DOCKER_OVERLAY.md

Network

We need a global docker network in order to communicate between docker-compose setups on different hosts

Step 1: Install and run Consul (as a key-value storage for docker)

https://www.consul.io/intro/getting-started/install.html

Step 2: Edit docker configuration (on each docker host)

Edit /etc/default/docker

DOCKER_OPTS="-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-advertise <Network Interface of Bridged Network>:2375 --cluster-store consul://consul_host:8500"

Edit /lib/systemd/system/docker.service
Add EnvironmentFile line, then add $DOCKER_OPTS to the next line:

EnvironmentFile=/etc/default/docker  
ExecStart= ... $DOCKER_OPTS -H fd://  

Restart docker.service

sudo service docker restart

Step 3: Create docker network on one host

docker network create -d overlay --subnet=20.1.0.0/16 test_net

Step 4: Run containers

All hosts are able to see that network, so you can run next command on each host.

docker run -dti --net test_net ubuntu

Is this safe? Given that the -H 0.0.0.0:2375 will cause the docker's API to be exposed publicly and perhaps the same thing will happen with the consul_host? (Sorry if the question is stupid..)

Is this safe? Given that the -H 0.0.0.0:2375 will cause the docker's API to be exposed publicly and perhaps the same thing will happen with the consul_host? (Sorry if the question is stupid..)

Hey, never is late xd.

If you are not exposing your docker node to internet it should be safe.