How to setup a private network in Docker Swarm?

Ask Time：2021-08-26T23:42:29 Author：emanuelbsilva

I am researching how to properly set up a docker swarm infrastructure and there is a problem I still haven't managed to find an answer for.

Let's say, in this basic scenario, I have 2 services:

API: A Rest API service
DB: A Database service.

     ┌────────┐
     │  WWW   │
     └────────┘
         ▲
         │
 Swarm   │
┌────────┼──────────────────────────┐
│        │                          │
│  ┌─────▼──────┐    ┌───────────┐  │
│  │            │    │           │  │
│  │    API     │◄──►│     DB    │  │
│  │            │    │           │  │
│  └────────────┘    └───────────┘  │
│                                   │
└───────────────────────────────────┘

For security purposes, I do not want the DB service to be publicly available. I only want it to be accessibly for services inside the Docker Swarm, ideally I only want it be available for the API service.

I have tried to setup a bridge network (in a docker-compose file), but when using docker stack deploy docker complains about it: "The network ... cannot be used with services. Only networks scoped to the swarm can be used, such as those created with the overlay driver.".

So, summarizing, my question is:

How can I setup a network in order to make a service private to the swarm?

Thank you!

Author:emanuelbsilva，eproduced under the CC 4.0 BY-SA copyright license with a link to the original source and this disclaimer.
Link to original article：https://stackoverflow.com/questions/68941580/how-to-setup-a-private-network-in-docker-swarm

How to setup a private network in Docker Swarm?