Restarting the Docker daemon without host access

We have an issue with the Docker network defaults causing collisions on the subnet. For example, we try to resolve a service outside of our network called, and it resolves to The container can’t see that because it’s trying to resolve it out of the docker0 network interface.

This had us thinking of using a single run container that we could distribute to teams needing to make the subnet change, where they could run it once across all their hosts with an environment variable or command to pass in the new subnet. That container would need to mount the docker config file, make the required changes to the --bip and --fixed-cidr options, and then restart the docker daemon.

I think we’ve realized that this may be the wrong way to go about this, but I’m curious if anyone else has had to solve a similar issue, and what you did to resolve it? I’ve also browsed through the Rancher documentation to see if there is a setting we can pass to the daemon to restart it with a different subnet, but I haven’t found anything. Does anyone have some insight in ways to go about this?