Gregory's Server@darius a few tips if you find yourself in that situation: if you are looking for something compatible with a little less of the black-boxness, you can use podman. With either you can use --network=host, --network=none, or --network=ns:/var/lib/ns/your-own-ns to prevent network shenanigans. Or you could do the equivalent of "bare metal" and use crun directly.
@jeffcutsinger appreciate the pointers. Unfortunately the only reason I end up using docker is because I have to for work, and it wouldn't make sense for me to change tooling on the devops team just out of my own preference.