# Reference: Sintassi Network Docker Compose Specifiche tecniche per definire reti in docker-compose.yml. ## Struttura Base ```yaml version: "3.8" networks: network-name: driver: bridge name: actual-network-name ipam: driver: default config: - subnet: 10.0.1.0/24 gateway: 10.0.1.1 services: service-name: image: image:tag networks: - network-name ``` ## Sezione Networks ### Configurazione Minima ```yaml networks: my-network: driver: bridge ``` ### Configurazione Completa ```yaml networks: vpc-public: name: lab02-vpc-public # Nome effettivo della rete driver: bridge # Driver (bridge, overlay) driver_opts: com.docker.network.bridge.name: br-public # Nome bridge host ipam: driver: default config: - subnet: 10.0.1.0/24 gateway: 10.0.1.1 ip_range: 10.0.1.128/25 # (opzionale) Range per container internal: false # (opzionale) Isola rete attachable: false # (opzionale) Permette container esterni labels: # (opzionale) Metadata env: development ``` ### Rete Interna (Privata) ```yaml networks: vpc-private: driver: bridge internal: true # Blocca accesso esterno ipam: config: - subnet: 10.0.2.0/24 gateway: 10.0.2.1 ``` ### Rete Esterna (Preesistente) ```yaml networks: external-network: name: existing-network # Usa rete esistente external: true ``` ## Sezione Services ### Container in Singola Rete ```yaml services: web: image: nginx:alpine networks: - vpc-public ``` ### Container con IP Statico ```yaml services: web: image: nginx:alpine networks: vpc-public: ipv4_address: 10.0.1.10 ``` ### Container in Multiple Reti (Multi-homed) ```yaml services: app: image: myapp:latest networks: vpc-public: ipv4_address: 10.0.1.20 vpc-private: ipv4_address: 10.0.2.20 ``` ### Alias DNS Personalizzati ```yaml services: db: image: postgres:16 networks: vpc-private: aliases: - database - postgres-primary ``` ## Port Publishing (INF-02) ### Sicuro (Locale Only) ```yaml services: web: ports: - "127.0.0.1:8080:80" # Solo localhost (COMPLIANT) - "127.0.0.1:8443:443" ``` ### Non Sicuro (Tutte le Interfacce) ```yaml services: web: ports: - "8080:80" # VIOLA INF-02 (0.0.0.0:8080) - "0.0.0.0:8080:80" # VIOLA INF-02 (esplicito) ``` ### Nessuna Porta (Servizio Privato) ```yaml services: db: # Nessuna sezione ports - completamente privato ``` ## Priorita e Dipendenze ```yaml services: app: image: myapp networks: - vpc-public depends_on: - db db: image: postgres networks: - vpc-private ``` ## Esempio Completo ```yaml version: "3.8" services: web: image: nginx:alpine container_name: lab02-web networks: vpc-public: ipv4_address: 10.0.1.10 ports: - "127.0.0.1:8080:80" restart: unless-stopped app: image: myapp:latest container_name: lab02-app networks: vpc-public: ipv4_address: 10.0.1.20 vpc-private: ipv4_address: 10.0.2.20 ports: - "127.0.0.1:8081:8080" depends_on: - db restart: unless-stopped db: image: postgres:16-alpine container_name: lab02-db environment: POSTGRES_PASSWORD: secret networks: vpc-private: ipv4_address: 10.0.2.10 volumes: - db-data:/var/lib/postgresql/data restart: unless-stopped volumes: db-data: networks: vpc-public: name: lab02-vpc-public driver: bridge ipam: config: - subnet: 10.0.1.0/24 gateway: 10.0.1.1 vpc-private: name: lab02-vpc-private driver: bridge internal: true ipam: config: - subnet: 10.0.2.0/24 gateway: 10.0.2.1 ``` ## Comandi di Verifica ```bash # Valida configurazione docker compose -f docker-compose.yml config # Mostra rete generate docker compose -f docker-compose.yml config | grep -A 20 "Networks:" # Crea rete senza avviare servizi docker compose -f docker-compose.yml up --no-deps --no-start # Ispeziona rete creata docker network inspect lab02-vpc-public ``` ## Troubleshooting ### Subnet Conflicts ```bash # Verifica subnet in uso docker network ls -q | xargs docker network inspect --format '{{.Name}}: {{range .IPAM.Config}}{{.Subnet}}{{end}}' # Cambia subnet nel compose ipam: config: - subnet: 10.0.10.0/24 # Usa CIDR diverso ``` ### Container Non Ottengono IP ```bash # Rimuovi IP statici # (lascia Docker assegnare automaticamente) services: web: networks: - vpc-public # Rimuovi ipv4_address ``` ## Vedi Anche - [Tutorial: Deploy Container](../tutorial/02-deploy-containers-networks.md) - [Reference: Docker Network Commands](./docker-network-commands.md)