Good day guys,

I have a rather basic question to ask, is the connection between client/server/database inside the docker compose secure?
Secure as in, I dont even need to encrypt the connection between those 3.

And if yes, is it a good idea for production?

Thats all from me. Thank you very much.

By default docker networks provide no transfer encryption/security.

You can try if you can enable transfer encryption by creating a network with the parameter --opt encrypted=true. I am not sure if it works with networks of type bridge (which is the default) or only works with networks of type overlay (which might require the node to be a swarm node, which can be done with docker swarm init)

If the network-level transfer encryption does not work, you will have to enable TLS for your components the same way you would need to enable them without docker.

Appart from that: docker containers are just isolated processes on the host kernel… so what’s unavailablle without docker usualy won’t be magicly available because the process is now run inside an isolated context

Kubernetes on the other hand is able to delegate transport encryption to a service meshs like istio - this option is not available for plain docker.