------- Comment From [email protected] 2016-03-16 15:36 EDT------- It looks like the appropriate fix for this is to add a TasksMax= line into the docker service file.
If you look at the pids.max file for docker, it's 512: $ sudo cat /sys/fs/cgroup/pids/system.slice/docker.service/pids.max 512 For reference: $ sudo cat /sys/fs/cgroup/pids/system.slice/pids.max max ... and this happens: ~$ docker run --rm -it -p 600-750 busybox /bin/sh docker: Error response from daemon: failed to create endpoint gigantic_hamilton on network bridge: iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 32910 -j DNAT --to-destination 172.17.0.2:626 ! -i docker0: (fork/exec /sbin/iptables: resource temporarily unavailable). If you change it to max (as a test), then the docker command mapping lots of ports works: # echo max > /sys/fs/cgroup/pids/system.slice/docker.service/pids.max $ docker run --rm -it -p 600-750 busybox /bin/sh / # Putting it back to test the systemd way: # echo 512 > /sys/fs/cgroup/pids/system.slice/docker.service/pids.max ... still fails: $ docker run --rm -it -p 600-750 busybox /bin/sh docker: Error response from daemon: failed to create endpoint drunk_bohr on network bridge: iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 33195 -j DNAT --to-destination 172.17.0.2:626 ! -i docker0: (fork/exec /sbin/iptables: resource temporarily unavailable). Changing the service file: $ sudo vi /lib/systemd/system/docker.service [insert TasksMax=1048576] $ sudo systemctl daemon-reload $ sudo systemctl restart docker Testing again: $ docker run --rm -it -p 600-750 busybox /bin/sh / # So, it's up to the Canonical guys/gals *g* as to what they want to set the TasksMax value to. Thanks, - Christy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1557669 Title: port binding issues with docker-1.10.2 on Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1557669/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
