Dealing with OS/Base images CVEs is quite easier I admit with @docker.com Docker Hardened Images πͺ
Before:
FROM alpine:latest AS final
Damn, a new CVE in alpine:latest that is not fixed yet!
...
π‘What if I replace it by the DHI alpine base image?
After:
FROM dhi.io/alpine-base:3.23 AS final
πͺ
π³ π Docker Compose Tip #37
3 ways to split Compose configs, each works differently!
Override files β project-level merge
extends β service-level inheritance
include β isolated sub-project import
Guide: lours.me/posts/compose-tip-037-include-extends-overrides/
#Docker #Configuration #Compose
You like cagent? You'll love github.com/docker/docke...!
We renamed cagent to Docker Agent to show our commitment. Gordon, our AI assistant is 100% based on it and new shinny toys are in the making.
It's packaged with Docker Desktop 4.63.0.
Another advantage? Now you know how to pronounce it.
π³ π Docker Compose Tip #36
Custom DNS without touching /etc/hosts!
extra_hosts:
- "api.local:192.168.1.100"
- "host.docker:host-gateway"
Perfect for local development!
Learn: lours.me/posts/compose-tip-036-extra-hosts/
#Docker #Compose #Networking #DNS
π³ π Docker Compose Tip #35
β‘ RAM-speed storage with tmpfs!
tmpfs:
- /tmp:size=100M
- /app/cache:size=500M
Fast, secure, self-cleaning!
Guide: lours.me/posts/compose-tip-035-tmpfs-storage/
#Docker #Compose #Performance #Storage
π³ π Docker Compose Tip #34
exec vs run - know the difference!
exec: existing container
run: new container
docker compose exec web bash # Debug running
docker compose run --rm test # One-off task
Details: lours.me/posts/compose-tip-034-exec-vs-run/
#Docker #Compose #Debugging #CLI
AI isnβt going away. So, what actually matters?
Dockerβs Nuno Coração cuts through the noise - from using Claude Code daily to the OpenClaw surge & the latest on Gordon.
Product & engineering are converging fast. If you build software, this is a new era for your role.
π https://bit.ly/3OFrCwn
Gordon, Dockerβs AI Agent.
I personally used a lot the TUI version to develop on CFP.dev and it was really efficient.
Give it a try !
www.docker.com/blog/gordon-...
π³ π Docker Compose Tip #32
Speed up builds with proper .dockerignore!
# .dockerignore
node_modules
.git
*.log
dist
Smaller context = faster builds!
Guide: lours.me/posts/compose-tip-032-build-context-dockerignore/
#Docker #Compose #Performance #Build
π³ π Docker Compose Tip #31
Not every service needs to talk to every other service!
networks:
frontend:
backend:
database:
internal: true
Isolate by tier for better security.
Guide: lours.me/posts/compose-tip-031-network-isolation/
#Docker #Compose #Security #Networking
Want to run a 24/7 AI assistant for WhatsApp - without exposing your whole system?
This post shows how to run NanoClaw (Claude-powered assistant) inside Dockerβs new shell sandbox: isolated microVM, proxy-managed API keys, clean + disposable env.
Read the step-by-step guide β https://bit.ly/3OnpitV
βUsing go fix to modernize Go codeβ by Alan Donovan β https://go.dev/blog/gofix
#golang
Des parents qui ont leur enfant Γ l'ESILV ? De mon point de vue, cette Γ©cole est catastrophique et je cherche des avis concordants ou contraires.
π³ π Docker Compose Tip #30
Modular configs with include!
include:
- path: ./services/database.yml
- path: ./monitoring.yml
- path: ${ENV_CONFIG:-dev.yml}
Keep configurations DRY and reusable.
Learn more: lours.me/posts/compose-tip-030-include/
#Docker #Compose #Configuration #Modular
π³ π Quick poll: Is 5 Docker Compose tips/week too much?
Would you prefer:
β’ Keep 5/week π
β’ Reduce to 3/week π―
β’ Other?
No tips next week, this pause will help me refine the format based on your feedback.
What works for you? π¬
#Docker #Compose
What happens when you ask a coding agent to break out of its sandbox?
On Hanselminutes, Scott Hanselman puts Docker Sandboxes to the test with Docker COO Mark Cavage. MicroVM isolation, agent autonomy, MCP - and a real escape attempt π₯
Watch β www.youtube.com/watch?v=sQh-...
π³ π Docker Compose Tip #29
Principle of least privilege!
cap_drop:
- ALL
cap_add:
- NET_BIND_SERVICE
Drop all capabilities, add only what's needed.
Secure containers properly!
Guide: lours.me/posts/compose-tip-029-container-capabilities/
#Docker #Compose #Security #Linux
π³ π Docker Compose Tip #28
Convert docker run to Compose!
docker run -p 3000:3000 -v ./data:/app myapp
Becomes:
services:
myapp:
image: myapp
ports: ["3000:3000"]
volumes: ["./data:/app"]
Clean & reusable!
Guide: lours.me/posts/compose-tip-028-docker-run-to-compose/
#Docker #Compose
github.com/docker/cagent is Docker's open source Agent Builder and Runtime.
π³ Here's a daily tip just for you!
Want to breeze through those Anthropic outages like itβs nothing? β οΈ
cagent supports fallback models for when a provider fails to respond. π
π³ π Docker Compose Tip #27
Extension fields aren't just for YAML reuse!
x-region: us-east-1
x-kubernetes:
namespace: production
services:
api:
x-owner: api-team
Metadata for tools & platforms!
Guide: lours.me/posts/compose-tip-027-extension-metadata/
#Docker #Kubernetes #Metadata #compose
π³ π Docker Compose Tip #26
Keep services running with smart restart policies!
restart: always | unless-stopped | on-failure | no
Configure automatic recovery from crashes and failures.
Guide: lours.me/posts/compose-tip-026-restart-policies/
#Docker #Reliability #DevOps #compose
github.com/docker/cagent is Docker's open source Agent Builder and Runtime.
What's an AI Agent without Skills?
π³ Here's a daily tip just for you!
Your agent only needs this to support Skills. Whether it's Codex style Skills, Claude style or Agent Skills standard style, we got you covered!
github.com/docker/cagent is Docker's open source Agent Builder and Runtime.
It's very customisable. Use it to build and share any kind of AI Agents. Not just Coding Agents!
π³ Here's a daily tip just for you!
An agent can have its own super fast local RAG in less than 10 lines of yaml.
π€ New blog post: Running Pi coding agent with Tiny Language Models!
Learn how to set up a minimalist AI coding assistant in @docker.com with Devcontainer + Docker Model Runner.
Perfect for local, privacy-friendly AI coding.
π k33g.org/20260205-PI%...
#TinyLLM #CodingAgent #Docker
github.com/docker/cagent is Docker's open source Agent Builder and Runtime. It's very customisable. That make's it my coding agent of choice!
π³ Here's a daily tip just for you!
Use /cost to see the detailed cost of a session.
For devs asking βhow do I run coding agents without breaking my machine?β
Docker Sandboxes are now available.
They use isolated microVMs so agents can install packages, run Docker, and modify configs - without touching your host system.
Read more β https://bit.ly/49QJBH6
π³ π Docker Compose Tip #20
Debug faster with smart logging!
docker compose logs -f --tail 50 api
docker compose logs --since 5m
docker compose logs | grep -i error
Master log commands: lours.me/posts/compose-tip-020-docker-compose-logs/
#Docker #Debugging #Logs
π³ π Docker Compose Tip #19
Seamless local development!
compose.yml + compose.override.yml = automatic merging
Production: docker compose -f compose.yml up
Dev: docker compose up (includes override)
Details: lours.me/posts/compose-tip-019-override-files/
#Docker #Development #DevEx
π³ π Docker Compose Tip #18
Give containers time to clean up!
stop_grace_period: 2m
stop_signal: SIGTERM
Ensures databases close properly, transactions complete, and data saves.
Learn more: lours.me/posts/compose-tip-018-graceful-shutdown/
#Docker #Runtime #Reliability
π³ π Docker Compose Tip #15
Zero-downtime deploys with Traefik π¦
Switch traffic via env vars:
BLUE_ENABLED=false GREEN_ENABLED=true docker compose up -d
Blue/green & instant routing...
Guide π lours.me/posts/compose-tip-015-blue-green-deployments/
#Docker #Traefik #devops
