docker-patterns_skill

This skill helps you apply docker and docker-compose patterns for efficient local development, secure containers, and streamlined multi-service orchestration.
  • JavaScript

46.5k

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill affaan-m/everything-claude-code --skill docker-patterns

  • SKILL.md8.0 KB

Overview

This skill provides practical Docker and Docker Compose patterns for local development, secure containers, networking, volume strategies, and multi-service orchestration. It bundles battle-tested configurations and clear anti-patterns to help teams move from ad-hoc Docker setups to reproducible, secure workflows. The guidance emphasizes development vs production distinctions, multi-stage builds, and runtime hardening.

How this skill works

The skill inspects common Dockerfile and docker-compose patterns and recommends concrete changes: multi-stage builds, non-root users, healthchecks, volume strategies, and network segmentation. It explains development overrides, compose file composition for production, and commands for debugging and maintenance. It also identifies security misconfigurations like embedded secrets, :latest tags, and excessive capabilities.

When to use it

  • Setting up Docker Compose for local development with hot-reload and service dependencies
  • Designing multi-container architectures that require service discovery and network isolation
  • Hardening container images and runtime policies before staging or production
  • Troubleshooting container networking, DNS, or volume persistence issues
  • Migrating a local dev workflow to a reproducible container-based CI/CD pipeline

Best practices

  • Use multi-stage Dockerfiles: separate deps, build, dev, and minimal production stages
  • Run processes as a non-root user and pin explicit base image tags (avoid :latest)
  • Keep secrets out of images; use env files or runtime secret mechanisms
  • Expose only needed ports and use custom networks to restrict reachability
  • Use named volumes for persistent data and bind mounts for source code in development
  • Enable healthchecks, read-only root filesystems, and drop unnecessary capabilities

Example use cases

  • Local web app stack with Node, Postgres, Redis and Mail testing using Compose and override files
  • Creating a small production Compose deployment by combining docker-compose.yml with docker-compose.prod.yml
  • Protecting container-installed dependencies from host bind mounts (anonymous volumes for node_modules)
  • Segmenting frontend and backend networks so the database is reachable only by the API service
  • Quickly diagnosing network or DNS issues using nslookup, wget, and docker network inspect

FAQ

Compose is fine for small deployments; for multi-node, scalable production use an orchestrator like Kubernetes, ECS, or Swarm.

How do I keep secrets out of images?

Do not bake secrets into Dockerfiles. Use runtime env files (gitignored), Docker secrets in orchestrators, or a secret manager injected at deploy time.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
docker-patterns skill by affaan-m/everything-claude-code | VeilStrat