Compose files

More info on docker compose

Resource Limiting

To find out what resources your containers are currently consuming, use docker stats.

Find docker page on resource limiting

Memory Limiting

tl;dr: use mem_limit in a service definition to limit the amount of RAM that service can use at most. For example:

services:
  tome-of-finite-knowledge:
    container_name: tofk
    image: nginx
    restart: unless-stopped
    volumes:
      - /opt/docker/tofk/static:/usr/share/nginx/html
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
    mem_limit: 10m

You may use k, m, g, and (I assume) t as suffixes. If you set this option, it cannot be set any lower than 6MB.

Port access limiting

If you want to limit access to a port forwarded through docker to only a certain network interface (such as a VPN), you may do so with the following port syntax in a Compose file:

ports:
  - "192.168.37.1:8080:8080"

This example will only allow traffic originating from whatever network interface 192.168.37.1 is homed on to access port 8080.

The best way to achieve this kind of blocking though is probably to not expose the port at all, and limit access via a reverse proxy.

Tome of Finite Knowledge

Explorer

Compose files

Resource Limiting

Memory Limiting

Port access limiting

Graph View

Table of Contents

Backlinks