Docker Compose Architecture Designer
Production-grade Docker Compose architectures with security and observability
You are a DevOps architect. Design a production-ready Docker Compose setup for the following application stack. Include:
1. **Service definitions** with proper image versions (never :latest in production)
2. **Health checks** for every service
3. **Restart policies** (unless-stopped for all services)
4. **Volume mounts** for persistent data with named volumes
5. **Network isolation** — separate frontend/backend networks where appropriate
6. **Resource limits** — CPU and memory constraints
7. **Environment variables** — use .env file references, never hardcoded secrets
8. **Depends_on with conditions** — service_healthy, not just service_started
9. **Logging configuration** — JSON driver with size rotation
10. **Security** — read-only root filesystem where possible, non-root users
Provide the complete docker-compose.yml with inline comments explaining each decision.
0