{"id":4274,"date":"2025-08-14T18:19:20","date_gmt":"2025-08-14T15:19:20","guid":{"rendered":"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/docker-swarm\/"},"modified":"2025-08-19T18:49:48","modified_gmt":"2025-08-19T15:49:48","slug":"docker-swarm","status":"publish","type":"docs","link":"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/docker-swarm\/","title":{"rendered":"Docker Swarm"},"content":{"rendered":"\n<p><strong><a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/docker\/\" data-internallinksmanager029f6b8e52c=\"258\" title=\"Docker\">Docker<\/a> Compose<\/strong> \u2014 \u044d\u0442\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u043d\u043e\u0433\u043e\u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0435\u0434\u0438\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 (\u043e\u0431\u044b\u0447\u043d\u043e <code>docker-compose.yml<\/code>). \u041e\u043d \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u0441 \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0432\u0438\u0441\u044f\u0442 \u0434\u0440\u0443\u0433 \u043e\u0442 \u0434\u0440\u0443\u0433\u0430, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440: \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435, \u0431\u0430\u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u0435\u0448 \u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u0438\u0434\u0435\u044f<\/h2>\n\n\n\n<p>\u0412\u043c\u0435\u0441\u0442\u043e \u0442\u043e\u0433\u043e \u0447\u0442\u043e\u0431\u044b \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u0430\u0436\u0434\u044b\u0439 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 \u0438 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0442\u044c \u0438\u0445 \u0441\u0435\u0442\u044c\u044e \u0438 \u0442\u043e\u043c\u0430\u043c\u0438, \u0432\u044b \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0435 \u0432\u0441\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0432 YAML-\u0444\u0430\u0439\u043b\u0435:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u0421\u0435\u0440\u0432\u0438\u0441\u044b<\/strong> (services) \u2014 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b \u0441 \u0443\u043a\u0430\u0437\u0430\u043d\u0438\u0435\u043c \u043e\u0431\u0440\u0430\u0437\u0430 \u0438\u043b\u0438 <code>Dockerfile<\/code>.<\/li>\n\n\n\n<li><strong>\u0421\u0435\u0442\u0438<\/strong> (networks) \u2014 \u043a\u0430\u043a \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u0449\u0430\u0442\u044c\u0441\u044f \u0434\u0440\u0443\u0433 \u0441 \u0434\u0440\u0443\u0433\u043e\u043c.<\/li>\n\n\n\n<li><strong>\u0422\u043e\u043c\u0430<\/strong> (volumes) \u2014 \u043a\u0443\u0434\u0430 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044e\u0442\u0441\u044f \u0434\u0430\u043d\u043d\u044b\u0435.<\/li>\n\n\n\n<li><strong>\u041f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f<\/strong> (environment) \u2014 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u0430.<\/li>\n\n\n\n<li><strong>\u041f\u043e\u0440\u0442\u044b<\/strong> (ports) \u2014 \u043c\u0430\u043f<a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/ping\/\" data-internallinksmanager029f6b8e52c=\"326\" title=\"Ping\">\u043f\u0438\u043d\u0433<\/a> \u043c\u0435\u0436\u0434\u0443 \u0445\u043e\u0441\u0442\u043e\u043c \u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u043c.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u041f\u0440\u0438\u043c\u0435\u0440 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>version: \"3.9\"\nservices:\n  app:\n    build: .\n    ports:\n      - \"8080:8080\"\n    environment:\n      DB_HOST: db\n      DB_USER: appuser\n    depends_on:\n      - db\n  db:\n    image: postgres:16-alpine\n    environment:\n      POSTGRES_USER: appuser\n      POSTGRES_PASSWORD: secret\n      POSTGRES_DB: appdb\n    volumes:\n      - db_data:\/var\/lib\/postgresql\/data\n\nvolumes:\n  db_data:\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u041a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u0411\u044b\u0441\u0442\u0440\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u0439<\/strong><br><code>docker compose up -d<\/code> \u2014 \u0438 \u0432\u0441\u0451 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u043d\u0438\u043c\u0430\u0435\u0442\u0441\u044f \u0437\u0430 \u043e\u0434\u0438\u043d \u0448\u0430\u0433.<\/li>\n\n\n\n<li><strong>\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430<\/strong><br>\u041b\u0435\u0433\u043a\u043e \u044d\u043c\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0434\u0430\u043a\u0448\u043d-\u0441\u0440\u0435\u0434\u0443 \u0443 \u043a\u0430\u0436\u0434\u043e\u0433\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430.<\/li>\n\n\n\n<li><strong>\u0412\u0435\u0440\u0441\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438<\/strong><br>\u0424\u0430\u0439\u043b <code>docker-compose.yml<\/code> \u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0432 Git, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u043c\u043e\u0439.<\/li>\n\n\n\n<li><strong>\u0418\u0437\u043e\u043b\u044f\u0446\u0438\u044f \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u0439<\/strong><br>\u041a\u0430\u0436\u0434\u043e\u0435 \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u0435 (dev, test, stage) \u043c\u043e\u0436\u0435\u0442 \u0438\u043c\u0435\u0442\u044c \u0441\u0432\u043e\u0439 compose-\u0444\u0430\u0439\u043b \u0438\u043b\u0438 override.<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u041f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u0440\u0438\u0451\u043c\u044b<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Override-\u0444\u0430\u0439\u043b\u044b<\/strong> (<code>docker-compose.override.yml<\/code>) \u2014 \u0434\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u0432 dev-\u0440\u0435\u0436\u0438\u043c\u0435 (\u043c\u0430\u043f\u043f\u0438\u043d\u0433 \u0438\u0441\u0445\u043e\u0434\u043d\u0438\u043a\u043e\u0432, hot-reload).<\/li>\n\n\n\n<li><strong>.env \u0444\u0430\u0439\u043b<\/strong> \u2014 \u0432\u044b\u043d\u043e\u0441 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f.<\/li>\n\n\n\n<li><strong>\u041f\u0440\u043e\u0444\u0438\u043b\u0438 (profiles)<\/strong> \u2014 \u0437\u0430\u043f\u0443\u0441\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0443\u0436\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 (<code>docker compose --profile debug up<\/code>).<\/li>\n\n\n\n<li><strong>\u041c\u0443\u043b\u044c\u0442\u0438-stage build<\/strong> \u0432 \u0441\u0432\u044f\u0437\u043a\u0435 \u0441 Compose \u0434\u043b\u044f \u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u043e\u0431\u0440\u0430\u0437\u043e\u0432.<\/li>\n\n\n\n<li><strong>\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432<\/strong>: <code>docker compose -f docker-compose.yml -f docker-compose.prod.yml up<\/code><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Docker Swarm<\/strong> \u2014 \u043c\u043e\u0436\u043d\u043e \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0443\u0437\u043b\u0430\u0445 \u0441 \u0442\u0435\u043c\u0438 \u0436\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0430\u043c\u0438.<\/li>\n\n\n\n<li><strong><a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/gitlab-ci-cd\/\" data-internallinksmanager029f6b8e52c=\"372\" title=\"GitLab CI\/CD (\u041d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u0430\u044f \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0430 \u0432 GitLab)\">CI\/CD<\/a><\/strong> \u2014 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0437\u0430\u043f\u0443\u0441\u043a Compose-\u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0442\u0435\u0441\u0442\u043e\u0432.<\/li>\n\n\n\n<li><strong><a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/kubernetes\/\" data-internallinksmanager029f6b8e52c=\"259\" title=\"Kubernetes (K8s)\">Kubernetes<\/a><\/strong> \u2014 \u0447\u0435\u0440\u0435\u0437 \u0443\u0442\u0438\u043b\u0438\u0442\u044b \u0442\u0438\u043f\u0430 Kompose \u043c\u043e\u0436\u043d\u043e \u043a\u043e\u043d\u0432\u0435\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c <code>docker-compose.yml<\/code> \u0432 \u043c\u0430\u043d\u0438\u0444\u0435\u0441\u0442\u044b K8s.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0438 \u0443\u0434\u043e\u0431\u0441\u0442\u0432\u043e<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u041d\u0435 \u0445\u0440\u0430\u043d\u0438\u0442\u0435 \u043f\u0430\u0440\u043e\u043b\u0438 \u043f\u0440\u044f\u043c\u043e \u0432 YAML \u2014 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 <code>.env<\/code> \u0438\u043b\u0438 \u0441\u0435\u043a\u0440\u0435\u0442\u044b (<code>docker secrets<\/code>).<\/li>\n\n\n\n<li>\u0414\u043b\u044f production \u043b\u0443\u0447\u0448\u0435 \u0440\u0430\u0437\u0434\u0435\u043b\u044f\u0442\u044c \u043e\u0431\u0440\u0430\u0437\u044b \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0438, \u0438\u0437\u0431\u0435\u0433\u0430\u044f dev-\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0432 \u0440\u0430\u043d\u0442\u0430\u0439\u043c\u0435.<\/li>\n\n\n\n<li>\u041c\u043e\u043d\u0438\u0442\u043e\u0440\u044c\u0442\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0431\u0440\u0430\u0437\u043e\u0432 \u0438 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043f\u0435\u0440\u0435\u0441\u043e\u0431\u0438\u0440\u0430\u0439\u0442\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u0414\u043b\u044f \u0447\u0435\u0433\u043e \u044d\u0442\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0443<\/h2>\n\n\n\n<p>Compose \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f <strong>\u043f\u0440\u043e\u0437\u0440\u0430\u0447\u043d\u043e\u0439, \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u043c\u043e\u0439 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0439<\/strong>. \u041a\u043b\u0438\u0435\u043d\u0442 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u0441\u0440\u0435\u0434\u0443, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0434\u043d\u044f\u0442\u044c \u043d\u0430 \u043b\u044e\u0431\u043e\u043c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435 \u0438\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0437\u0430 \u043c\u0438\u043d\u0443\u0442\u044b, \u0431\u0435\u0437 \u00ab\u0441\u044e\u0440\u043f\u0440\u0438\u0437\u043e\u0432\u00bb \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u0445. \u042d\u0442\u043e \u0441\u043e\u043a\u0440\u0430\u0449\u0430\u0435\u0442 \u0432\u0440\u0435\u043c\u044f \u043d\u0430 \u0440\u0430\u0437\u0432\u0451\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435, \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u043e\u043d\u0431\u043e\u0440\u0434\u0438\u043d\u0433 \u043d\u043e\u0432\u044b\u0445 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0438 \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u0447\u0435\u043b\u043e\u0432\u0435\u0447\u0435\u0441\u043a\u0438\u0439 \u0444\u0430\u043a\u0442\u043e\u0440.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>\u0412\u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043a\u0442\u043d\u044b\u0439 \u043f\u0440\u043e\u0434\u0430\u043a\u0448\u043d\u2011\u0448\u0430\u0431\u043b\u043e\u043d <code>docker-compose.yml<\/code> \u0441 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u043d\u044b\u043c\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, healthcheck, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0438 \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438. \u041f\u043e\u0434\u043e\u0439\u0434\u0451\u0442 \u043a\u0430\u043a \u0431\u0430\u0437\u0438\u0441 \u0434\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 \u0432\u0435\u0431\u2011\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 (web + db + reverse\u2011proxy).<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>version: \"3.9\"\n\nx-common-env: &amp;common_env\n  TZ: \"UTC\"\n  APP_ENV: \"production\"\n  # \u0441\u0435\u043a\u0440\u0435\u0442\u044b\/\u043f\u0430\u0440\u043e\u043b\u0438 \u2014 \u0447\u0435\u0440\u0435\u0437 .env \u0438\u043b\u0438 secrets, \u0430 \u043d\u0435 \u0432 YAML\n\nx-common-deploy: &amp;common_deploy\n  restart: always\n  # \u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 (\u043f\u0440\u0438\u043c\u0435\u0440\u043d\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u2014 \u043f\u043e\u0434\u0431\u0435\u0440\u0438\u0442\u0435 \u043f\u043e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0435)\n  deploy:\n    resources:\n      limits:\n        cpus: \"1.0\"\n        memory: \"512M\"\n      reservations:\n        cpus: \"0.25\"\n        memory: \"256M\"\n\nnetworks:\n  edge:\n    driver: bridge\n  backend:\n    driver: bridge\n    internal: true   # \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0438\u0437\u0432\u043d\u0435 \u0445\u043e\u0441\u0442\u0430\n\nvolumes:\n  db_data:\n  caddy_data:    # \u0434\u043b\u044f certmagic (\u0430\u0432\u0442\u043e<a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/certificate-pinning\/\" data-internallinksmanager029f6b8e52c=\"284\" title=\"Certificate Pinning (\u0417\u0430\u0449\u0438\u0442\u0430 \u043a\u0430\u043d\u0430\u043b\u0430 \u0441\u0432\u044f\u0437\u0438)\">\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b<\/a>)\n  caddy_config:\n\nsecrets:\n  db_password:\n    file: .\/secrets\/db_password.txt\n\nservices:\n  reverse-proxy:\n    image: caddy:2.8\n    command: caddy run --config \/etc\/caddy\/Caddyfile --adapter caddyfile\n    ports:\n      - \"80:80\"\n      - \"443:443\"\n    environment:\n      &lt;&lt;: *common_env\n    volumes:\n      - .\/ops\/caddy\/Caddyfile:\/etc\/caddy\/Caddyfile:ro\n      - caddy_data:\/data\n      - caddy_config:\/config\n    depends_on:\n      - web\n    networks:\n      - edge\n      - backend\n    &lt;&lt;: *common_deploy\n    healthcheck:\n      test: &#91;\"CMD-SHELL\", \"wget -qO- http:\/\/web:8080\/health || exit 1\"]\n      interval: 30s\n      timeout: 5s\n      retries: 3\n\n  web:\n    build:\n      context: .\n      dockerfile: Dockerfile\n      target: runtime     # \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 multi-stage build\n    environment:\n      &lt;&lt;: *common_env\n      DATABASE_HOST: db\n      DATABASE_USER: app_user\n      DATABASE_PASSWORD_FILE: \/run\/secrets\/db_password\n      DATABASE_NAME: app\n      # \u041b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\n      LOG_LEVEL: info\n    secrets:\n      - db_password\n    expose:\n      - \"8080\"            # \u0432\u0438\u0434\u0438\u043c \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0441\u0435\u0442\u0438 backend\n    depends_on:\n      db:\n        condition: service_healthy\n    networks:\n      - backend\n    &lt;&lt;: *common_deploy\n    healthcheck:\n      test: &#91;\"CMD\", \"curl\", \"-fsS\", \"http:\/\/localhost:8080\/health\"]\n      interval: 20s\n      timeout: 3s\n      retries: 5\n\n  db:\n    image: postgres:16-alpine\n    environment:\n      &lt;&lt;: *common_env\n      POSTGRES_DB: app\n      POSTGRES_USER: app_user\n      POSTGRES_PASSWORD_FILE: \/run\/secrets\/db_password\n      # \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0434\u0435\u0444\u043e\u043b\u0442\u044b: \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u0435 \u0430\u0432\u0442\u043e\u2011\u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u044d\u043a\u0441\u0442\u0435\u043d\u0448\u0435\u043d\u043e\u0432, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u044c\u0442\u0435 \u043b\u043e\u043a\u0430\u043b\u0438 \u0438 \u0442.\u043f. \u2014 \u043f\u043e \u043d\u0443\u0436\u0434\u0435\n    secrets:\n      - db_password\n    volumes:\n      - db_data:\/var\/lib\/postgresql\/data\n    expose:\n      - \"5432\"            # \u0442\u043e\u043b\u044c\u043a\u043e \u0432 backend\n    networks:\n      - backend\n    &lt;&lt;: *common_deploy\n    healthcheck:\n      test: &#91;\"CMD-SHELL\", \"pg_isready -U app_user -d app -h localhost\"]\n      interval: 15s\n      timeout: 5s\n      retries: 5\n    # \u0414\u043e\u043f. \u0437\u0430\u0449\u0438\u0442\u0430: read_only &amp; tmpfs (\u0441\u043b\u043e\u0436\u043d\u043e \u0441 \u0411\u0414, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 \u043d\u0430 stateless-\u0441\u0435\u0440\u0432\u0438\u0441\u0430\u0445)\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">\u0424\u0430\u0439\u043b <code>ops\/caddy\/Caddyfile<\/code> (\u043f\u0440\u0438\u043c\u0435\u0440 \u0441 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c TLS \u0438 \u043f\u0440\u043e\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c)<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>example.com, www.example.com {\n\tencode zstd gzip\n\tlog {\n\t\toutput stdout\n\t\tformat json\n\t}\n\thandle_path \/health {\n\t\trespond 200\n\t}\n\treverse_proxy web:8080 {\n\t\thealth_uri \/health\n\t\ttrusted_proxies 10.0.0.0\/8 172.16.0.0\/12 192.168.0.0\/16\n\t}\n\t# \u0431\u0430\u0437\u043e\u0432\u044b\u0435 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\n\theader {\n\t\tStrict-Transport-Security \"max-age=31536000; includeSubDomains; preload\"\n\t\tX-Content-Type-Options \"nosniff\"\n\t\tReferrer-Policy \"no-referrer\"\n\t\tX-Frame-Options \"DENY\"\n\t}\n}\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043a \u043f\u0440\u043e\u0434\u0430\u043a\u0448\u043d\u2011\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u0421\u0435\u043a\u0440\u0435\u0442\u044b<\/strong>: \u0445\u0440\u0430\u043d\u0438\u0442\u0435 \u0432 <code>.\/secrets\/\u2026<\/code>, \u0434\u043e\u0441\u0442\u0443\u043f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u044c\u0442\u0435 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u041e\u0421. \u0414\u043b\u044f \u043e\u0431\u043b\u0430\u043a\u0430 \u2014 \u043b\u0443\u0447\u0448\u0435 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432 (AWS\/GCP\/Azure).<\/li>\n\n\n\n<li><strong>.env<\/strong>: \u0432\u044b\u043d\u043e\u0441\u0438\u0442\u0435 \u043d\u0435 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b (\u043f\u043e\u0440\u0442\u044b, \u0444\u043b\u0430\u0433\u0438 \u0444\u0438\u0447). \u041d\u0435 \u043b\u0435\u043f\u0438\u0442\u0435 \u0442\u0443\u0434\u0430 \u043f\u0430\u0440\u043e\u043b\u0438.<\/li>\n\n\n\n<li><strong>\u041e\u0431\u0440\u0430\u0437\u044b<\/strong>: \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 multi\u2011stage builds, distroless\/\u2011slim; \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0439\u0442\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043e\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f (<code>USER<\/code>).<\/li>\n\n\n\n<li><strong>\u041b\u043e\u0433\u0438<\/strong>: JSON\u2011\u0444\u043e\u0440\u043c\u0430\u0442; \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u0443\u0439\u0442\u0435 \u0441\u0431\u043e\u0440 (ELK\/Vector\/Loki) \u0447\u0435\u0440\u0435\u0437 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043b\u0438 sidecar\/\u0430\u0433\u0435\u043d\u0442\u044b.<\/li>\n\n\n\n<li><strong>\u0417\u0434\u043e\u0440\u043e\u0432\u044c\u0435<\/strong>: \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0439\u0442\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0435 <code>health<\/code>\u2011\u044d\u043d\u0434\u043f\u043e\u0439\u043d\u0442\u044b \u043d\u0430 web; \u0434\u043b\u044f \u0411\u0414 \u2014 <code>pg_isready<\/code>\/<code>mysqladmin ping<\/code>.<\/li>\n\n\n\n<li><strong>\u0421\u0435\u0442\u0438<\/strong>: \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u043f\u043e\u0440\u0442\u044b \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0439\u0442\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 reverse\u2011proxy. \u0412\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0434\u0435\u0440\u0436\u0438\u0442\u0435 \u0432 <code>internal<\/code> \u0441\u0435\u0442\u0438.<\/li>\n\n\n\n<li><strong>\u0420\u0435\u0437\u0435\u0440\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435<\/strong>: <a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/disaster-recovery\/\" data-internallinksmanager029f6b8e52c=\"238\" title=\"Disaster Recovery (\u0410\u0432\u0430\u0440\u0438\u0439\u043d\u043e\u0435 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435)\">\u0431\u044d\u043a\u0430\u043f\u044b<\/a> \u0411\u0414 \u0432\u043d\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0442\u0435\u0441\u0442\u044b \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f (<a href=\"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/backup\/\" data-internallinksmanager029f6b8e52c=\"228\" title=\"Backup (\u0420\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0435 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435)\">backup<\/a> verification).<\/li>\n\n\n\n<li><strong>\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f<\/strong>: \u043f\u0435\u0440\u0435\u0441\u043e\u0431\u0438\u0440\u0430\u0439\u0442\u0435 \u043e\u0431\u0440\u0430\u0437\u044b \u043d\u0430 \u043f\u0430\u0442\u0447\u0438 \u0431\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u0441\u043b\u043e\u044f; \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0439\u0442\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 digest (<code>image@sha256:\u2026<\/code>).<\/li>\n\n\n\n<li><strong>\u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c<\/strong>: \u0432\u043a\u043b\u044e\u0447\u0430\u0439\u0442\u0435 <code>readonly<\/code> \u0438 <code>tmpfs<\/code> \u0434\u043b\u044f stateless\u2011\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432, <code>no-new-privileges<\/code>, <code>cap_drop: [\"ALL\"]<\/code> (\u0433\u0434\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e).<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n","protected":false},"featured_media":0,"parent":2927,"menu_order":199,"comment_status":"open","ping_status":"closed","template":"","doc_tag":[],"class_list":["post-4274","docs","type-docs","status-publish","hentry"],"comment_count":0,"_links":{"self":[{"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/4274","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/types\/docs"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/comments?post=4274"}],"version-history":[{"count":1,"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/4274\/revisions"}],"predecessor-version":[{"id":4297,"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/4274\/revisions\/4297"}],"up":[{"embeddable":true,"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/2927"}],"next":[{"title":"CRI-O (Container Runtime)","link":"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/cri-o\/","href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/4298"}],"prev":[{"title":"Penetration Test (\u041f\u0435\u043d\u0442\u0435\u0441\u0442)","link":"https:\/\/cloudvps.by\/community\/docs\/glossarij\/terminy\/penetration-test\/","href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/docs\/4240"}],"wp:attachment":[{"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/media?parent=4274"}],"wp:term":[{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/cloudvps.by\/community\/wp-json\/wp\/v2\/doc_tag?post=4274"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}