[
https://ovirt-jira.atlassian.net/browse/OVIRT-2340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Barak Korren updated OVIRT-2340:
--------------------------------
Epic Link: OVIRT-2339
> Unable to run containers with the '-p' option
> ---------------------------------------------
>
> Key: OVIRT-2340
> URL: https://ovirt-jira.atlassian.net/browse/OVIRT-2340
> Project: oVirt - virtualization made easy
> Issue Type: Bug
> Components: Jenkins Slaves
> Reporter: Barak Korren
> Assignee: infra
> Priority: High
>
> When trying to run containers that expose ports we can get the following
> error:
> {code}
> /usr/bin/docker-current: Error response from daemon: driver failed
> programming external connectivity on endpoint silly_sammet
> (90b600ff5b0e6c2e708e8cd5086b518596dbe7ac4fa2735bec52d3a88e1ae004):
> (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 4444
> -j DNAT --to-destination 172.17.0.2:3333 ! -i docker0: iptables: No
> chain/target/match by that name.
> (exit status 1)).
> {code}
> We can reproduce this for example wiht the following command:
> {code}
> sudo docker run -it --rm -p 4444:3333 centos
> {code}
> Further information:
> # This seems to be happening because the "DOCKER" chain is missing in
> iptables.
> # We've seen this happen constantly on FC28 slaves but not on EL7 slaves
> # Restarting the docker service recreates the iptables chain and effectively
> resolves the issue
--
This message was sent by Atlassian Jira
(v1001.0.0-SNAPSHOT#100089)
_______________________________________________
Infra mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/[email protected]/message/L7GPSXBHSUJHW7W3GOBATVYHVS5G2BIR/
