Container traffic though VPN & forwarding ports to host

What would be the best way to achieve a connection though VPN container AND forwarding ports from container B whilist making sure all outbound traffic passes though the VPN?

Default route for container B should be the VPN container.

With host-network, you cannot attach it to any other networks.

Host infromation:

  • OS: Ubuntu 18.04 64-bit
  • Docker version: 18.06.1-ce, build e68fc7a

I did this exact thing recently, and it was an absolute nightmare. I ended up using the kylemanna/openvpn image on an open vswitch network with GRE tunneling instead of docker networking. Ensuring the traffic flows as you want it can be done as a series of iptables rules. I’m not going to type out an entire tutorial, but if you do go this route, I can answer your questions about it.

I’m actually using dceschmidt/openvpn-client image for my VPN. I looked though the docker documentation and noticed that what I’m trying to achieve is pretty nightmare-ish with Docker, but still somehow doable (I think).

Could you perhaps link me an tutorial for that, please?

No tutorial exists that I know of. I had to piece together bits of other tutorials. Lots of trial and error. The only full tutorial I used was specific to the kylemanna image. Sorry I can’t be of more help.

Yeah, that’s what I was afraid of as I came to the same conclusion when trying to find information regarding this. It’s too bad that there’s no such tutorial at the moment at least which could be easilly found.