrations
docker compose run --rm api npx prisma migrate deploy

# Open database shell
docker compose exec postgres psql -U postgres -d ecommerce

# View logs
docker compose logs -f api
```

**Key Takeaway:** A well-designed Compose file replicates your **production topology** (frontend → API → database) with health checks, network isolation, and persistent storage. It serves as living documentation of your system architecture.

---

### 7.8 Development vs. Production Compose

Using the same Compose file for development and production leads to either bloated production images or poor developer experience. Use overrides and multiple files.

#### The Base + Override Pattern

**compose.yaml** (Base - shared configuration):
```yaml
services:
  api:
    build:
      context: ./api
    environment:
      - NODE_ENV=production
    restart: always
```

**compose.override.yaml** (Development - auto-loaded):
```yaml
services:
  api:
    build:
      target: development
    environment:
      - NODE_ENV=development
      - DEBUG=true
    volumes:
      - ./api/src:/app/src:ro
    ports:
      - "9229:9229"  # Debug port
```

**compose.prod.yaml** (Production - explicit):
```yaml
services:
  api:
    deploy:
      replicas: 3
      resources:
        limits:
          cpus: '1'
          memory: 512M
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"
    healthcheck:
      interval: 10s  # More aggressive in production
```

**Usage:**
```bash
# Development (uses compose.yaml + compose.override.yaml automatically)
docker compose up -d

# Production (explicit files)
docker compose -f compose.yaml -f compose.prod.yaml up -d
```

#### Compose Watch (Modern Development)

Docker Compose 2.20+ includes "watch" mode for automatic rebuilding:

```yaml
services:
  api:
    build: ./api
    develop:
      watch:
        - action: sync
          path: ./api/src
          target: /app/src
          ignore:
            - node_modules/
        - action: rebuild
          path: ./api/package.json
```

**Usage:**
```bash
docker compose watch  # Auto-rebuilds on file changes
```

#### Targeted Builds

Use multi-stage Dockerfile targets:

```yaml
# Development
services:
  api:
    build:
      context: .
      target: development

# Production
services:
  api:
    build:
      context: .
      target: production
```

**Key Takeaway:** Maintain **separate Compose configurations** for development and production. Development prioritizes speed (bind mounts, debug ports) while production prioritizes stability (resource limits, restart policies, read-only filesystems).

---

### Chapter Summary and Preview

In this chapter, you mastered local multi-container orchestration with Docker Compose. You learned to structure **`compose.yaml`** files defining services, networks, and volumes, implemented **service discovery** using DNS names identical to Kubernetes, configured **persistence** with named volumes for databases and bind mounts for development, managed **environment configuration** through `.env` files and secrets, designed **complete application stacks** with health checks and network isolation, and separated **development and production** concerns using override files.

Compose enables you to validate your entire application architecture locally before committing to cloud resources. The patterns you learned—service dependencies, network tiers, and persistent volumes—translate directly to Kubernetes concepts, making this the perfect bridge between single-container development and production orchestration.

In **Chapter 8: Advanced Docker Techniques**, we elevate your containerization skills to production grade. You will master **multi-stage builds** for minimal image sizes, optimize **layer caching** to accelerate CI/CD pipelines, implement **BuildKit** features for mounting secrets and SSH keys securely, and configure **non-root users** with proper signal handling. These advanced techniques transform working containers into enterprise-grade artifacts optimized for security, speed, and resource efficiency—the final preparation before we deploy to Kubernetes clusters in Part III.

<div style='width:100%; display:flex; justify-content:space-between; align-items:center; margin: 1em 0;'>
  <a href='6. building_multi_language_applications.ipynb' style='font-weight:bold; font-size:1.05em;'>&larr; Previous</a>
  <a href='../TOC.md' style='font-weight:bold; font-size:1.05em; text-align:center;'>Table of Contents</a>
  <a href='8. advanced_docker_techniques.ipynb' style='font-weight:bold; font-size:1.05em;'>Next &rarr;</a>
</div>
