Expose specific interfcae to container

Hi All,

I have started playing around with Docker. However, I am curious whether we can bind or attach ONLY a specific interface, such as the wifi interface (wlan0), to the container. As far as I know, giving the option --net=host allows all the interfaces to be exposed to the container. But I am thinking that instead of exposing all networks, is it possible to expose only one or two interfaces without building a bridge? Any help would be greatly appreciated.

Best,
James

What is your goal exactly? --net host means there is no network isolation, so you can see all interfaces, but as far as I know, an interface can exist in only one network namespace, so once you add it to a containerā€™s network namespace, it disappears from the host. I donā€™t think that is what you want. Containers have their own interfaces and the network traffic is routed through the hostā€™s interfaces.

The following is our scenario. I have three interfaces in my host, eth0, eth1, and wlan0. I want to create a container which can access only wlan0 and configure it. For example, through the container I can configure wlan0 to be a Wi-Fi access point or as a client depending on my need. The container should not have access to eth0 and eth1.

I donā€™t think it is possible. You could create a separate service with an API and authenticate the manageer process in the container allowing managing only that device. But then the new service will have access to all interfaces

1 Like

Thanks for sharing this.