Use tc to throttle Docker container's outgoing network bandwidth

I’m trying to do the bandwidth throttling to the Docker containers.
To limit the downlink bandwidth, I can first find the veth interface of the container and use tc: tc qdisc add dev vethpair1 root tbf rate 1mbit latency 50ms burst 10000. If I want to limit the uplink bandwidth, I need to specify --cap-add=NET_ADMIN when I spin up the container and use the same tc command on eth0 inside the container. Is there any non-intrusive way to do it, so that I can administrate any container without giving it privilege?

  • Connect to database from another docker container
  • Docker - Properly Mounting Host Directory in Docker Container (Windows)
  • How to access to docker config file in S3 bucket from Elastic Beanstalk instance
  • edit docker container files with OS X Sublime Text
  • Retain environment variable values for Symfony2 app development in Docker
  • how to use digitallyseamless/nodejs-bower-grunt-runtime:compass-support in wercker?
  • How to restrict Docker containers to run on specific CPU cores or group of CPU cores
  • Use Docker environment variables for credentials
  • Splitting up a Rails and React app into separate Docker containers?
  • Jenkins inside a Docker container
  • Connect to Docker container running mysql on Windows 10
  • centos docker:Error while pulling image
  • One Solution collect form web for “Use tc to throttle Docker container's outgoing network bandwidth”

    You could tell Docker to use LXC under the hoods : use the -e lxcoption.

    Create your containers with a custom LXC directive to put them into a **traffic class** :
    `docker run --lxc-conf="lxc.cgroup.net_cls.classid = 0x00100001" your/image /bin/stuff` 

    Check the official documentation about how to apply bandwidth limits to this class.

    Note : the --storage-driver=devicemapperand -e lxcoptions are for the Docker daemon, not for the Docker client you’re using when running docker run ........

    ALso you can do this through this:

    mkdir /var/run/netns
    ln -sf /proc/`docker inspect -f '{{ .State.Pid }}' YOUR_CONTAINER`/ns/net /var/run/netns/SOME_NAME
    ip netns exec SOME_NAME iptables -L -nv
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.