コンテナへの特権付与:cap_add, privileged
version: '3'
services:
flexisip-mariadb:
container_name: flexisip-mariadb
image: mariadb
restart: always
...
...
ubuntu-flexisip:
container_name: ubuntu-flexisip
## コンテナにネットワークに関わる特権を付与
cap_add:
- NET_ADMIN
privileged: true
...
http://man7.org/linux/man-pages/man7/capabilities.7.html
CAP_NET_ADMIN
Perform various network-related operations:
* interface configuration;
* administration of IP firewall, masquerading, and accounting;
* modify routing tables;
* bind to any address for transparent proxying;
* set type-of-service (TOS)
* clear driver statistics;
* set promiscuous mode;
* enabling multicasting;
* use setsockopt(2) to set the following socket options:
SO_DEBUG, SO_MARK, SO_PRIORITY (for a priority outside the
range 0 to 6), SO_RCVBUFFORCE, and SO_SNDBUFFORCE.