[Solved] Docker Container Start Error: iptables: No chain/target/match by that name

docker run -d -p 8081:8090 ccr.ccs.tencentyun.com/bk.io/cmdb-standalone:latest
b05c9135de5b721170fcb60aaedb455309e90011c3cf5a92cbe38ef4e893ad7e
docker: Error response from daemon: driver failed programming external connectivity on endpoint epic_joliot (a8047c4842e82f901dd545f0a971de11d84ce3ea7e0bfcd1e9ca59e57dc0a2ef): (iptables failed: iptables –wait -t nat -A DOCKER -p tcp -d 0/0 –dport 8081 -j DNAT –to-destination 172.17.0.2:8090 ! -i docker0: iptables: No chain/target/match by that name.

Just look at this error: iptables: No chain/target/match by that name, you can see that it is related to iptables
Reason (guess).
If the gateway is closed when the docker service is started again, then the docker management network will not operate the network management configuration (chain docker), and then the gateway is restarted, resulting in the docker network can not be configured for the new container network, that is, no network management operation rights, do reboot processing

Solution:

service docker restart
or
systemctl restart  docker

During the deployment of docker, the CentOS 7 server started and stopped the firewalld service due to port problems. In CentOS 7, firewalld was used instead of iptables. Iptables will also be used after firewalld is started, which belongs to the relationship of reference. Therefore, when docker runs, there is no docker chain in iptables list. After restarting docker engine service, it will be added to iptables list. (it is necessary to study the docker network in depth.)

Another way:

systemctl stop firewalld
or
systemctl stop iptables

Similar Posts: