= The command docker network create -d overlay --secure will not ensure that overlay traffic between service tasks is encrypted. The --secure option is not a valid flag for the docker network create command1. To enable encryption for an overlay network, you need to use the --opt encrypted flag instead23. This will create IPSEC tunnels between the nodes where the service tasks are scheduled, using the AESalgorithm in GCM mode2. You can verify if an overlay network is encrypted by checking if the IPSEC tunnels were created using tools like netstat4. References:
1: docker network create | Docker Docs
2: Encrypt traffic on an overlay network | Docker Docs
3: Overlay network driver | Docker Docs
4: Docker: How to verify if an overlay network is encrypted - Stack Overflow
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit