Docker Community Forums

Share and learn in the Docker community.

How to enable encryption on a user-defined overlay network?


(Ktwalrus) #1

I read somewhere that encryption for an overlay network had to be enabled by a driver option when creating a new network.

What is the syntax for enabling encryption?

I couldn’t find this in the User Documentation anywhere. Is this option supported in 1.12?


(Blake Mitchell) #2

According to https://github.com/docker/libnetwork/pull/1199#issuecomment-223083351 you do it like this:

docker network created -d overlay --opt secure <nw_name>


(Ktwalrus) #3

Can you find any official documentation on this?

According to this blog, the option is called “encrypted”.

If there is no documentation on this feature, I don’t feel good about using it in production. Maybe this feature didn’t make the cut for 1.12 and it is only “experimental”?


(Ktwalrus) #4

I’m still looking for documentation on this feature…

Can anyone point me to definitive documentation indicating that this feature is supported in GA 1.12?


(Stuartz) #5

You may wish to checkout weave for secure networking. When launched with password creates secure network with local dns to run containers on.


(Nathan Le Claire) #6

@ktwalrus Docs for swarm mode / overlay networking are being worked on here and here. It just takes a while as each change gets meticulous review.