docker0: iptables: No chain/target/match by that name错误处理
今天运行这个命令时报错docker run -it --name Haproxy --link app1:app1 --link app2:app2 -p 6302:6301 -v ~/Projects/HAProxy:/tmp haproxy /bin/bash
报错信息:
docker: Error response from daemon: failed to create endpoint Haproxy on network bridge: iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 6302 -j DNAT --to-destination 192.168.0.8:6301 ! -i docker0: iptables: No chain/target/match by that name.
看着信息提示,可以大概知道iptables配置的问题,且跟docker有关。
查看iptables配置文件
cat /etc/sysconfig/iptables (主要是filter和nat的配置)
*filter
:INPUT DROP
:FORWARD ACCEPT
:OUTPUT ACCEPT
:syn-flood -
-A INPUT -i lo -j ACCEPT
*nat
:PREROUTING ACCEPT
:INPUT ACCEPT
:OUTPUT ACCEPT
:POSTROUTING ACCEPT
:OUTPUT_direct -
:POSTROUTING_ZONES -
:POSTROUTING_ZONES_SOURCE -
这里看到filter和nat并没有docker的配置信息,所以添加上对应的信息如下:
*filter
:INPUT DROP
:FORWARD ACCEPT
:OUTPUT ACCEPT
:syn-flood -
:DOCKER -
*nat
:PREROUTING ACCEPT
:INPUT ACCEPT
:OUTPUT ACCEPT
:DOCKER -
重启iptables
sudo systemctl restart iptables.service
重新启动容器即可
页:
[1]