Docker: Known Issue with Docker 1.8 on Oracle Linux 7 Using Firewalld & SELinux with btrfs Storage Driver
(Doc ID 2208037.1)
Last updated on JUNE 01, 2024
Applies to:
Linux OS - Version Oracle Linux 7.0 with Unbreakable Enterprise Kernel [3.8.13] to Oracle Linux 7.0 [Release OL7]Oracle Cloud Infrastructure - Version N/A and later
Linux x86-64
Symptoms
Docker 1.8 had an issue with firewalld as per https://docs.oracle.com/cd/E37670_01/E75728/html/section_kfy_f2z_fp2.html.
The workaround is to disable either SELinux or firewalld. If you do not disable SELinux to use the btrfs storage engine with Docker, disable firewalld. If you require a system firewall, you can use iptables and ip6tables instead of firewalld.
Changes
With Docker 1.8 On OL7 under and RHCK 3.10 kernels the following issue is observed:
Sep 02 09:57:07 localhost.localdomain docker[1390]: time="2015-09-02T09:57:07.174270885-04:00" level=warning msg="Running modprobe bridge nf_nat br_netfilter failed with message: modprobe: WARNING: Module br_netfilter not found.\n, error: exit status 1"
Sep 02 09:58:36 localhost.localdomain systemd[1]: docker.service operation timed out. Terminating.
In /boot/config-3.8.13-98.2.1.el7uek.x86_64 we have the following options:
CONFIG_NETFILTER=y
CONFIG_NETFILTER_ADVANCED=y
CONFIG_BRIDGE_NETFILTER=y
so it is not compiled as module and docker trying to load a module would fail as above.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |