I am trying out current release of Docker Swarm as a solution for easy deployment of our application. One concern we have is manager nodes security, so we try to separate them as much as possible. And from what it looks is that ALL nodes participate in routing mesh by default. So that once an app publishes port (say 8080) ALL nodes no matter worker or manager will have that port exposed and route traffic on it t application (as seen using
netstat -lnptu).My question is — is there any way in Swarm to restrict that say appA port 8080 only exposed on workers?
Answer
Attribution
Source : Link , Question Author : Alexey Kamenskiy , Answer Author : Community
