docker端口映射或启动容器时报错  Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen

现象:

[root@localhost ~]# docker run -d -p 9000:80 centos:httpd /bin/sh -c /usr/local/bin/start.sh
d5b2bd5a7bc4895a973fe61efd051847047d26385f65c278aaa09e4fa31c4d76
docker: Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen (6bda693d1143657e46bee0300276aa05820da2b21a3d89441e820d1a274c48b6): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 9000 -j DNAT --to-destination 172.17.0.2:80 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1)).

[root@localhost ~]# docker start d5b2bd5a7bc4 
Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen (4127da7466709fd45695a1fbe98e13c2ac30c2a554e18fb902ef5a03ba308438): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 9000 -j DNAT --to-destination 172.17.0.2:80 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1))
Error: failed to start containers: d5b2bd5a7bc4

原因:
docker服务启动时定义的自定义链DOCKER由于 centos7 firewall 被清掉

firewall的底层是使用iptables进行数据过滤,建立在iptables之上,这可能会与 Docker 产生冲突。

当 firewalld 启动或者重启的时候,将会从 iptables 中移除 DOCKER 的规则,从而影响了 Docker 的正常工作。

当你使用的是 Systemd 的时候, firewalld 会在 Docker 之前启动,但是如果你在 Docker 启动之后再启动 或者重启 firewalld ,你就需要重启 Docker 进程了。

重启docker服务及可重新生成自定义链DOCKER

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DOCKER     all  --  0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCALChain INPUT (policy ACCEPT)
target     prot opt source               destination        Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
DOCKER     all  --  0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCALChain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  172.17.0.0/16        0.0.0.0/0
MASQUERADE  tcp  --  172.17.0.2           172.17.0.2           tcp dpt:8080Chain DOCKER (2 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:8888 to:172.17.0.2:8080
root@router:playbook#iptables -t nat -nL
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DOCKER     all  --  0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCALChain INPUT (policy ACCEPT)
target     prot opt source               destination        Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
DOCKER     all  --  0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCALChain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  172.17.0.0/16        0.0.0.0/0
MASQUERADE  tcp  --  172.17.0.2           172.17.0.2           tcp dpt:8080Chain DOCKER (2 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:8888 to:172.17.0.2:8080

解决:
重启docker服务后再启动容器
systemctl restart docker
docker start foo

docker端口映射或启动容器时报错 driver failed programming external connectivity on endpoint quirky_allen相关推荐

  1. docker端口映射或启动容器时报错 driver failed programming external connectivity on endpoint

    docker端口映射或启动容器时报错 Error response from daemon: driver failed programming external connectivity on en ...

  2. 启动docker容器报错 driver failed programming external connectivity on endpoint

    启动docker容器报错 driver failed programming external connectivity on endpoint

  3. docker端口映射或启动容器时报错Error response from daemon: Container is not running

    docker端口映射或启动容器时: docker exec -it 7c5a2350c4cb /bin/bash 出现了错误: Error response from daemon: Containe ...

  4. docker端口映射或启动容器时报错Error response from daemon: Container 7c5a2350c4cb2370d8aba94eef9cec4a6c2ac3207030

    现象: docker exec -it 7c5a2350c4cb /bin/bash Error response from daemon: Container 7c5a2350c4cb2370d8a ...

  5. docker报错:driver failed programming external connectivity on endpoint, iptables:No chain by that name

    docker 报错: Error response from daemon: Cannot restart container hello: driver failed programming ext ...

  6. docker 报错:driver failed programming external connectivity on endpoint

    文章目录 1. 报错信息 2. 解决办法 1. 报错信息 Cannot start service nacos: driver failed programming external connecti ...

  7. docker: Error response from daemon: driver failed programming external connectivity on endpoint yout

    启动容器报错: docker: Error response from daemon: driver failed programming external connectivity on endpo ...

  8. docker: Error response from daemon: driver failed programming external connectivity on endpoint

    错误现象 => 启动 rancher server 时出现网络故障,如下: docker: Error response from daemon: driver failed programmi ...

  9. Docker常见问题1: driver failed programming external connectivity on endpoint

    问题 docker-compose up -d 启动服务时出现以下错误 ERROR: for product-1.0 Cannot start service product-1.0: driver ...

最新文章

  1. 你应该知道的 5 个 Docker 工具
  2. 证明矩阵添加一列(行),则其秩或不变,或增加1
  3. 13个大奖任你拿,网易MINI开发挑战赛强势来袭!
  4. 硬件:电脑DNS出现错误对应的解决方案
  5. 【渝粤题库】广东开放大学 会展英语 形成性考核
  6. 逻辑右移和算术右移区别
  7. python持久化数据_Python数据持久化-mysql篇
  8. ZZULIOJ 1917: E
  9. C语言学习心得 Caiwentao
  10. 2022年Java常用的框架汇总,你常用哪一个?
  11. 全志F1C100s使用记录:资料索引与基础说明
  12. 分布式光伏风电新能源电站并网必备须知:正反向隔离装置组网-也适用于微网储能虚拟电厂
  13. 冲突域和广播域区别,集线器、交换机和路由器对比
  14. 计算机怎样使操作家长控制,孩子自制力差 电脑设置家长控制技巧图文详细教程...
  15. 烤仔TVのCCW | 交易的生命周期
  16. 《清单革命》的读后感优秀范文3900字
  17. bash: ./deviceQuery.cpp: 权限不够;bash: ./deviceQuery: 没有那个文件或目录
  18. Java POI导出word文件及生成表格
  19. 【Java基础篇】封装(Encapsulation)
  20. Windows 7下硬盘安装Ubuntu 14.04图文教程

热门文章

  1. Linux_LVMQuota
  2. altium designer PCB板厚度设置
  3. 韦东山u-boot、kernel打补丁操作
  4. 优雅的在React项目中使用Redux
  5. debian7get源,自动设置get源
  6. dataTable() 与 DataTable() 的差别与处理方式
  7. zabbix配置外部邮件服务器进行邮件报警
  8. VM8不能安装64位操作系统原因解析
  9. 网络工程师学习资料:路由器配置案例分析
  10. 2020年球云计算市值或将达4490亿欧元