First of all, please let me know, if this is not right place for a question.
I'm a newbie to Yocto Project and consisting running environment of podman. I enabled virtualization layer, podman and iproute2. Now podman can run container without port mapping. But below error occurs when I use port mapping as below. Can I get any clue about it? root@qemux86-64:/media/disk# podman run -dit -p 8080:80 httpd [ 1055.281577] cni-podman0: port 1(vethefec5ab0) entered blocking state [ 1055.282447] cni-podman0: port 1(vethefec5ab0) entered disabled state [ 1055.283999] device vethefec5ab0 entered promiscuous mode [ 1055.507799] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 1055.508566] IPv6: ADDRCONF(NETDEV_CHANGE): vethefec5ab0: link becomes ready [ 1055.509053] cni-podman0: port 1(vethefec5ab0) entered blocking state [ 1055.509417] cni-podman0: port 1(vethefec5ab0) entered forwarding state WARN[0003] Failed to load cached network config: network podman not found in CNI cache, falling back to loading network podman from disk [ 1058.204483] cni-podman0: port 1(vethefec5ab0) entered disabled state [ 1058.232123] device vethefec5ab0 left promiscuous mode [ 1058.232665] cni-podman0: port 1(vethefec5ab0) entered disabled state Error: plugin type="portmap" failed (add): cni plugin portmap failed: unable to create chain CNI-HOSTPORT-SETMARK: running [/usr/sbin/iptables -t nat -C CNI-HOSTPORT-SETMARK -m comment --comment CNI portfwd masquerade mark -j MARK --set-xmark 0x2000/0x2000 --wait]: exit status 2: iptables v1.8.7 (legacy): *unknown option "--set-xmark"* Try `iptables -h' or 'iptables --help' for more information. Kernel configuration is root@qemux86-64:/media/disk# bash check-config.sh info: reading kernel config from /proc/config.gz ... Generally Necessary: - cgroup hierarchy: properly mounted [/sys/fs/cgroup] - CONFIG_NAMESPACES: enabled - CONFIG_NET_NS: enabled - CONFIG_PID_NS: enabled - CONFIG_IPC_NS: enabled - CONFIG_UTS_NS: enabled - CONFIG_CGROUPS: enabled - CONFIG_CGROUP_CPUACCT: enabled - CONFIG_CGROUP_DEVICE: enabled - CONFIG_CGROUP_FREEZER: enabled - CONFIG_CGROUP_SCHED: enabled - CONFIG_CPUSETS: enabled - CONFIG_MEMCG: enabled - CONFIG_KEYS: enabled - CONFIG_VETH: enabled - CONFIG_BRIDGE: enabled - CONFIG_BRIDGE_NETFILTER: enabled - CONFIG_IP_NF_FILTER: enabled (as module) - CONFIG_IP_NF_MANGLE: enabled (as module) - CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module) - CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module) - CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module) - CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module) - CONFIG_NETFILTER_XT_MARK: enabled (as module) - CONFIG_IP_NF_NAT: enabled (as module) - CONFIG_NF_NAT: enabled (as module) - CONFIG_POSIX_MQUEUE: enabled - CONFIG_CGROUP_BPF: enabled Optional Features: - CONFIG_USER_NS: enabled - CONFIG_SECCOMP: enabled - CONFIG_SECCOMP_FILTER: enabled - CONFIG_CGROUP_PIDS: enabled - CONFIG_MEMCG_SWAP: enabled (cgroup swap accounting is currently enabled) - CONFIG_BLK_CGROUP: enabled - CONFIG_BLK_DEV_THROTTLING: missing - CONFIG_CGROUP_PERF: enabled - CONFIG_CGROUP_HUGETLB: missing - CONFIG_NET_CLS_CGROUP: enabled (as module) - CONFIG_CGROUP_NET_PRIO: enabled - CONFIG_CFS_BANDWIDTH: missing - CONFIG_FAIR_GROUP_SCHED: enabled - CONFIG_IP_NF_TARGET_REDIRECT: enabled (as module) - CONFIG_IP_VS: enabled (as module) - CONFIG_IP_VS_NFCT: missing - CONFIG_IP_VS_PROTO_TCP: missing - CONFIG_IP_VS_PROTO_UDP: missing - CONFIG_IP_VS_RR: missing - CONFIG_SECURITY_SELINUX: missing - CONFIG_SECURITY_APPARMOR: missing - CONFIG_EXT4_FS: enabled - CONFIG_EXT4_FS_POSIX_ACL: enabled - CONFIG_EXT4_FS_SECURITY: enabled - Network Drivers: - "overlay": - CONFIG_VXLAN: enabled (as module) - CONFIG_BRIDGE_VLAN_FILTERING: enabled Optional (for encrypted networks): - CONFIG_CRYPTO: enabled - CONFIG_CRYPTO_AEAD: enabled - CONFIG_CRYPTO_GCM: enabled - CONFIG_CRYPTO_SEQIV: enabled - CONFIG_CRYPTO_GHASH: enabled - CONFIG_XFRM: enabled - CONFIG_XFRM_USER: enabled (as module) - CONFIG_XFRM_ALGO: enabled - CONFIG_INET_ESP: enabled (as module) - CONFIG_NETFILTER_XT_MATCH_BPF: enabled (as module) - "ipvlan": - CONFIG_IPVLAN: enabled - "macvlan": - CONFIG_MACVLAN: enabled - CONFIG_DUMMY: enabled (as module) - "ftp,tftp client in container": - CONFIG_NF_NAT_FTP: enabled (as module) - CONFIG_NF_CONNTRACK_FTP: enabled (as module) - CONFIG_NF_NAT_TFTP: enabled (as module) - CONFIG_NF_CONNTRACK_TFTP: enabled (as module) - Storage Drivers: - "btrfs": - CONFIG_BTRFS_FS: enabled - CONFIG_BTRFS_FS_POSIX_ACL: enabled - "overlay": - CONFIG_OVERLAY_FS: enabled - "zfs": - /dev/zfs: missing - zfs command: missing - zpool command: missing Limits: - /proc/sys/kernel/keys/root_maxkeys: 1000000 Thanks, Chris.
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8551): https://lists.yoctoproject.org/g/meta-virtualization/message/8551 Mute This Topic: https://lists.yoctoproject.org/mt/103923738/21656 Mute #meta-virtualization:https://lists.yoctoproject.org/g/meta-virtualization/mutehashtag/meta-virtualization Group Owner: meta-virtualization+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-