zoukankan      html  css  js  c++  java

  • docker端口映射或启动容器时报错Error response from daemon: driver failed programming external connectivity on endpoint

    现象:

    [root@localhost ~]# docker run -d -p 9000:80 centos:httpd /bin/sh -c /usr/local/bin/start.sh
    d5b2bd5a7bc4895a973fe61efd051847047d26385f65c278aaa09e4fa31c4d76
    docker: Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen (6bda693d1143657e46bee0300276aa05820da2b21a3d89441e820d1a274c48b6): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 9000 -j DNAT --to-destination 172.17.0.2:80 ! -i docker0: iptables: No chain/target/match by that name.
    (exit status 1)).

    [root@localhost ~]# docker start d5b2bd5a7bc4
    Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen (4127da7466709fd45695a1fbe98e13c2ac30c2a554e18fb902ef5a03ba308438): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 9000 -j DNAT --to-destination 172.17.0.2:80 ! -i docker0: iptables: No chain/target/match by that name.
    (exit status 1))
    Error: failed to start containers: d5b2bd5a7bc4

    原因:

    docker服务启动时定义的自定义链DOCKER由于某种原因被清掉
    重启docker服务及可重新生成自定义链DOCKER
    Chain PREROUTING (policy ACCEPT)
    target     prot opt source               destination        
    DOCKER     all  --  0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL

    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination        

    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination        
    DOCKER     all  --  0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCAL

    Chain POSTROUTING (policy ACCEPT)
    target     prot opt source               destination        
    MASQUERADE  all  --  172.17.0.0/16        0.0.0.0/0          
    MASQUERADE  tcp  --  172.17.0.2           172.17.0.2           tcp dpt:8080

    Chain DOCKER (2 references)
    target     prot opt source               destination        
    RETURN     all  --  0.0.0.0/0            0.0.0.0/0          
    DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:8888 to:172.17.0.2:8080
    root@router:playbook#iptables -t nat -nL
    Chain PREROUTING (policy ACCEPT)
    target     prot opt source               destination        
    DOCKER     all  --  0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL

    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination        

    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination        
    DOCKER     all  --  0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCAL

    Chain POSTROUTING (policy ACCEPT)
    target     prot opt source               destination        
    MASQUERADE  all  --  172.17.0.0/16        0.0.0.0/0          
    MASQUERADE  tcp  --  172.17.0.2           172.17.0.2           tcp dpt:8080

    Chain DOCKER (2 references)
    target     prot opt source               destination        
    RETURN     all  --  0.0.0.0/0            0.0.0.0/0          
    DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:8888 to:172.17.0.2:8080

    解决:

    重启docker服务后再启动容器
    systemctl restart docker
    docker start foo
  • 相关阅读:
    项目经理手记
    自动填写版权信息
    在批处理中实现等待/延迟/暂停
    使用 PowerDesigner 设计数据库
    如何让PowerDesigner支持自动生成含SQL Server 2000的表和列注释的角本
    管理人员的招聘始末谈
    PowerDesign 6简易介绍
    PowerDesigner11.0使用总结
    用表单字段加亮的方式为用户提供友好的界面
    择才有道——企业招聘方式比较
  • 原文地址:https://www.cnblogs.com/wjcoding/p/11790738.html
Copyright © 2011-2022 走看看