Docs / Networking

Workspace private network

Partial — no service discovery API

Services in the same workspace run on a dedicated Docker bridge network (bfc-ws-{workspaceId}). Containers can reach each other by Docker DNS name lc-{serviceId}.

What works

  • Web service → Postgres/Key Value over internal hostname
  • Web service → private service on PORT
  • Isolation from other workspaces' containers

What is not included

  • Private DNS API or automatic service discovery registry
  • Cross-workspace private networking
  • Encrypted overlay beyond Docker network isolation

Pass connection strings and internal hostnames via environment variables.