docs icon indicating copy to clipboard operation
docs copied to clipboard

Published 20 hours ago verified publisher icon docker

Docker daemon does not start on Ubuntu 22.04 LTS

Open dgarciarubio opened this issue 3 years ago • 4 comments
trafficstars

File: engine/install/ubuntu.md

After carefully following the installation guide in the referenced document, it is not possible to start the docker daemon. The following error is thrown in the console:

failed to start daemon: Error initializing network controller: error obtaining controller instance: unable to add return rule in DOCKER-ISOLATION-STAGE-1 chain:  (iptables failed: iptables --wait -A DOCKER-ISOLATION-STAGE-1 -j RETURN: iptables v1.8.7 (nf_tables):  RULE_APPEND failed (No such file or directory): rule in chain DOCKER-ISOLATION-STAGE-1
 (exit status 4))

According to this blog entry, this is due to Ubuntu 22.04 LTS using iptables-nft instead of iptables-legacy by default, which breaks how the docker daemon works apparently.

Maybe the documentation should be updated to reflect that this default behavior must be changed on Ubuntu 22.04 LTS.

dgarciarubio avatar Jun 17 '22 19:06 dgarciarubio

Also getting this. Is this likely to get fixed?

ukd1 avatar Aug 04 '22 20:08 ukd1

Me too. A breaker for me. Still not working after setting iptables to legacy

spicysomtam avatar Aug 15 '22 14:08 spicysomtam

I had the same problem. Found a solution and explained here

etxealaikoion avatar Sep 28 '22 10:09 etxealaikoion

My issue fixed for a while and then I had to upgrade my storage type from aufs to overlay2. That meant wiping all my images and starting again. Guess I have been using docker a long time and someone decided not to support aufs (on ubuntu 22.04) any more (or somehow aufs was no longer configured). Rather than waste time figuring out what changed I decided to keep software up to date and switch to overlay2. Hope this helps someone.

spicysomtam avatar Sep 28 '22 11:09 spicysomtam

Has anyone figured out a solution? I switched to iptables-legacy but I guess Docker employs iptables syntax which is different than what's compatible still with iptables-legacy

I'm loathe to downgreade iptables-legacy

(iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 5566 -j DNAT --to-destination 172.17.0.2:5566 ! -i docker0: iptables v1.8.7 (legacy): unknown option "--to-destination"

alanpaulkwan avatar Oct 30 '22 03:10 alanpaulkwan

There hasn't been any activity on this issue for a long time. If the problem is still relevant, mark the issue as fresh with a /remove-lifecycle stale comment. If not, this issue will be closed in 14 days. This helps our maintainers focus on the active issues.

Prevent issues from auto-closing with a /lifecycle frozen comment.

/lifecycle stale

docker-robott avatar Jan 28 '23 01:01 docker-robott

Closed issues are locked after 30 days of inactivity. This helps our team focus on active issues.

If you have found a problem that seems similar to this, please open a new issue.

/lifecycle locked

docker-robott avatar Mar 24 '23 03:03 docker-robott