Greetings, i have reached this bug by googling the reason docker was refusing to start on my debian sid, it was erroring out with the following:
Nov 27 13:01:14 baol dockerd[15079]: time="2018-11-27T13:01:14.131445616+01:00" level=info msg="libcontainerd: new containerd process, pid: 15091" Nov 27 13:01:15 baol dockerd[15079]: time="2018-11-27T13:01:15.133232104+01:00" level=warning msg="failed to rename /var/lib/docker/tmp for background deletion: %!s(<nil>). Deleting synchronously" Nov 27 13:01:15 baol dockerd[15079]: time="2018-11-27T13:01:15.227253801+01:00" level=warning msg="devmapper: Usage of loopback devices is strongly discouraged for production use. Please use `--storage-opt dm.thinpooldev` or use `man docker` to refer to dm.thinpooldev section." Nov 27 13:01:15 baol dockerd[15079]: time="2018-11-27T13:01:15.252706875+01:00" level=warning msg="devmapper: Base device already exists and has filesystem xfs on it. User specified filesystem will be ignored." Nov 27 13:01:15 baol dockerd[15079]: time="2018-11-27T13:01:15.308337832+01:00" level=info msg="[graphdriver] using prior storage driver: devicemapper" Nov 27 13:01:15 baol dockerd[15079]: time="2018-11-27T13:01:15.335226999+01:00" level=info msg="Graph migration to content-addressability took 0.00 seconds" Nov 27 13:01:15 baol dockerd[15079]: time="2018-11-27T13:01:15.335414930+01:00" level=warning msg="Your kernel does not support cgroup rt period" Nov 27 13:01:15 baol dockerd[15079]: time="2018-11-27T13:01:15.335427499+01:00" level=warning msg="Your kernel does not support cgroup rt runtime" Nov 27 13:01:15 baol dockerd[15079]: time="2018-11-27T13:01:15.335691372+01:00" level=info msg="Loading containers: start." Nov 27 13:01:16 baol dockerd[15079]: time="2018-11-27T13:01:16.368680386+01:00" level=warning msg="could not create bridge network for id < bridge name docker0 while booting up from persistent state: Failed to program NAT chain: Failed to inject docker in PREROUTING chain: iptables failed: iptables --wait -t nat -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER: iptables v1.8.2 (nf_tables): RULE_APPEND failed (Invalid argument): rule in chain PREROUTING\n (exit status 4)" Nov 27 13:01:16 baol dockerd[15079]: time="2018-11-27T13:01:16.383664622+01:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address" Nov 27 13:01:16 baol dockerd[15079]: Error starting daemon: Error initializing network controller: Error creating default "bridge" network: Failed to program NAT chain: Failed to inject docker in PREROUTING chain: iptables failed: iptables --wait -t nat -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER: iptables v1.8.2 (nf_tables): RULE_APPEND failed (Invalid argument): rule in chain PREROUTING Nov 27 13:01:16 baol dockerd[15079]: (exit status 4) as this is due to docker generating an erroneous iptables command line for the new iptables that came in during the last update cycle. The problem is solved by running update-alternatives and selecting iptables-legacy as the default iptables binary. I think this bug can be transferred to upstream docker as this is something they need to fix on their side. Hope this helps, saludos -- Andrea Lusuardi - uovobw GPG ID: 1845639D313C1073
pgpb8BwO9_afc.pgp
Description: OpenPGP digital signature
