内容简介:【解决】docker启动报错:Running modprobe xt_conntrack failed with message: `modprobe: ERROR: could not insert 'xt_conntrack'......2019-5-9昨天给一台新机器装安装docker,但报错了,解决了一整天也没有头绪。今天起了个大早,破天荒的吃了早饭,然后继续解决。终于找到了问题。
【解决】docker启动报错:Running modprobe xt_conntrack failed with message: `modprobe: ERROR: could not insert 'xt_conntrack'......
2019-5-9
昨天给一台新机器装安装docker,但报错了,解决了一整天也没有头绪。今天起了个大早,破天荒的吃了早饭,然后继续解决。终于找到了问题。
报错详情:
ocker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since 四 2019-05-09 10:00:57 CST; 5s ago
Docs: http://docs.docker.com
Process: 1489 ExecStart=/usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt native.cgroupdriver=systemd --userland-proxy-path=/usr/libexec/docker/docker-proxy-current --init-path=/usr/libexec/docker/docker-init-current --seccomp-profile=/etc/docker/seccomp.json $OPTIONS $DOCKER_STORAGE_OPTIONS $DOCKER_NETWORK_OPTIONS $ADD_REGISTRY $BLOCK_REGISTRY $INSECURE_REGISTRY $REGISTRIES (code=exited, status=1/FAILURE)
Main PID: 1489 (code=exited, status=1/FAILURE)
5月 09 10:00:56 VM_27_128_centos dockerd-current[1489]: time="2019-05-09T10:00:56.906755492+08:00" level=info msg="Loading containers: start."
5月 09 10:00:56 VM_27_128_centos dockerd-current[1489]: time="2019-05-09T10:00:56.949712004+08:00" level=warning msg="Running modprobe xt_conntrack failed with message: `modprobe: ERROR: could not insert 'xt_conntrack': Unknown symbol in module, or unknown parameter (see dmesg)\ninstall /bin/true \ninsmod /lib/modules/3.10.0-862.3.2.el7.x86_64/kernel/net/netfilter/xt_conntrack.ko.xz`, error: exit status 1"
5月 09 10:00:56 VM_27_128_centos dockerd-current[1489]: time="2019-05-09T10:00:56.951789512+08:00" level=info msg="Firewalld running: false"
5月 09 10:00:57 VM_27_128_centos dockerd-current[1489]: Error starting daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain: iptables failed: iptables --wait -t nat -N DOCKER: iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
5月 09 10:00:57 VM_27_128_centos dockerd-current[1489]: Perhaps iptables or your kernel needs to be upgraded.
5月 09 10:00:57 VM_27_128_centos dockerd-current[1489]: (exit status 3)
5月 09 10:00:57 VM_27_128_centos systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
5月 09 10:00:57 VM_27_128_centos systemd[1]: Failed to start Docker Application Container Engine.
5月 09 10:00:57 VM_27_128_centos systemd[1]: Unit docker.service entered failed state.
可以看到有一行 Running modprobe xt_conntrack failed with message: `modprobe: ERROR: could not insert 'xt_conntrack'
xt_conntrack 模块被加入了黑名单。
解决方法:
第一步:
打开/etc/modprobe.d/blacklist.conf可以看到这个黑名单中有以下内容
blacklist chsc_sch blacklist nf_conntrack blacklist nf_conntrack_ipv6 blacklist xt_conntrack blacklist nf_conntrack_ftp blacklist xt_state blacklist iptable_nat blacklist ipt_REDIRECT blacklist nf_nat blacklist nf_conntrack_ipv4
将 xt_conntrack 至 nf_conntrack_ipv4的都注释掉。
第二部:
打开/etc/modprobe.d/connectiontracking.conf
install nf_nat /bin/true install xt_state /bin/true install iptable_nat /bin/true install nf_conntrack /bin/true install nf_defrag_ipv4 /bin/true install nf_conntrack_ipv4 /bin/true install nf_conntrack_ipv6 /bin/true
这里的含义是如果发生install xxx的行为,跳过加载过程直接返回install /bin/true,所以也起到了加载模块屏蔽的作用。解决办法为将文件的后缀名进行修改,此处将其重命名为connectiontracking.conf.old使其失效(或将文件内容全部加上注释)
然后 重启你的 docker 吧~
systemctl start docker.service
启动成功~
感谢 https://bluesmilery.github.io/blogs/252e6902
标签:docker
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:
- Tomcat 7 启动分析(一)启动脚本
- dotnet 启动 JIT 多核心编译提升启动性能
- Win32 程序在启动时激活前一个启动程序的窗口
- 死磕Android_App 启动过程(含 Activity 启动过程)
- HADOOP 启动时 HDFS格式化后启动dfs出现以下错误:
- CentOS7 linux 安装 jdk、tomcat + 配置 tomcat 开机启动 + tomcat 快捷启动命令
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
