启动容器时,有可能会遇到如下问题,比如启动redis容器:
sudo docker run -d -p 6379:6379 --name redis redis:latest
docker: Error response from daemon: failed to create endpoint redis on network bridge: iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 10.211.55.9 --dport 6379 -j DNAT --to-destination 172.17.0.4:6379 ! -i docker0: iptables: No chain/target/match by that name. (exit status 1).
通过分析异常信息,发现是因为在进行原地址到目标地址转换的时候没有在docker主机的iptables规则中找到nat表规则,只有filter表规则。
在filter表上面增加nat表配置规则信息,需要说明的是docker容器的网段是172.17.0.0/16,另外需要注意filter表中也要有docker链的相关配置。
sudo vi /etc/sysconfig/iptables
-
# sample configuration for iptables service # you can edit this manually or use system-config-firewall # please do not ask us to add additional ports/services to this default configuration *nat :PREROUTING ACCEPT [27:11935] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :DOCKER -[0:0] -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER -A OUTPUT !-d 127.0.0.0/8-m addrtype --dst-type LOCAL -j DOCKER -A POSTROUTING -s 172.17.0.0/16!-o docker0 -j MASQUERADE COMMIT # *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :DOCKER -[0:0] -A FORWARD -o docker0 -j DOCKER -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i docker0 !-o docker0 -j ACCEPT -A FORWARD -i docker0 -o docker0 -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22-j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 9090-j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 1521-j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 6379-j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
重启iptables
sudo systemctl restart iptables.service
重新启动容器即可。
相关推荐
解决docker报错dial tcp lookup registry-1.docker.io
centos 7 离线安装docker-engine-1.12.6 yum localinstall *.rpm Installing : docker-engine-1.12.6-1.el7.centos.x86_64 8/8 Verifying : libsemanage-python-2.5-11.el7.x86_64 1/8 Verifying : setools...
离线环境下,在centos7.6系统上安装docker-ce-19.03,nvidia-docker2.4版本,其中docker-ce-19.03在docker-local.tar压缩文件里面,nvidia-docker2在nvidia-docker2.zip文件中。 具体安装流程如下: 1.安装docker ...
情景还原: 用docker拉取jenkins最新版本 docker pull jenkins/jenkins:lts报了这个错误: Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker 一通百度,发现...
主要介绍了解决ubuntu vps安装docker时报错:Cannot connect to the Docker daemon at unix:///var/run/docker.sock.问题的相关资料,文中介绍非常详细,需要的朋友可以参考借鉴,下面来一起看看吧。
centos机器 docker安装完成后,输入docker info命令,报如下警告信息解决方法: 1)警告信息如下: WARNING: bridge-nf-call-iptables is disabled WARNING: bridge-nf-call-ip6tables is disabled 2)解决方法: ...
当安装Docker时,首先需要下载Docker的安装包并安装。具体步骤如下: 在终端中执行以下命令下载Docker安装包: curl -fsSL https://get.docker.com -o get-docker.sh 运行安装脚本: sh get-docker.sh 启动Docker...
安装方法可以参考这篇文章:https://blog.csdn.net/ziyetian666/article/details/106668638/ centos7.x最小化安装后可以直接安装docker-ce
docker社区版linux离线包docker-20.10.9.tgz供docker学习使用,资源来自官方https://download.docker.com/linux/static/stable/x86_64/docker-20.10.9.tgz
fastdfs-docker集群搭建文件, 文章链接为:https://blog.csdn.net/shan165310175/article/details/96100841
docker oracle的离线镜像docker-wnameless-oracle-xe-11g.tar,可以导入到内网(无互联网)环境使用,该包是基于wnameless的Oracle打包的,由于网速慢,我是使用 git clone ...
包含kubernetes v1.20.4必需镜像,有问题私信我 docker load -i kube-apiserver-v1.20.4.tar docker load -i kube-controller-manager-v1.20.4....docker load -i etcd-3.4.13-0.tar docker load -i coredns-1.7.0.tar
TLBB Server Fake便携式-Docker安装安装Docker Windows 10 x64 (如果需要,请重置计算机) https://download.docker.com/win/stable/InstallDocker.msi 苹果电脑 ...docker
docker pull beginor/gitlab-ce:11.0.1-ce.0 2.创建GitLab 的配置 (etc) 、 日志 (log) 、数据 (data) 放到容器之外, 便于日后升级 mkdir -p /mnt/gitlab/etc mkdir -p /mnt/gitlab/log mkdir -p /mnt/gitlab/...
docker更新包: apt-get update docker安装vim apt-get install vim apt-get install tar 安装jdk: vi /etc/profile export JAVA_HOME=/opt/jdk export PATH=$PATH:$JAVA_HOME docker run -d -p 8989:8080 -v...
对应文章:https://blog.csdn.net/SoaringLee_fighting/article/details/120777014 mips平台docker安装包!
今天使用docker拉取镜像,那速度简直不能看,而且等着等着到最后还出现了 read tcp 192.168.31.60:55550->104.18.123.25:443: read: connection reset by peer 传输异常 然后看见网上说可以配置阿里云提供的镜像...
rtmp://localhost:1935/stream/$STREAM_NAME SSL 要启用 SSL,请参阅nginx.conf并取消注释以下行: listen 443 ssl; ssl_certificate /opt/certs/example.com.crt; ssl_certificate_key /opt/certs/example.com.key...
Docker的boot2docker.iso(v17.11.0-ce) 镜像 ,使用参照:http://blog.csdn.net/jiangjingxuan/article/details/54908272 http://blog.csdn.net/csdn_duomaomao/article/details/73028390
sudo bash ./docker_install.sh pull docker from AWS ecr aws configure aws ecr get-login --no-include-email > login.sh sudo bash ./login.sh sudo rm login.sh sudo docker pull url:tag run gpu docker sudo ...