Known Issue with Docker 1.8 on Oracle Linux 7 Using Firewalld & SELinux with btrfs Storage Driver (Doc ID 2208037.1)

Last updated on DECEMBER 31, 2016

Applies to:

Linux OS - Version Oracle Linux 7.0 with Unbreakable Enterprise Kernel [3.8.13] to Oracle Linux 7.0 [Release OL7]
Linux x86-64

Symptoms

Docker 1.8 had an issue with firewalld as per https://docs.oracle.com/cd/E37670_01/E75728/html/section_kfy_f2z_fp2.html.

The workaround is to disable either SELinux or firewalld. If you do not disable SELinux to use the btrfs storage engine with Docker, disable firewalld. If you require a system firewall, you can use iptables and ip6tables instead of firewalld.

Does this issue is fixed ?

 

Changes

 With Docker 1.8 On OL7 under and RHCK 3.10 kernels the following issue is observed:

Sep 02 09:57:07 localhost.localdomain docker[1390]: time="2015-09-02T09:57:07.174270885-04:00" level=warning msg="Running modprobe bridge nf_nat br_netfilter failed with message: modprobe: WARNING: Module br_netfilter not found.\n, error: exit status 1"
Sep 02 09:58:36 localhost.localdomain systemd[1]: docker.service operation timed out. Terminating.

In /boot/config-3.8.13-98.2.1.el7uek.x86_64 we have the following options:

CONFIG_NETFILTER=y
CONFIG_NETFILTER_ADVANCED=y
CONFIG_BRIDGE_NETFILTER=y
so it is not compiled as module and docker trying to load a module would fail as above.

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms