Docker Machine won't scale well for massive Docker Engine deployments, but it turns out to be very useful for automatically securing small number of nodes. In the following section, we'll use Docker Machine to secure our Swarm manager using the generic driver, a driver that allows us to control existing hosts.
In our case, we already did set up a Docker Swarm manager on mg0. Furthermore, we want to secure Docker Engine by enabling the TLS connection for its remote endpoint.
How can Docker Machine do the work for us? First, Docker Machine connects to the host via SSH; detects the operating system of mg0, in our case, Ubuntu; and the provisioner, in our case, systemd.
After that, it installs the Docker Engine; however, in case one is already in place, like here, it will skip this step.
Then, as the most important part, it generates a Root CA certificate, as well as all certificates, and stores them on the host. It also automatically configures Docker to use...