Edit host machine's network from inside Docker container

Don't use Docker. While it's possible, it violates the concept of containers isolated from the guest.

@vidarlo this is one of the main features of the app though. Docker provides capabilities to handle these kind of features. "Don't use docker" doesn't sound like a solution.

If your goal is to make an application that changes the configuration of the host system, Docker is *probably* not what you're looking for, since the *goal* of docker is providing a reliable and reproducible runtime environment. In addition, I have an expectation that a docker image will run on various environments - OpenSUSE MicroOS, Alpine LInux, Ubuntu, Debian and so forth. If you create a Docker image that only functions on Ubuntu, it's basically violating the *point* of Docker images.

In addition this sounds *very* much like an [X-Y Problem](https://xyproblem.info/) where you seems to have defined two solutions (Docker and modify host networking), but tells us nothing about what *problem* you aim to solve.

Here's another version of the question: "Hi, I am a DevOps newbie and my software team is working on an application that can manipulate the network settings (IP, gateways etc) of an Ubuntu machine. The problem is that this program that they're developing works in a Docker container. Is there a way to manipulate the host machine's network settings from inside Docker container?" The thing is Docker is already being used to serve the app. Now the feature I mentioned above needs to be added. I am not sure how to proceed, of course leaving Docker is an option but I want to be sure.

But *WHY* is this needed? The docker app should more or less by definition *not* care about the host networking. It should not need to. If you really need this, then you suddenly tie your docker image to a specific distro and probably specific version, with a specific configuration! That's more or less the anti-thesis of docker.

If this is because you deploy from a pipeline somewhere, and want os configuration to be automated, look into using e.g. terraform to perform that initial configuration, as part of pipeline, and don't abuse your docker image. This way you'll separate configuration logic from application logic as well.

This is the whole purpose of the app :) The app that runs inside Docker focuses on the network. Its whole purpose is to manipulate/administrate the network.

And you're right, it will be tied to a specific type of OS etc. But it's not an issue. As long as it can run inside the Docker container and serve its purpose without me being have to hack Docker (I mean if Docker allows this as a feature), I am fine with being able to ship the application to only Ubuntu 16.04 for example. Or do you have any other suggestions? The app still needs to run on various customers' enviroments but we can ask for a VM with a specific OS for example. Docker seems like a valid tool for this use case. Another option is shipping an ISO file with a whole OS but Idk.

Don't ship it is a docker image. Ship it as a deb package. That way you can even tell `apt` what you depend on, to ensure that for instance netplan is in use.

I sit in a Tesla and translated this thread with Ai: