Menu
When running a Docker container, I'd like to set up the container's network so that the container is only able to communicate with the host on the (TCP) ports that the host is listening to. I don't want the container to have access to the internet, or other containers running on the same host, or to the network that the host is connected to. If I was running a VM with something like VMWare, I would choose the "host-only" networking option which creates a private network between the guuest VM and the host with the properties described above.
I've looked into using Docker's --net=none but I don't know what direction to go with to configure the network to achieve my goals. TAP/TUN seems to be the way to go, but I'd appreciate some direction
455
You could create --internal network and run a container inside it.
Creating a network:
docker network create -d bridge --internal hostonly
Running a container:
docker run --network hostonly ...
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
