Setting Up Central Databases with Docker
26 March, 2025 - Rijswijk, Netherlands
In this post, I’ll share my experience setting up central databases using Docker. I’ve chosen to centralize certain databases while keeping others application-specific. Here’s my setup and reasoning.
Database Selection
I’ve centralized the following databases:
- PostgreSQL (with pgWeb and pgAdmin)
- MariaDB (with phpMyAdmin)
- RethinkDB
- CouchDB
Note: I deliberately excluded MongoDB from this central setup. Each application should manage its own MongoDB instance for better isolation and performance.
PostgreSQL Setup
PostgreSQL is my primary relational database, equipped with two management interfaces: pgWeb for quick queries and pgAdmin for comprehensive database management.
# version: '3.8'
networks:
proxy:
external: true
services:
postgres:
image: postgres:alpine
container_name: postgres
restart: always
environment:
POSTGRES_USER: pgweb
POSTGRES_PASSWORD: pgweb
POSTGRES_DB: pgweb
# ports:
# - "5432:5432" # PostgreSQL default port
volumes:
- postgres_data:/var/lib/postgresql/data
pgweb:
image: sosedoff/pgweb:latest
container_name: pgweb
networks:
- default
- proxy
restart: always
environment:
PGWEB_DATABASE_URL: postgres://pgweb:pgweb@postgres:5432/pgweb?sslmode=disable
# ports:
# - "8081:8081" # pgWeb interface
depends_on:
- postgres
pgadmin:
image: dpage/pgadmin4:9.1.0
container_name: pgadmin
networks:
- default
- proxy
restart: always
environment:
PGADMIN_DEFAULT_EMAIL: [email protected]
PGADMIN_DEFAULT_PASSWORD: pgweb
PGADMIN_SERVER_NAME: MyPostgresServer
PGADMIN_SERVER_HOST: pgweb
PGADMIN_SERVER_PORT: 5432
PGADMIN_SERVER_USERNAME: pgweb
PGADMIN_SERVER_PASSWORD: pgweb
# ports:
# - "80:80" # pgAdmin interface
depends_on:
- postgres
volumes:
- pgadmin_data:/var/lib/pgadmin
volumes:
postgres_data:
pgadmin_data:Accessing PostgreSQL Management Interfaces
pgWeb:
- Access at
http://pgweb.localhost:8081 - Lightweight interface for quick queries
- No login required
- Access at
pgAdmin:
- Access at
http://pgadmin.localhost - Full-featured database management
- Login with configured email and password
- Access at
MariaDB Setup
MariaDB serves as an alternative relational database, particularly useful for applications that prefer MySQL compatibility.
# version: '3.8'
networks:
proxy:
external: true
services:
mariadb:
image: mariadb:latest
container_name: mariadb
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: my_password
MYSQL_USER: your_username
MYSQL_PASSWORD: your_password
# ports:
# - "3306:3306" # MariaDB default port
volumes:
- mariadb_data:/var/lib/mysql
phpmyadmin:
image: phpmyadmin/phpmyadmin:latest
container_name: phpmyadmin
networks:
- default
- proxy
restart: unless-stopped
environment:
PMA_HOST: mariadb
PMA_USER: your_username
PMA_PASSWORD: your_password
# ports:
# - "8080:80" # phpMyAdmin interface
depends_on:
- mariadb
volumes:
mariadb_data:Accessing MariaDB Management Interface
- phpMyAdmin:
- Access at
http://phpmyadmin.localhost - Login with configured username and password
- Access at
RethinkDB Setup
RethinkDB is set up for real-time applications requiring live updates and change feeds.
# version: '3.8'
networks:
default:
external: true
name: proxy
services:
rethinkdb:
image: rethinkdb:latest
container_name: rethinkdb
restart: unless-stopped
# ports:
# - "8080:8080" # RethinkDB web interface
# - "28015:28015" # RethinkDB client drivers
# - "29015:29015" # RethinkDB intra-cluster
volumes:
- rethinkdb_data:/data
volumes:
rethinkdb_data:Accessing RethinkDB
- Web interface available at
http://rethinkdb.localhost:8080 - Client drivers connect on port 28015
- Intra-cluster communication on port 29015
CouchDB Setup
CouchDB is configured for document-based storage with built-in replication capabilities.
# version: '3.8'
networks:
default:
external: true
name: proxy
services:
couchdb:
image: couchdb:latest
container_name: couchdb
restart: unless-stopped
# ports:
# - "5984:5984" # CouchDB HTTP API
environment:
COUCHDB_USER: admin
volumes:
- couchdb_data:/opt/couchdb/data
volumes:
couchdb_data:Accessing CouchDB
- Fauxton Interface:
- Access at
http://couchdb.localhost:5984/_utils/ - Login with configured admin credentials
- Access at
Why Not MongoDB?
I’ve deliberately excluded MongoDB from this central setup for several reasons:
Application-Specific Requirements:
- Different applications often need different MongoDB versions
- Performance tuning varies by application
- Schema design is typically application-specific
Resource Management:
- MongoDB can be resource-intensive
- Separate instances allow better resource allocation
- Easier to scale individual applications
Security Considerations:
- Each application can have its own security context
- Reduced risk of cross-application data exposure
- Simpler access control management
Best Practices
Network Security:
- All services are connected to the
proxynetwork - External ports are only exposed when necessary
- Management interfaces are protected behind Nginx Proxy Manager
- All services are connected to the
Data Persistence:
- All databases use named volumes for data storage
- Regular backups are recommended
- Volume management is handled through Docker
Access Control:
- Each service has its own user credentials
- Management interfaces are protected
- Network access is controlled through the proxy
Conclusion
This setup provides a robust foundation for managing multiple database types while maintaining security and performance. The combination of different database types allows for flexibility in choosing the right tool for each application’s needs.
Remember to:
- Regularly backup your data
- Monitor database performance
- Keep your Docker images updated
- Review security settings periodically
Note: This setup can be extended with additional features like monitoring, backup automation, and high availability configurations as needed.