I’ve got a need to be able to start containers which have network access strictly limited:
- no access to the host or other containers
- access to the outside world restricted to a specific whitelist of IP addresses
But I’m not sure exactly how to go about this. I imagine I need to create a specific bridge network for this and start the container in this network using the --net option. But I can’t figure out the specific details.
Can anyone provide some guidance?