I have readed the documentation and also tried a lot of options to create following scenario:
3 containers, that all of them can see between them.
Also allow host who runs dockers see network and also do ping to them
restrict internet access from network that containers uses.
On my scenario I need to get up 3 containers (iis, mssql and a tester) and could be great that also these containers could be accessible (with mapped ports or with IPs on that network).
I will attach too a photo to better understanding.
Procedure realized:
I have tried following options:
Create a nat network specifying --internal option, without solve my problem, because hosts can access to internet
docker network create -d nat --subnet=172.16.0.0/16 --gateway=172.16.0.1 --internal isolatednet
Created a network with same options before using transparent mode, which does not solve my problem because host can not see containers IPs
And some more options… But which could “solve” my problem was create a nat network and, when a new container join into that NAT network, which has internet access by default, remove the route that container uses to go to the Gateway… but it isn’t cool at all. Could please give me a hand to solve it?
BTW I am using Docker for Windows. Thanks in advance, all help is welcome.