我正在尝试在 dragonboard 410c 上安装 docker,但在尝试运行时出现错误systemctl start docker:
failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: iptables failed: iptables --wait -t nat -N DOCKER: iptables v1.8.2 (nf_tables): CHAIN_ADD failed (No such file or directory): chain PREROUTING
使用此处的脚本检查了必要的内核模块: https://github.com/moby/moby/blob/master/contrib/check-config.sh
我发现我缺少:NETFILTER_XT_MATCH_IPVS 和其他几个可选内核模块。但是,添加此模块后,安装 docker 后仍然出现相同的错误。我是否需要其他“可选”内核模块?
Docker 版本:
Version: 19.03.1
API version: 1.40
Go version: go1.12.5
Git commit: 74b1e89
Built: Thu Jul 25 21:26:42 2019
OS/Arch: linux/arm64
Experimental: false
Linux:
Linux linaro-alip 4.14.96 aarch64 GNU/Linux
答案1
就我而言,问题不是缺少内核模块,而是 debian buster 使用 nftables 而不是 iptables 进行 nat,如下所述:
https://forums.docker.com/t/failing-to-start-dockerd-failed-to-create-nat-chain-docker/78269
上述解决方案(切换到旧版)对我有用:
sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy