Technical overview


Traffic can only ingress to Docker services on MedStack Control via port 443. This restriction is imposed on the firewall and load balancer rules and cannot be changed. Traffic can however egress from the Docker network over any port.


network diagram

To learn more about clusters and their networking rules, please refer to the clusters build page.

Docker on MedStack Control

We chose to build Docker into MedStack Control for these reasons, in addition to the granular control available in Docker that allows us to provide privacy compliance guarantees when running your applications on MedStack Control.

Capabilities and benefits of Docker on MedStack Control

There are some important concepts to understand regarding bringing your applications into MedStack Control and the boundary conditions for working with Docker on our platform.

  • You do not have access to execute Docker commands – this is by design to guarantee privacy compliance per the policies which you inherit by running your applications on the MedStack platform.

  • Rather, you have access to shell into containers – once you've deployed a service in your Docker environment, you may SSH into containers and interact with them and connected services and resources via web terminal.

  • Your Docker environment is automatically backed up and restorable – built for disaster recovery and ransomware attack mitigation, our backup system captures snapshots of the entire Docker environment every hour, ensuring a reliable state of your configuration and that data is always available under any circumstance.

  • Your Docker environment runs in a protected virtual network – your application on MedStack Control can be made accessible to the open internet knowing it's protected by enforced encryption, DDOS and IP spoofing mitigation, and accessible to select resources to which only you and your team have access.

  • Your Docker nodes and the Docker network and orchestration are managed by MedStack – we take care of securing, patching and updating the host machines that power your Docker environment so you only need to focus on the application layer.

  • You will manage the Docker configuration and services in MedStack Control – as you develop locally, keep in mind the Dockerfile or Docker Compose configurations as you'll need to translate them into the Docker environment on MedStack Control.

About Docker

If you're familiar with Docker, then you're likely familiar with the vast benefits of running on its platform.

If you're new to Docker, you'll find Docker's getting started resources to be an excellent place to become familiar with the platform. We strongly recommend you utilize the following resources:

Why Docker?

With a community of millions of developers, Docker is one of the easiest platforms to use for building modern applications. Docker is a platform for developers and sysadmins to build, run, and share applications with containers. The use of containers to deploy applications is called containerization. Containers are not new, but their use for easily deploying applications is.

Containerization is increasingly popular because containers are:

  • Flexible: Even the most complex applications can be containerized.

  • Lightweight: Containers leverage and share the host kernel, making them much more efficient in terms of system resources than virtual machines.

  • Portable: You can build locally, deploy to the cloud, and run anywhere.

  • Loosely coupled: Containers are highly self sufficient and encapsulated, allowing you to replace or upgrade one without disrupting others.

  • Scalable: You can increase and automatically distribute container replicas across a data center.

  • Secure: Containers apply aggressive constraints and isolations to processes without any configuration required on the part of the user.

Additional resources

The following Docker resources are available to you to learn more about how Docker works as an enterprise container platform.

  1. Interactive – Docker IT Administrator Questions
  2. Whitepaper – Definitive Guide to Enterprise Container Platforms

What's next

Now that you're familiarized with Docker on MedStack Control, you're ready to setup your team, build compliant cloud environments, and deploy your applications.