can anybody weigh in on best practices for securing nodes managed by Docker Cloud? Should I manually set up a firewall (how, so that Docker Cloud still works?) and things like fail2ban in each node, or is this not necessary? Manually configuring nodes this way somewhat defeats the easy scalability you get with Docker Cloud.
Yes, I did Google and search through the docs, but was as yet unable to find useful information.