Http communication from container to container within a network overlay in Docker is fairly secure (I believe Docker implements uses SSL automatically over those connections). Is this the case for websockets?
Say I have container A communicating with container B on the same network via a websocket. If you use websockets in python, you have a whole host of SSL options to protect your connection. That sort of thing isn't necessary when using plain-jane http requests (as long as they are strictly within the container). Is this the case with websocket connections?
I want to say that sticking in a ton of self signed certs in our websocket setup is unnecessary, but I'm not sure. It seems like overkill to generate a ton of certs for each container when there's not any sort of outside connection and docker performs all of that work for you.
In short yes.
All the traffic running over your docker overlay network is encrypted.
As long as we talk about the same thing docker-encrypt-traffic-on-an-overlay-network. Which means your overlay network is configured with --opt encrypted.
All traffic over this network (tcp udp and higher level protocols) is encrypted. HTTP and websocket runs over tcp, so the data passed over is encrypted