docker运行报错docker0: iptables: No chain/target/match by that name.

转自:https://blog.csdn.net/wohaqiyi/article/details/84450562

docker运行报错docker0: iptables: No chain/target/match by that name.
最近在一个新的服务器上装服务，没有安装iptables ,后来安装了iptables 之后，忽然发现我的docker 不能运行了。
注意，可能别人的不行，我这个原因是，开始在新服务器上没有安装iptables ，先安装的docker ,后来才停用默认的firewall ,安装了iptables,就出现了这样的问题。其他原因，我不知道这方法可行不？先看错误：
运行时报出了以下错误：
————————————————

启动docker服务报错
Error response from daemon: No such container: yn-userservice-30000
26126ca87430b74c3987817492cc890e72c36e2fec10d807e362a12f22365160
/usr/bin/docker-current: Error response from daemon: driver failed programming external
 connectivity on endpoint yn-userservice-30000 (5d083ef51f932ac24936713ab3bc1cece9d47feabf4a916cf5da12a4fb2a122a):  
 (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 30000 -j DNAT --to-
 destination 172.17.0.2:30000 ! -i docker0: iptables: No chain/target/match by that name.

后来在网上找了下，发现解决办法很简单，如下：

1、停止docker服务

输入如下命令停止docker服务

systemctl stop docker  或者service docker stop

停止成功的话，再输入docker ps 就会提示出下边的话：

Cannot connect to the Docker daemon. Is the docker daemon running on this host?

2、保存 iptables

输入如下命令：

iptables-save >  /etc/sysconfig/iptables

我发现防火墙的配置文件/etc/sysconfig/iptables前后文件如下，当然我是看不懂了，我也就会设置个入站端口
保存之前文件内容：

# sample configuration for iptables service
# you can edit this manually or use system-config-firewall
# please do not ask us to add additional ports/services to this default configuration
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10001 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10002 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10003 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10004 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

保存之后的文件内容：

# Generated by iptables-save v1.4.21 on Sat Nov 24 13:53:13 2018
*nat
:PREROUTING ACCEPT [261:18558]
:INPUT ACCEPT [17:969]
:OUTPUT ACCEPT [4:304]
:POSTROUTING ACCEPT [4:304]
COMMIT
# Completed on Sat Nov 24 13:53:13 2018
# Generated by iptables-save v1.4.21 on Sat Nov 24 13:53:13 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1246:135222]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10001 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10002 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10003 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10004 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Sat Nov 24 13:53:13 2018

3、启动docker服务

保存了iptables后,可以重新启动docker了。输入如下命令：

systemctl start docker 或者service docker  start

4、将docker设置为开机启动

设置过这个就不需要再设置了

systemctl enable docker

5、启动容器

最后启动容器，发现不再报错了。

docker start 容器id/名字

相关阅读:
win7系统内网共享打印机设置
 VS中无法打开Qt资源文件qrc
EF开发中EntityFramework在web.config中的配置问题
 【转】为什么你的硬盘容易坏？因为它转得实在是太快了
 AutoCAD批量导出点坐标
 【读书】《当我跑步时，我谈些什么》书评：我跑步时，只是跑着
 【C/C++】How to execute a particular function before main() in C?
【gdb】A brief introduction on how to use gdb
【Valgrind】How to check if we reading uninitialized memory in 10 min
【Valgrind】How to check buffer overflow/underflow in 10 mins
原文地址：https://www.cnblogs.com/ziye/p/11684765.html