W.r.t. this link Manage sensitive data with Docker secrets
It says that Docker secrets are only available to swarm services, not to standalone containers. and it is indeed true. If I try to create a secret on a machine on which no swarm has been instantiated I get
$ docker secret ls Error response from daemon: This node is not a swarm manager. Use "docker swarm init" or "docker swarm join" to connect this node to swarm and try again. $ openssl rand -base64 20 | docker secret create my_secret - Error response from daemon: This node is not a swarm manager. Use "docker swarm init" or "docker swarm join" to connect this node to swarm and try again.
However the page has a section Use Secrets in Compose at the end. And when I try to run that file there is no error from Docker.
$ docker-compose up -d Creating network "wordpress_default" with the default driver Creating wordpress_db_1 ... done Creating wordpress_wordpress_1 ... done
and the secrets do exist!
$ docker exec -it wordpress_db_1 /bin/bash root@f0171d97098a:/# ls /run/secrets db_password db_root_password
Could someone explain this please? How is this possible? Docker compose by definition is not a swarm