Agreed. I’ve been working a lot with Swarm over the past year and while it’s not perfect, it has been an overall great experience. I really enjoy the simplicity and tight integration with Docker, and I feel that the ecosystem around Swarm was just starting to mature. Hopefully it remains an option for a while.
Also, I haven’t needed to integrate something like Vault because the Swarm secrets feature covers my use case perfectly.
I'm also using the secrets feature but it's very brittle. If your swarm gets destroyed or you want to migrate servers, it's a huge pain to get those secrets back up and running. Unless I'm missing a better way to do this, I'd love to know!
I currently have my secrets stored in an encrypted text file in case I need to bring them back up.
I do something similar, using Ansible Vault (not to be confused with Hashicorp Vault!) to store the encrypted secrets in my ops directory (separate from the application source code). They’re stored as YAML so very easy to upload/regenerate with Ansible.
I feel like so much in the cloud space is actually getting worse because of this. Its like all the old server shufflers and netops guys have taken over.
