I have a use case where I need the service running in a container to be able to access and change the host IP configuration. I have had some success by using the --cap-add NET_ADMIN and --network host flags with my run command. With these flags set, I can run ifconfig against the host network settings (read, set ips, netmask etc) but setting them in this way is transient and I need them to be persistent. The only way I know to do that would be to modify the /etc/network/interfaces file but I can’t figure out how I would go about gaining access to this from a container even with these network options set.

Anybody know how to achieve this?

Found the solution was to mount the /etc/network/interfaces file to the container interfaces file.

-v /etc/network/interfaces:/etc/network/interfaces

This allows host and/or container to change the interfaces file but remain synced.

Keeping the network permissions mentioned I could still use ifconfig commands such as ifdown/ifup. Hope this helps anybody else coming across this scenario.