Can we bind one container per node in swarm, this is for PCI compliance

kartikdockerhub · September 8, 2016, 12:16pm

PCI compliance requires separation of functionality on a per node basis, is it possible to ensure that only one container will be present on a node at any given time under any given eventuality. I can set up an auto scaling group for nodes in AWS but that again does not explicitly guarantee this, I don’t disagree that there is an implicit guarantee…

Please advise.

nathanleclaire · September 13, 2016, 5:41pm

In swarm mode you can set constraints to “stick” service task instances (containers) to nodes with certain properties.

Note the sensitive difference between node labels and engine labels in this regard.

Topic		Replies	Views
Running a container/service on every node (but only 1 per node) Swarm docker , beta	3	19087	November 1, 2016
Question: tie services to the same swarm node (but not to a particular one) Swarm	1	3287	August 7, 2018
Docker 1.12 Swarm Service Limit Number of Tasks Running per Node General	1	2890	October 20, 2016
Docker Swarm: Restrict 2 containers always deployed together on the same Node Swarm docker , swarm	2	3189	January 6, 2021
Defining container placement in Swarm General	2	3451	October 4, 2017

Can we bind one container per node in swarm, this is for PCI compliance

Related topics