Is it possible to add a capability (for ex: NET_ADMIN) after the container has actually started?
I started a container few days ago and a service provided by it is being used by several other processes which are running remotely on other servers. I need to add a loopback interface to it, but unfortunately, I forgot to start the container with --cap-add=NET_ADMIN and hence couldn't add the interface now.
I'm looking for an option, if it is possible to give this capability somehow to this container.
No, you cannot modify the capabilities of a running container. These can only be defined when you first create or run (which is just a create+start) the container. You'll need to create a new container with the desired capabilities.
I should point out that you can assign additional network interfaces to a running container with docker network connect, but I'm not aware of any loopback drivers you could use to solve your issue using this technique.