VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in. - GitHub - qdm12/gluetun: VPN clien...
Switched to qbittorrent+gluetun side car recently and it's been pretty good compared to the poorly maintained combo torrent+OpenVPN images I was using. Being able to update my torrent client image/config independent from the VPN client is great. Unfortunately most of the docs are Docker focused so it's a bit of trial and error to get it setup in a non-docker environment like Kubernetes. Here's my deployment in case it's useful for anyone. Be careful that you configure qbittirrent to use "tun0" as it's network interface or you will be exposed (got pinged by AT&T before I realized that one). I'm sure there's a more robust way to makeuse of gluetun's DNS over TLS and iptables kill switch that doesn't require messing with qbittorrent config to secure, but that's what I have so far and it works well enough for now.
Yeah, the situation you're describing is impossible with docker because if you set it up as intended there's no way for your containers to access the Internet without going through the VPN.