Closed nsychev closed 2 years ago
Hi @nsychev,
the problem is due to the newer iptables/nftables version installed on Ubuntu 20, that requires a lock file. During the plugin installation, you should mount xtables.lock
file of the host into the network plugin.
Kathará automatically configures katharanp following this behavior (see here).
However, you can manually achieve the same configuration by installing katharanp with this command:
docker plugin rm -f kathara/katharanp:latest
docker plugin install kathara/katharanp:amd64 xtables_lock.source="/var/run/xtables.lock"
Also, note that the latest
tag is used for retrocompatibilty, now you should use the architecture as plugin tag.
If you have any other problem, please do not hesitate to contact us. Mariano.
Oh, it works. Thanks a lot!
What about writing about it in readme? I really stuck on it like two weeks ago and at first thought Linux or Docker just don't allow to build configuration I want :)
Hi @nsychev, I'll close the issue and add a note in the readme :smile:
Hi @Skazza94!
After upgrading to 22.04, my Docker daemon crashed and didn't start :/
For some reason they removed xtables.lock
(while still using nftables
as backend), and so plugin crashed with “No such file or directory” error. I couldn't find a way to disable plugin without a need to start Docker daemon beforehand.
So, I had to do the following:
touch /var/run/xtables.lock
.docker plugin disable kathara/katharanp:amd64
docker plugin remove kathara/katharanp:amd64
docker plugin install kathara/katharanp:amd64
After that, it worked.
(just leaving a note here in case someone will receive the same error after upgrading)
@nsychev Kathara is working for me, also with your solution (starting terminals), but they don't have any network at all. When pinging a host it keeps getting 100% packet loss.
iptables -vL
does show the accept rule:
175 14700 ACCEPT all -- kt-611fe0fe933e kt-611fe0fe933e anywhere anywhere
0 0 ACCEPT all -- kt-46116dea0b17 kt-46116dea0b17 anywhere anywhere
5 420 ACCEPT all -- kt-bc62d9ab61fa kt-bc62d9ab61fa anywhere anywhere ```
Hi!
I'm trying to launch docker-compose network with your plugin. But hosts can't interact with each other.
My host is Ubuntu 20.04, Docker is 20.10.14, docker-compose is 1.29.2. Compose file:
Then I'm running bash in each container and executing
ip addr add 10.8.123.1/24 dev eth0
(and .2 for other container). Then I'm doingping 10.8.123.1
from the second one.Expected behaviour: successful ping.
Actual behaviour:
Packets are dropping somewhere. Containers receive each other mac addresses (they're shown in
arp -a
).Latter I launch
iptables -vL
on host and found that there is no accept rule fromkt-...
interface to itself. After adding it manually (iptables -A FORWARD -i kt-... -o kt-... -j ACCEPT
), it worked.I don't know how to collect any debug information on plugin, but I'd be glad to provide any useful information.