Home Explore Blog CI



docker
3rd chunk of `content/get-started/docker-concepts/running-containers/overriding-container-defaults.md`
53d9f7398e2f350c91e4e9f280845fa8d587f4aef9cd2a04000000010000092e
    $ docker run -d -e POSTGRES_PASSWORD=secret -p 5434:5432 --network mynetwork postgres
    ```

    This will start Postgres container in the background, mapped to the host port 5434 and attached to the `mynetwork` network. You passed the `--network` parameter to override the container default by connecting the container to custom Docker network for better isolation and communication with other containers. You can use `docker network inspect` command to see if the container is tied to this new bridge network.


    > **Key difference between default bridge and custom networks**
    >
    > 1. DNS resolution: By default, containers connected to the default bridge network can communicate with each other, but only by IP address. (unless you use `--link` option which is considered legacy). It is not recommended for production use due to the various [technical shortcomings](/engine/network/drivers/bridge/#differences-between-user-defined-bridges-and-the-default-bridge). On a custom network, containers can resolve each other by name or alias.
    > 2. Isolation: All containers without a `--network` specified are attached to the default bridge network, hence can be a risk, as unrelated containers are then able to communicate. Using a custom network provides a scoped network in which only containers attached to that network are able to communicate, hence providing better isolation.

### Manage the resources

By default, containers are not limited in their resource usage. However, on shared systems, it's crucial to manage resources effectively. It's important not to let a running container consume too much of the host machine's memory.

This is where the `docker run` command shines again. It offers flags like `--memory` and `--cpus` to restrict how much CPU and memory a container can use.

```console
$ docker run -d -e POSTGRES_PASSWORD=secret --memory="512m" --cpus=".5" postgres
```

The `--cpus` flag specifies the CPU quota for the container. Here, it's set to half a CPU core (0.5) whereas the `--memory` flag specifies the memory limit for the container. In this case, it's set to 512 MB.

### Override the default CMD and ENTRYPOINT in Docker Compose



Sometimes, you might need to override the default commands (`CMD`) or entry points (`ENTRYPOINT`) defined in a Docker image, especially when using Docker Compose.
Title: Managing Container Resources and Overriding Defaults
Summary
This section details how to connect a Postgres container to a custom network using the `--network` flag, enabling better isolation and DNS resolution by container name. It also highlights the importance of managing container resources on shared systems and demonstrates how to use the `--memory` and `--cpus` flags to limit container resource usage. Finally, it introduces the concept of overriding default `CMD` and `ENTRYPOINT` in Docker Compose.