I’m currently trying to isolate a (3rd party) docker container, so that it ONLY has access to the internet.
i.e. It should NOT be able to
- access/discover other docker containers
- access/discover the host machine
- access/discover other machines on the host’s network (other than the gateway)
It should ONLY be able to access the internet (gateway).
Is there a way to do this using only docker network configuration options?
I was thinking I could run a custom gateway container, which locks down access, but wanted to avoid that if there was a native (-> configuration) solution.
- I cannot modify the docker container e.g. add iptables into the container itself