Docker and Docker Compose

info

Full English translation coming soon.

Docker is a containerization platform that allows packaging applications and their dependencies into lightweight and isolated containers.

What is Docker?

A container is a standardized software unit that contains:

• The application itself
• All its dependencies (libraries, runtime, system tools)
• An isolated filesystem
• Environment variables and configuration

Difference with virtual machines:

• Container: Shares the host OS kernel, starts in seconds, very lightweight (~MB)
• VM: Emulates a complete OS, starts in minutes, heavier (~GB)

Docker Compose: Simplified orchestration

Docker Compose is an orchestration tool for defining and managing multi-container applications.

Why Docker Compose?

• Declarative configuration: Everything defined in a compose.yml file
• Grouped management: Start/stop all services with one command
• Automatic networks: Containers communicate easily between them
• Persistent volumes: Simple storage management
• Environment variables: Flexible configuration via .env files

Configuration examples

My Docker Compose stacks are available in the Ansible repository under stacks/. Key examples include:

• Traefik: Advanced reverse proxy with two instances (public and private)
• Photoprism: Application with database (app + DB)
• Mobilizon: Multi-container application with multiple networks
• Vaultwarden: Security-focused configuration

Patterns and best practices

1. External network traefik_network: All services share a common Docker network
2. Traefik labels: Dynamic configuration via Docker labels
3. Environment variables with .env files: Secrets extracted from Compose files
4. Dual exposure: local and production access for each service
5. Restart policies: unless-stopped for resilience
6. Watchtower for monitoring: Watchtower is used only for notifications of available image updates. Updates are performed manually to maintain control over changes. In the Future Homelab, automated update management will be implemented via Renovate Bot integrated directly with Forgejo.

Benefits for a homelab

• Simplicity: Readable and maintainable YAML files
• Performance: Instant service startup, low overhead
• Flexibility: Easy to add/remove services
• Rich ecosystem: Docker Hub with thousands of ready-to-use images

Why not Docker Swarm?

When considering the evolution of my infrastructure, Docker Swarm was evaluated as an alternative to Kubernetes for container orchestration.

Docker Swarm: a tempting but outdated choice

Advantages of Docker Swarm:

• Natively integrated with Docker (no additional installation)
• Simpler configuration than Kubernetes
• Gentler learning curve
• Uses Docker Compose files directly (with some adaptations)
• Less resource-intensive than Kubernetes

Why I didn't choose it:

1. Kubernetes is the industry standard: The vast majority of companies use Kubernetes in production. Learning K8S provides skills directly transferable to the professional world.

2. Ecosystem and community: Kubernetes benefits from a much richer ecosystem (Helm, operators, numerous DevOps tools) and a much larger community.

3. Advanced features: Kubernetes offers capabilities that Docker Swarm doesn't have:

   • More advanced rolling updates and rollbacks
   • Fine-grained resource management (CPU/RAM limits, requests)
   • More elaborate network policies
   • Native GitOps support (ArgoCD, Flux)
   • Better integrated distributed storage (CSI drivers)

4. Evolution and support: Docker Inc. has clearly oriented its development toward Kubernetes rather than Swarm. Swarm is maintained, but no longer evolves much.

5. Learning objective: My goal being to acquire modern DevOps skills, mastering Kubernetes is a better long-term investment.

Conclusion: Although Docker Swarm is simpler and sufficient for many homelabs, I preferred to invest directly in learning Kubernetes, which has become the essential standard for container orchestration.

note

Detailed English translation of this page is in progress.