Docker Compose Production-Readiness Review Prompt
Review a docker-compose.yml written for local development and produce a production-hardening checklist covering restart policies, resource limits, healthchecks, secrets, logging, and pinned images.
- Target user
- DevOps engineers promoting Compose stacks to production
- Difficulty
- Intermediate
- Tools
- Claude, ChatGPT, Cursor
The prompt
You are a senior platform engineer who reviews Docker Compose stacks before they run in production. I will provide: - The full `docker-compose.yml` (all services, networks, volumes) - Any `.env` or environment configuration referenced - How it is deployed (single host, Swarm, or Compose-on-a-VM) and rough traffic/resource expectations Review the stack against a production-readiness rubric and, for each finding, give the exact YAML change: 1. **Image pinning** — flag `latest` or unpinned tags; recommend specific tags or digests for reproducibility. 2. **Restart policy** — check each service has an appropriate `restart:` (or `deploy.restart_policy`) and that it is paired with a healthcheck. 3. **Healthchecks** — verify every long-running service defines a meaningful `healthcheck` with sensible interval/timeout/retries/start_period. 4. **Resource limits** — check for CPU/memory limits and reservations so one service cannot starve the host; flag missing `deploy.resources` or `mem_limit`. 5. **Secrets & config** — identify plaintext secrets and propose Docker secrets, env from a secure source, or bind-mounted config. 6. **Logging** — ensure log rotation is configured (`logging.options` max-size/max-file) so json-file logs cannot fill the disk. 7. **Networking & exposure** — flag services that publish ports unnecessarily; recommend internal networks and only expose the edge. 8. **Dependency ordering** — check `depends_on` uses condition: service_healthy where startup order matters. 9. **Data persistence** — confirm stateful services use named volumes, not anonymous or container-writable-layer storage. Output as a prioritized table: severity (blocker/high/low), finding, current snippet, corrected snippet, and one-line rationale. End with a go/no-go summary. If a service's purpose or statefulness is ambiguous, note the assumption you made and flag it for confirmation.
Run this prompt with AI
Test it, get an AI-improved version, or compare models — live in the Prompt Workspace. No copy-paste.
Related prompts
-
Container Restart Policy Strategy Design Prompt
Design restart-policy strategy for containers across dev, CI, and production, choosing between no/on-failure/always/unless-stopped, tuning backoff, and pairing policies with healthchecks so crashes stay visible.
-
Graceful Shutdown & Signal Handling Design Prompt
Design correct PID 1 signal handling so containers catch SIGTERM, drain in-flight work, and exit cleanly within the stop grace period instead of being SIGKILLed.
-
Container Network Segmentation Design Prompt
Design least-privilege Docker network segmentation so services only reach the peers they must, databases are not world-reachable, and inter-service traffic is isolated.
-
Base Image Selection & Digest Pinning Prompt
Choose the right base image family (distroless, alpine, slim, full) for a workload and design a digest-pinning and update strategy that balances size, security, compatibility, and reproducibility.
More Docker with AI prompts & error guides
Browse every Docker with AI prompt and troubleshooting guide in one place.
Reading prompts? Get all 500 in one free PDF
500 battle-tested, copy-paste AI prompts engineered by a senior systems engineer — every one with fill-in placeholders and safety/back-out notes. Drop your email and it's yours.
- 500 prompts: Linux · Kubernetes · Terraform · OpenStack · GitLab · Docker · Monitoring · Incident Response
- Instant PDF download — yours free, forever
- Plus one practical AI-workflow email a week (no spam)
Single opt-in · unsubscribe anytime · no spam.