Vous êtes ici : Formations en Ligne Gratuites » Catalogue » workbooks » DOF600 - Prérequis » DOE600 - Course Presentation » DOF606 - Overlay Network Management with Docker in Swarm Mode

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Les deux révisions précédentesRévision précédente
elearning:workbooks:docker3:en:dre05 [2023/12/27 08:32] adminelearning:workbooks:docker3:en:dre05 [2023/12/27 08:34] (Version actuelle) admin
Ligne 42: Ligne 42:
 Traffic linked to the management of swarm services is encrypted by default using the AES algorithm in GCM mode. In order to encrypt application-related data traffic, it is possible to use the **--opt encrypted** option when creating the overlay network. In this case, Docker creates IPSEC tunnels between each node using the same algorithm as the swarm services traffic. There is therefore a performance degradation to be assessed before going into production. In both cases the keys are changed every 12 hours (see [[https://www.vaultproject.io/docs/internals/rotation.html]]) Traffic linked to the management of swarm services is encrypted by default using the AES algorithm in GCM mode. In order to encrypt application-related data traffic, it is possible to use the **--opt encrypted** option when creating the overlay network. In this case, Docker creates IPSEC tunnels between each node using the same algorithm as the swarm services traffic. There is therefore a performance degradation to be assessed before going into production. In both cases the keys are changed every 12 hours (see [[https://www.vaultproject.io/docs/internals/rotation.html]])
  
-<WRAP centre round important 50%>+<WRAP center round important 50%>
 **CAUTION**: Encryption of application-related data is not compatible with Windows(tm). When connecting the Windows(tm) node to an encrypted overlay network, no errors will be reported. However the node will be unable to communicate. **CAUTION**: Encryption of application-related data is not compatible with Windows(tm). When connecting the Windows(tm) node to an encrypted overlay network, no errors will be reported. However the node will be unable to communicate.
 </WRAP> </WRAP>
Ligne 185: Ligne 185:
 </code> </code>
  
-<WRAP centre round info 50%>+<WRAP center round info 50%>
 **Info**: The **docker_gwbridge** network connects the **ingress** network to the host's network adapter and therefore connects the Docker daemon to the other Docker daemons participating in swarm. **Info**: The **docker_gwbridge** network connects the **ingress** network to the host's network adapter and therefore connects the Docker daemon to the other Docker daemons participating in swarm.
 </WRAP> </WRAP>
Ligne 790: Ligne 790:
 </code> </code>
  
-<WRAP centre round important 50%>+<WRAP center round important 50%>
 **Important**: Note that the **test-net** network has not been created. **Important**: Note that the **test-net** network has not been created.
 </WRAP> </WRAP>
Ligne 819: Ligne 819:
 </code> </code>
  
-<WRAP centre round important 50%>+<WRAP center round important 50%>
 **Important**: Note that the **test-net** network, having the same **NETWORK ID**, was automatically created when the **alpine2** container was created.  **Important**: Note that the **test-net** network, having the same **NETWORK ID**, was automatically created when the **alpine2** container was created. 
 </WRAP> </WRAP>
Ligne 835: Ligne 835:
 </code> </code>
  
-<WRAP centre round important 50%>+<WRAP center round important 50%>
 **Important**: Note that the **test-net** network has not been created. **Important**: Note that the **test-net** network has not been created.
 </WRAP> </WRAP>
Ligne 918: Ligne 918:
 </code> </code>
  
-<WRAP centre round important 50%>+<WRAP center round important 50%>
 **Important**: Note that the **test-net** network has been removed. **Important**: Note that the **test-net** network has been removed.
 </WRAP> </WRAP>
Ligne 1405: Ligne 1405:
  
 Return to the Apache Guacamole window in **your** computer's browser. Click on the **Debian11_10.0.2.46_VNC** connection. Then launch an Internet browser. Go to the URL http://10.0.2.62:8080 and consult the **visualizer** service: Return to the Apache Guacamole window in **your** computer's browser. Click on the **Debian11_10.0.2.46_VNC** connection. Then launch an Internet browser. Go to the URL http://10.0.2.62:8080 and consult the **visualizer** service:
- 
-{{ :elearning:workbooks:docker:docker001.png?direct&600 |}} 
  
 {{ :elearning:workbooks:docker:docker001.png |}} {{ :elearning:workbooks:docker:docker001.png |}}
Ligne 1427: Ligne 1425:
 </code> </code>
  
-<WRAP centre round important 50%>+<WRAP center round important 50%>
 **Important**: Note that the three networks created are of type **overlay**. **Important**: Note that the three networks created are of type **overlay**.
 </WRAP> </WRAP>
Ligne 1442: Ligne 1440:
 </code> </code>
  
-<WRAP centre round important 50%>+<WRAP center round important 50%>
 **Important**: Note that only the **app_frontend** network has been created in **worker1**. **Important**: Note that only the **app_frontend** network has been created in **worker1**.
 </WRAP> </WRAP>
Ligne 1458: Ligne 1456:
 </code> </code>
  
-<WRAP centre round important 50%>+<WRAP center round important 50%>
 **Important**: Note that the two networks **app_frontend** and **app_backend** were created in **worker2**. **Important**: Note that the two networks **app_frontend** and **app_backend** were created in **worker2**.
 </WRAP> </WRAP>

Piste : Topic 1 : System Architecture

Menu