Docker Series – Part 18: Docker Swarm Networking, Overlay Networks & Docker Stack Deployment

Table of contents
- Concepts Covered in This Session
- Bridge vs Overlay: Local vs Distributed Networking
- Encrypted Overlay Networks (IPSEC)
- Real-Time Service Deployment & Fault Tolerance
- Creating Custom Overlay Network
- The Limitation of Docker Compose
- Docker Stack: Distributed Deployment Using Compose File
- Quick Learnings Recap:
- Real-World Use Case
- Final Notes

In this 17th part of our Docker journey, we go beyond single-host containers and dive into the magic that makes multi-node communication, security, and stack-level orchestration possible.
Concepts Covered in This Session
Bridge vs Overlay Networks
Creating encrypted overlay networks
How Swarm manages container-to-container communication across nodes
Real-world deployment with Docker Stack
Enabling service discovery and load balancing with Swarm
Limitations of Docker Compose and how Stack solves them
VXLAN, IPSEC, and container-level networking internals
Let’s walk through the major highlights
Bridge vs Overlay: Local vs Distributed Networking
By default, Docker creates a bridge network allowing containers on the same host to talk. But what happens when containers are spread across multiple nodes?
That’s where Overlay Networks come into play.
"Overlay networks allow containers running on different hosts to communicate as if they were on the same host."
Swarm automatically creates an overlay network during cluster initialization. All nodes that join the Swarm contribute to this distributed network.
Command to view all networks:
docker network ls
Encrypted Overlay Networks (IPSEC)
While overlay networks are powerful, by default they send packets in plain text. We can secure this communication using the --opt encrypted
flag.
docker network create --opt encrypted --driver overlay mysecnet
With this, Docker uses IPSEC protocol to encrypt inter-container communication.
Real-Time Service Deployment & Fault Tolerance
Create a service:
docker service create --name myweb --publish 8080:80 vimal13/apache-webserver-php
Even if the container runs on a worker node, accessing the manager node’s IP renders the web app. Thanks to Swarm’s built-in load balancer and service discovery!
Creating Custom Overlay Network
You can create your own overlay network like this:
docker network create --driver overlay myoverlay
And deploy services in it:
docker service create --name myweb --network myoverlay --publish 8080:80 vimal13/apache-webserver-php
The Limitation of Docker Compose
Docker Compose is great, but it only works on a single node. In real-world distributed systems, this is a dealbreaker.
That’s why Docker introduced Stacks to run multi-container apps across multiple nodes using a familiar Compose file.
Docker Stack: Distributed Deployment Using Compose File
We built a small Flask + Redis app using:
📂 app.py
📄 Dockerfile
📦 requirements.txt
📋 docker-compose.yml
Sample Stack File (docker-compose.yml)
version: "3.9"
services:
web:
image: 127.0.0.1:5000/stackdemo
build: .
ports:
- "8000:8000"
redis:
image: redis:alpine
Deploying with Stack:
docker stack deploy --compose-file docker-compose.yml mypyapp
You can access the app via:
curl 127.0.0.1:8000
Or in your browser using:
http://<node-ip>:8000
Checking the Stack:
docker stack ls
docker stack services mypyapp
Quick Learnings Recap:
Overlay Networks connect containers across nodes.
Use encryption for secure container communication.
Docker Stack solves Docker Compose’s single-node limitation.
Real-world deployments rely on VXLAN tunneling and Swarm services.
Real-World Use Case
This kind of distributed, fault-tolerant networking setup is widely used in:
E-commerce platforms
Banking systems
Multi-region SaaS applications
Containerized microservices architecture
Final Notes
This was one of the most exciting and foundational sessions to understand how distributed containers communicate and scale securely. With the Docker Stack capability, we are bridging the gap between development convenience and production-grade orchestration.
In the next article, we’ll explore container monitoring and logging in a Swarm cluster.
Stay tuned!
Subscribe to my newsletter
Read articles from Nitin Dhiman directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by

Nitin Dhiman
Nitin Dhiman
Self-taught DevOps enthusiast on a journey from beginner to pro. Passionate about demystifying complex tools like Docker, AWS, CI/CD & Kubernetes into clear, actionable insights. Fueled by curiosity, driven by hands-on learning, and committed to sharing the journey. Always building, always growing 🚀