我有一个全新安装的 Fedora 32,并在其上安装了 docker(来自这些指示)。
[muhammadtaqi@muhammadtaqi-hp-probook-450-g5 ~]$ docker version
Client:
Version: 19.03.11
API version: 1.40
Go version: go1.14.3
Git commit: 42e35e6
Built: Sun Jun 7 21:16:58 2020
OS/Arch: linux/amd64
Experimental: false
Server:
Engine:
Version: 19.03.11
API version: 1.40 (minimum version 1.12)
Go version: go1.14.3
Git commit: 42e35e6
Built: Sun Jun 7 00:00:00 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.3.3
GitCommit:
runc:
Version: 1.0.0-rc10+dev
GitCommit: fbdbaf85ecbc0e077f336c03062710435607dbf1
docker-init:
Version: 0.18.0
GitCommit:
之后,我拉取图像并启动容器,但它在启动时就存在了。
[muhammadtaqi@muhammadtaqi-hp-probook-450-g5 ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
94d0275dcdb5 hello-world "/hello" 8 minutes ago Exited (0) 8 minutes ago vibrant_ptolemy
d5a79a7073f0 hello-world "/hello" 11 minutes ago Exited (0) 2 minutes ago gracious_jones
[muhammadtaqi@muhammadtaqi-hp-probook-450-g5 ~]$ docker start gracious_jones
gracious_jones
[muhammadtaqi@muhammadtaqi-hp-probook-450-g5 ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
94d0275dcdb5 hello-world "/hello" 9 minutes ago Exited (0) 9 minutes ago vibrant_ptolemy
d5a79a7073f0 hello-world "/hello" 11 minutes ago Exited (0) 3 seconds ago gracious_jones
容器启动了几秒钟,在另一个终端,我登录到该容器ping google.com,但 ping 不起作用。
有什么解决办法吗,我在 Ubuntu 上做同样的事情,它可以在那里工作,但在 Fedora 32 上我遇到了这个问题。
答案1
Docker 无法使用 nftables,默认情况下 fedora32 会使用它来管理防火墙规则。您需要更新/etc/firewalld/firewalld.conf文件并将 FirewallBackend 的值设置为:
FirewallBackend=iptables