Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 915141 - app-containers/docker-24.0.6 add nftables use flag
Summary: app-containers/docker-24.0.6 add nftables use flag
Status: UNCONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: William Hubbs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-10-03 21:06 UTC by Reuben Martin
Modified: 2023-10-04 15:44 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Reuben Martin 2023-10-03 21:06:52 UTC 
By default docker tries to use the legacy iptables and will fail to start if the system is using nftable. (The "iptables" compatibility package from nftables does not mitigate this problem)

--Log output--
failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: COMMAND_FAILED: INVALID_IPV: 'ipv4' is not a valid backend or is unavailable
----

The ebuild needs an nftables flag, that when set adds the "--iptables=false" option to the daemon command in the systemd/openrc service units. With this option set the daemon will start correctly in an nftables environment.

Reproducible: Always