Restrict Internet Access - Docker Container

Question

I have a situation to restrict internet access of the container in load balancer network. for example in that below picture

Only container4

Answer 1

As found here, I got this to work with docker-compose. Save as docker-compose.yml:

version: '3'

services:
  outgoing-wont-work:
    image: alpine
    networks:
      - no-internet
    command: ping -c 3 google.com # will crash

  internal-will-work:
    image: alpine
    networks:
      - no-internet
    command: ping -c 3 internal-and-external

  internal-and-external:
    image: alpine
    networks:
      - no-internet
      - internet
    command: ping -c 3 google.com

networks:
  no-internet:
    driver: bridge
    internal: true
  internet:
    driver: bridge

Then run docker-compose up -d, docker-compose ps will show something like this after a few seconds:

              Name                            Command               State    Ports
----------------------------------------------------------------------------------
dco_inet_internal-and-external_1   ping -c 3 google.com             Exit 0        
dco_inet_internal-will-work_1      ping -c 3 internal-and-ext ...   Exit 0        
dco_inet_outgoing-wont-work_1      ping -c 3 google.com             Exit 1