On Wed, Jan 19, 2022 at 7:00 AM Robert Yang <liezhi.yang@...> wrote:

Fixed when kernel-module-xt-nat is not installed:
$ docker run --rm -it -p 80:80 alpine

docker: Error response from daemon: driver failed programming external connectivity on endpoint elated_cori
Try `iptables -h' or 'iptables --help' for more information.
(exit status 2)).

There's already a pending patch for similar changes, I'm still
working through the unification of the meta-virt fragments and the
kernel-cache fragments, so I'm not doing any of the RRECOMMENDS
changes at the moment, until I have that unified.
Since we can recommend all we want, but it can't fix a bad
configuration, and that's the issue.

Bruce

Signed-off-by: Robert Yang <liezhi.yang@...>
---
recipes-containers/docker/docker.inc | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/recipes-containers/docker/docker.inc b/recipes-containers/docker/docker.inc
index 40a3642c..e7bdc388 100644
--- a/recipes-containers/docker/docker.inc
+++ b/recipes-containers/docker/docker.inc
@@ -29,7 +29,13 @@ RDEPENDS:${PN} = "util-linux util-linux-unshare iptables \
"
RDEPENDS:${PN} += "virtual-containerd virtual-runc"

-RRECOMMENDS:${PN} = "kernel-module-dm-thin-pool kernel-module-nf-nat kernel-module-nf-conntrack-netlink kernel-module-xt-addrtype kernel-module-xt-masquerade"
+RRECOMMENDS:${PN} = "kernel-module-dm-thin-pool \
+ kernel-module-nf-nat \
+ kernel-module-nf-conntrack-netlink \
+ kernel-module-xt-addrtype \
+ kernel-module-xt-masquerade \
+ kernel-module-xt-nat \
+ "

PROVIDES += "virtual/docker"

--
2.17.1

--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II