Hi, After much reading it seems that “secure out-of-the-box” does not include the data I want to send between data centers. I think it is great that the inter-workings of orchestrating the swarm clusters are automatically secure, and that the support for securing my data exchanges is already built in; this makes Docker Swarm the winner for deployment. I can see the justification for defaulting to plain text, as many data centers may already have handled building secure links and not want unneeded overhead of additional encryption.
However, how do I enable it in a compose file? I see the “–opt encrypted” (sometimes referred to --opt secure) in the command line documentation and web search results.
Except, how that maps to the compose file is not obvious. I’ve tried:
- opt: encrypted"
and a few more permutations. So far, I have not been able to determine if the encryption mode is set. I’ve used “docker network inspect” and done some tcpdumps to try to definitively determine if my overlay network is encrypted.
So, I would like to have my overlay network named “backend” encrypted, and, because is seems that syntax errors could silently result in no encryption being enabled, how can I definitively verify that encryption is taking place.