User Tools

Site Tools


software:docker

Docker

Fixes

Broken bridge with KVM (or anything else)

Docker sets a lot of automatic rules in your iptables. If you use a network bridge on your Linux box, you may want to change add an additional rule to avoid traffic generated on your bridge from being discarded by Docker.

$ EDITOR=vim sudo -E systemctl edit docker
[Service]
ExecStartPre=-/usr/sbin/iptables -I FORWARD -i br0 -j ACCEPT
ExecStopPost=/usr/sbin/iptables -D FORWARD -i br0 -j ACCEPT

(the “-” at the beginning tolerates failures. In this way, both if the rule doesn't exist or it's duplicate, a new one gets created and then delete during stopping)

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

Remember to adjust your iptables path according to the distro you are using.

More details and credit here and here

Errors

  • Cannot remove container using ZFS volume:
    • error:
      Error response from daemon: container 13229c2ec314a390bc2edf641c9d189ac1dcf69f6b56bb7e681f032cbc9bc329: driver "zfs" failed to remove root filesystem: exit status 1: "/sbin/zfs fs destroy -r zpool-docker/9a1252e3f5f687077620636855ae9de7aeabd41d4d9dd3e3bcb4892f90901a59" => cannot open 'zpool-docker/9a1252e3f5f687077620636855ae9de7aeabd41d4d9dd3e3bcb4892f90901a59': dataset does not exist
software/docker.txt · Last modified: 2023/04/30 17:15 by Michele Porelli