Deploy a service

In this step you will deploy a service on the net2 overlay network. You will deploy the service with enough replica tasks so that at least one task will run on every node in your Swarm. This will force Docker to extend the net2 network to all nodes in the Swarm.

1. Deploy a new service to all nodes in your Swarm. When executing this command, be sure to use an adequate number of replica tasks so that all Swarm nodes will run a task. This example deploys 4 replica tasks.

   $ docker service create --name service1 \
   --network=net2 --replicas=4 \
   alpine:latest sleep 1d
   
   ivfei61h3jvypuj7v0443ow84
   

2. Check that the service has deployed successfully

   $ docker service ls
   ID            NAME      MODE        REPLICAS  IMAGE
   ivfei61h3jvy  service1  replicated  4/4       alpine:latest
   

   As long as all replicas are up (4/4 in the example above) you can proceed to the next command. It may take a minute for the service tasks to deploy while the image is downloaded to each node in your Swarm.

3. Run the docker network ls command again from node3.

   NOTE: It is important that you run this step from a worker node that could previously not see the net2 network.

   node3$ docker network ls
   NETWORK ID          NAME                DRIVER              SCOPE
   abe97d2963b3        bridge              bridge              local
   42295053cd72        docker_gwbridge     bridge              local
   ad4f60192aa0        host                host                local
   3ecc06xxyb7d        ingress             overlay             swarm
   uaaw8ljwidoc        net2                overlay             swarm
   1a85d1a0721f        none                null                local
   

   The net2 network is now visible on node3. This is because node3 is running a task for the service1 service which is using the net2 network.

Congratulations! You’ve created an encrypted network, deployed a service to it, and seen that new overlay networks are only made available to worker nodes in the Swarm as and when they runs service tasks on the network.

Step 4: Clean-up

In this step you will clean-up the service and networks created in this lab.

Execute all of the following commands from node1 or another Swarm manager node.

1. Remove the service you created in Step 3

   $ docker service rm service1
   service1
   

   This will also remove the net2 network from all worker nodes in the Swarm.

2. Remove the net1 and net2 networks

   $ docker network rm net1 net2
   net1
   net2
   

   Congratulations. You’ve completed this quick Docker Network Security lab. You’ve even cleaned up!