Docker Environment Variables
Applications usually require configuration.
For example:
- database passwords
- API keys
- ports
- debug settings
- application modes
- database hostnames
Hardcoding these values directly into applications is dangerous and inflexible.
Docker commonly solves this problem using:
environment variables
Environment variables are one of the most important concepts in containerized applications.
Modern infrastructure depends heavily on them.
What Are Environment Variables?
Environment variables are key-value pairs available to processes.
Example:
DATABASE_HOST=db
PORT=3000
NODE_ENV=production
Applications can read these values during runtime.
This allows behavior to change without modifying application code.
Why Environment Variables Matter
Imagine a backend API.
In development:
Database Host = localhost
In production:
Database Host = production-db-server
Instead of changing code manually:
Application
↓
Reads Environment Variables
This makes applications:
- portable
- configurable
- reusable
This became a major principle of cloud-native infrastructure.
Environment Variables in Docker
Docker allows passing variables directly into containers.
Example:
docker run -e APP_ENV=production nginx
Syntax:
-e KEY=value
Docker injects the variable into the container environment.
Real-World Example
Database container example:
docker run \
-e POSTGRES_USER=admin \
-e POSTGRES_PASSWORD=secret \
postgres
The PostgreSQL container reads these variables during startup.
Simplified model:
Docker Variables
↓
Container Environment
↓
Application Configuration
This pattern is extremely common.
Viewing Environment Variables
To inspect container environment variables:
docker inspect container-name
Or inside the container:
env
Example:
POSTGRES_USER=admin
POSTGRES_PASSWORD=secret
Applications access these variables internally.
Environment Variables vs Hardcoded Configuration
Without environment variables:
Edit Application Files
↓
Rebuild Application
↓
Redeploy Everything
With environment variables:
Change Runtime Configuration
↓
Restart Container
This dramatically improves flexibility.
Why Containers Rely Heavily on Environment Variables
Containers are designed to be portable.
The same image might run on:
- local development machine
- testing environment
- cloud server
- Kubernetes cluster
Each environment may require different configuration.
Environment variables allow:
Same Image
↓
Different Runtime Configuration
without rebuilding the image.
Example: Node.js Application
Example container:
docker run \
-e PORT=3000 \
-e NODE_ENV=production \
my-node-app
The Node.js application reads configuration dynamically during startup.
This makes deployments much easier.
Database Connection Example
Very common backend pattern:
Frontend
↓
Backend API
↓
Database
Backend container variables:
DB_HOST=db
DB_PORT=5432
DB_USER=admin
DB_PASSWORD=secret
Now the backend can connect dynamically.
No hardcoded database configuration required.
.env Files
Managing many variables manually becomes messy.
Docker supports environment files.
Example:
.env
Content:
DB_USER=admin
DB_PASSWORD=secret
APP_ENV=production
Used with:
docker run --env-file .env my-app
This simplifies configuration management significantly.
Environment Variables in Docker Compose
Docker Compose heavily relies on environment variables.
Example:
services:
app:
image: my-app
environment:
- APP_ENV=production
- DB_HOST=db
Or:
env_file:
- .env
This becomes extremely important in multi-container environments.
Sensitive Information
Environment variables often contain secrets:
- passwords
- API keys
- tokens
Example:
DATABASE_PASSWORD
JWT_SECRET
API_KEY
This creates important security concerns.
Why Secrets Management Matters
Many beginners accidentally expose secrets.
For example:
Commit .env file to GitHub
This is a very common security mistake.
Modern infrastructure often uses dedicated secret management systems.
Examples:
- Docker Secrets
- Kubernetes Secrets
- Vault
- cloud secret managers
Environment Variables Are Visible
Important security detail:
Environment variables are not encrypted
Processes and administrators may be able to inspect them.
This is why highly sensitive systems often require more advanced secret handling approaches.
Build-Time vs Runtime Configuration
Important distinction:
Build-Time
vs:
Runtime
Environment variables usually belong to:
runtime configuration
This allows:
Same Image
↓
Different Environments
without rebuilding.
This separation is foundational in modern deployment systems.
Common Beginner Mistake
One common beginner mistake is hardcoding configuration directly into images.
Example:
Database Password Inside Image
This creates:
- security risks
- inflexible deployments
- rebuild requirements
Modern infrastructure prefers runtime configuration through environment variables.
Infrastructure Thinking
Environment variables became one of the foundations of cloud-native systems.
Applications increasingly follow this model:
Code
+
External Configuration
This improves:
- portability
- automation
- deployment flexibility
- scalability
Container orchestration systems heavily rely on this principle.
Why This Matters
Understanding environment variables is critical before learning:
- Docker Compose
- Dockerfiles
- Kubernetes
- CI/CD systems
- cloud-native deployments
- secrets management
Modern infrastructure depends heavily on dynamic runtime configuration.
Key Takeaways
- Environment variables provide runtime configuration
- Containers commonly use variables for application setup
- The same image can behave differently using different variables
.envfiles simplify configuration management- Sensitive values require careful handling
- Modern infrastructure separates code from configuration
- Environment variables improve portability and flexibility
- Runtime configuration is foundational in cloud-native systems