Table: docker_compose_service - Query Docker Compose Services using SQL
Docker Compose is a tool for defining and managing multi-container Docker applications. It uses YAML files to configure application services and performs the creation and start-up process of all the containers with a single command. Docker Compose Services are the different services defined in the Docker Compose file, which can include settings like build, command, image, and volumes.
Table Usage Guide
The docker_compose_service table provides insights into Docker Compose Services within Docker. As a DevOps engineer, explore service-specific details through this table, including configuration, status, and associated metadata. Utilize it to uncover information about services, such as their current status, the Docker image they're using, and the commands they're running.
Examples
Basic info
Discover the segments that are using the maximum CPU resources in your Docker Compose service. This allows for efficient resource management and aids in identifying potential bottlenecks.
select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_service;select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_service;List CPU configurations of the services
Explore the CPU setup of your services to understand how they are configured and assess whether any adjustments are needed to optimize performance. This can provide valuable insights into potential bottlenecks and areas for improvement in your system.
select name, cpu_count, cpu_percent, cpu_period, cpu_quota, cpu_rt_period, cpu_rt_runtime, cpus, cpu_sharesfrom docker_compose_service;select name, cpu_count, cpu_percent, cpu_period, cpu_quota, cpu_rt_period, cpu_rt_runtime, cpus, cpu_sharesfrom docker_compose_service;List services running under default cgroup
Determine the areas in which Docker services are running under the default cgroup. This is useful for understanding resource allocation and identifying potential areas of optimization.
select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere cgroup_parent is null;select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere cgroup_parent is null;List services that do not have health check configured
Analyze the settings to understand which services are potentially vulnerable due to the absence of a configured health check. This can help in identifying areas that require immediate attention to ensure optimal system health and performance.
select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere health_check is null;select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere health_check is null;List services that do not have logging configured
Discover the segments that lack logging configurations to enhance system transparency and troubleshooting capabilities. This is beneficial in pinpointing areas for potential system improvement and ensuring optimal performance.
select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere logging is null;select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere logging is null;List services with privileged mode enabled for containers
Identify instances where services are running in privileged mode within Docker containers. This enables a comprehensive review of security practices, as running containers in privileged mode may expose them to potential risks.
select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere privileged;select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere privileged = 1;List services with READ ONLY mode enabled for containers
Explore services that have the READ ONLY mode enabled in their container settings. This can be useful to identify potential security measures or limitations within your Docker Compose services.
select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere read_only;select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere read_only;List services where user namespace is unused for containers
Discover the segments that consist of services where the user namespace remains unused for containers. This can be beneficial in identifying potential areas for optimization or troubleshooting in your Docker environment.
select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere user_ns_mode is null;select name, attach, cgroup_parent, cpu_count, cpu_percent, cpusfrom docker_compose_servicewhere user_ns_mode is null;Schema for docker_compose_service
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| annotations | jsonb | Annotations for the service. | |
| attach | boolean | Specifies if containers should be attached to the terminal. | |
| blkio_config | jsonb | Block I/O (BLKIO) configuration for the service. | |
| build | jsonb | Build configuration for the service. | |
| cap_add | jsonb | List of capabilities to add to the container. | |
| cap_drop | jsonb | List of capabilities to drop from the container. | |
| cgroup | text | Cgroup rule to apply to the container. | |
| cgroup_parent | text | Parent cgroup for the container. | |
| command | text | Command for the service containers. | |
| configs | jsonb | List of configurations for the service. | |
| container_name | text | Name of the container. | |
| cpu_count | bigint | Number of CPUs to allocate to the container. | |
| cpu_percent | double precision | CPU utilization limit as a percentage. | |
| cpu_period | bigint | CPU CFS (Completely Fair Scheduler) period. | |
| cpu_quota | bigint | CPU CFS (Completely Fair Scheduler) quota. | |
| cpu_rt_period | bigint | CPU real-time period. | |
| cpu_rt_runtime | bigint | CPU real-time runtime. | |
| cpu_shares | bigint | CPU shares (relative weight) for the container. | |
| cpus | double precision | Number of CPUs to allocate to the container (in fractional form). | |
| cpuset | text | CPUs in which to allow execution (comma-separated list or ranges). | |
| credential_spec | jsonb | Credential specification for the container. | |
| custom_labels | jsonb | Custom labels for the service. | |
| depends_on | jsonb | Dependencies for the service. | |
| deploy | jsonb | Deployment configuration for the service. | |
| device_cgroup_rules | jsonb | List of device cgroup rules for the container. | |
| devices | jsonb | List of devices to add to the container. | |
| dns | jsonb | List of DNS servers for the container. | |
| dns_opts | jsonb | List of DNS options. | |
| dns_search | jsonb | List of DNS search domains. | |
| dockerfile | text | Path to the Dockerfile to use for the container. | |
| domain_name | text | Domain name of the container. | |
| entrypoint | jsonb | Entrypoint for the service containers. | |
| env_file | jsonb | List of environment files to read. | |
| environment | jsonb | Environment variables for the container. | |
| expose | jsonb | List of ports to expose from the container. | |
| extends | jsonb | Configuration that the service extends. | |
| extensions | jsonb | Extensions for the service configuration. | |
| external_links | jsonb | List of external links to other services. | |
| extra_hosts | jsonb | Additional hostnames to resolve inside the container. | |
| group_add | jsonb | List of additional groups for the container. | |
| health_check | jsonb | Health check configuration for the service. | |
| hostname | text | Hostname of the container. | |
| image | text | Docker image for the container. | |
| init | boolean | Specifies if the container should run as an init process. | |
| ipc | text | IPC (Inter-Process Communication) mode for the container. | |
| isolation | text | Isolation technology used for the container. | |
| labels | jsonb | Labels for the service. | |
| links | jsonb | List of links to other services. | |
| log_driver | text | Logging driver for the container. | |
| log_opt | jsonb | Options for the logging driver. | |
| logging | jsonb | Logging configuration for the service. | |
| mac_address | text | MAC address for the container. | |
| mem_limit | bigint | Memory limit for the container. | |
| mem_reservation | bigint | Memory reservation for the container. | |
| mem_swappiness | bigint | Swappiness value for the container. | |
| memswap_limit | bigint | Swap limit for the container. | |
| name | text | Name of the service. | |
| net | text | Network mode for the container. | |
| network_mode | text | Network mode for the service. | |
| networks | jsonb | Network configurations for the service. | |
| oom_kill_disable | boolean | Specifies if OOM (Out-Of-Memory) killer is disabled. | |
| oom_score_adj | bigint | OOM score adjustment for the container. | |
| pid | text | PID (Process ID) namespace for the container. | |
| pids_limit | bigint | PIDS limit for the container. | |
| platform | text | Platform to use for the container. | |
| ports | jsonb | Ports to publish from the container. | |
| privileged | boolean | Specifies if the container should run in privileged mode. | |
| profiles | jsonb | List of profiles associated with the service. | |
| pull_policy | text | Pull policy for the container image. | |
| read_only | boolean | Specifies if the container's root filesystem should be read-only. | |
| restart | text | Restart policy for the service. | |
| runtime | text | Runtime to use for the container. | |
| scale | bigint | Number of replicas to run for the service. | |
| secrets | jsonb | Secrets configuration for the service. | |
| security_opt | jsonb | List of security options for the container. | |
| shm_size | bigint | Size of /dev/shm for the container. | |
| stdin_open | boolean | Specifies if stdin should be kept open for the container. | |
| stop_grace_period | text | Grace period for the container to stop. | |
| stop_signal | text | Signal to stop the container. | |
| sysctls | jsonb | Sysctls configuration for the container. | |
| tmpfs | jsonb | List of tmpfs mounts for the container. | |
| tty | boolean | Specifies if the container should allocate a pseudo-TTY. | |
| ulimits | jsonb | ULimits (resource limits) for the container. | |
| user | text | User to run commands inside the container. | |
| user_ns_mode | text | User namespace mode for the container. | |
| uts | text | UTS namespace for the container. | |
| volume_driver | text | Volume driver to use for the container. | |
| volumes | jsonb | Volumes to mount in the container. | |
| volumes_from | jsonb | List of volumes to mount from other containers. | |
| working_dir | text | Working directory for commands inside the container. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- dockerYou can pass the configuration to the command with the --config argument:
steampipe_export_docker --config '<your_config>' docker_compose_service