docker端口映射或启动容器时报错Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen
<p>现象:</p><p># docker run -d -p 9000:80 centos:httpd /bin/sh -c /usr/local/bin/start.sh<br>d5b2bd5a7bc4895a973fe61efd051847047d26385f65c278aaa09e4fa31c4d76<br>docker: Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen (6bda693d1143657e46bee0300276aa05820da2b21a3d89441e820d1a274c48b6):(iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 9000 -j DNAT --to-destination 172.17.0.2:80 ! -i docker0: iptables: No chain/target/match by that name.<br> (exit status 1)).</p>
<p># docker start d5b2bd5a7bc4 <br>Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen (4127da7466709fd45695a1fbe98e13c2ac30c2a554e18fb902ef5a03ba308438):(iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 9000 -j DNAT --to-destination 172.17.0.2:80 ! -i docker0: iptables: No chain/target/match by that name.<br> (exit status 1))<br>Error: failed to start containers: d5b2bd5a7bc4</p>
<p> </p>
<p><span><strong>原因:</strong></span><br><br><span>docker服务启动时定义的自定义链DOCKER由于某种原因被清掉<br>重启docker服务及可重新生成自定义链DOCKER</span><br>Chain PREROUTING (policy ACCEPT)<br>target prot opt source destination <br>DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL<br><br>Chain INPUT (policy ACCEPT)<br>target prot opt source destination <br><br>Chain OUTPUT (policy ACCEPT)<br>target prot opt source destination <br>DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL<br><br>Chain POSTROUTING (policy ACCEPT)<br>target prot opt source destination <br>MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 <br>MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:8080<br><br>Chain DOCKER (2 references)<br>target prot opt source destination <br>RETURN all -- 0.0.0.0/0 0.0.0.0/0 <br>DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8888 to:172.17.0.2:8080<br>root@router:playbook#iptables -t nat -nL<br>Chain PREROUTING (policy ACCEPT)<br>target prot opt source destination <br><span style="color: rgba(237, 28, 36, 1)"><strong>DOCKER</strong></span> all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL<br><br>Chain INPUT (policy ACCEPT)<br>target prot opt source destination <br><br>Chain OUTPUT (policy ACCEPT)<br>target prot opt source destination <br>DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL<br><br>Chain POSTROUTING (policy ACCEPT)<br>target prot opt source destination <br>MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 <br>MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:8080<br><br>Chain DOCKER (2 references)<br>target prot opt source destination <br>RETURN all -- 0.0.0.0/0 0.0.0.0/0 <br>DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8888 to:172.17.0.2:8080<br><span><strong><br>解决:</strong></span><br><span><br>重启docker服务后再启动容器<br>systemctl restart docker<br>docker start foo</span></p>
<p> </p>
<p> </p>
<p><span>参考资料:http://blog.sina.com.cn/s/blog_8ea8e9d50102wwf8.html</span></p><br><br>
来源:https://www.cnblogs.com/hailun1987/p/7518306.html
頁:
[1]