Linux Networking – Docker Container to Remote Host via Gateway without using route add?

I’m struggling with a networking issue.

I have a Docker instance running on 172.17.0.14 with all the containers on the 172.18.0.0/24 network. With Vagrant you would do something like sudo route add -net 172.18.0.0 netmask 255.255.255.0 gw 172.17.0.14 to access the subnet.

  • cadvisor, elasticsearch, docker: no Elasticsearch node available
  • Docker inside Windows guest virtual machine
  • What is the best practice of docker + ufw under Ubuntu
  • How to run several separate WordPress websites using Docker containers
  • Azure Docker Container - how to pass startup commands to a docker run?
  • connect to container using ssh after adding new user and installing ssh
  • However, when I run route add inside the container I get

    SIOCADDRT: Operation not permitted

    What can I do? Is there anything like Socat? I don’t want to add the NETCAP capability.

  • Docker: how to connect two bridges
  • Environment variables for docker-compose inside of Jenkins
  • Developing and version control in a shared data-container
  • How to access JIRA Software files in a docker image?
  • Wordpress NGINX conf routes back to Landing Page
  • Docker on windows 10 can't startup after deleting MobyLinuxVM in Hyper-V manually
  • One Solution collect form web for “Linux Networking – Docker Container to Remote Host via Gateway without using route add?”

    You need the right permissions for this. Apparently, there are at least two ways do do that:

    One from here:

    docker exec --privileged container ip route add default via 172.17.0.14 dev eth0
    

    The other option is to expose the netns from here:

    pid=($sudo docker inspect -f '{{.State.Pid}}' container)
    
    sudo mkdir -p /var/run/netns
    sudo ln -s /proc/$pid/ns/net /var/run/netns/$pid
    
    sudo ip netns exec $pid ip route add default via 172.17.0.14
    
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.