Docker运行镜像报错处理
运行镜像报错:
[root@centos7-docker ~]# docker run -d -p 9000:9000 --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data --name prtainer-libai portainer/portainer
5537341ba53f4ce0e03ad1acd588681caa97f8a264daeb8bf3a868601cc6995e
docker: Error response from daemon: driver failed programming external connectivity on endpoint prtainer-libai (e43b0302d56b51c568f70f833b44e1b61e1a074fcaea60f2ffcc8e0ca5465d55): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 9000 -j DNAT --to-destination 172.17.0.2:9000 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1)).
1、停止docker服务
输入如下命令停止docker服务
systemctl stop docker
service docker stop
2、保存 iptables
输入如下命令:
iptables-save > /etc/sysconfig/iptables
保存之后的文件内容:
# Generated by iptables-save v1.4.21 on Sat Nov 24 13:53:13 2018
*nat
:PREROUTING ACCEPT [261:18558]
:INPUT ACCEPT [17:969]
:OUTPUT ACCEPT [4:304]
:POSTROUTING ACCEPT [4:304]
COMMIT
# Completed on Sat Nov 24 13:53:13 2018
# Generated by iptables-save v1.4.21 on Sat Nov 24 13:53:13 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1246:135222]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10001 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10002 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10003 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10004 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Sat Nov 24 13:53:13 2018
3、启动docker服务
保存了iptables后,可以重新启动docker了。输入如下命令:
systemctl start docker 或者service docker start
4、将docker设置为开机启动
设置过这个就不需要再设置了
systemctl enable docker
5、启动容器
最后启动容器,发现不再报错了。
docker start 容器id/名字