Container Station & Dind

notsee
First post
Posts: 1
Joined: Fri Jul 01, 2016 8:43 pm

Container Station & Dind

Postby notsee » Mon Aug 22, 2016 8:24 pm

Hello.

TS-251.
QTS 4.2.2
Container Station 1.6.1701

Don't work dind (docker in docker). Needs for Drone ci, Gitlab ci, etc...
Docker service don't start in container.

docker run --privileged -it --name some-docker docker

INFO[0000] libcontainerd: new containerd process, pid: 14
ERRO[0001] devmapper: Udev sync is not supported. This will lead to data loss and unexpected behavior. Install a dynamic binary to use devicemapper or select a different storage driver. For more information, see https://docs.docker.com/engine/referenc ... ver-option
ERRO[0001] 'overlay' not found as a supported filesystem on this host. Please ensure kernel is new enough and has overlay support loaded.
INFO[0001] Graph migration to content-addressability took 0.00 seconds
WARN[0001] Your kernel does not support kernel memory limit.
WARN[0001] mountpoint for pids not found
INFO[0001] Loading containers: start.
WARN[0001] Running modprobe bridge br_netfilter failed with message: modprobe: can't change directory to '/lib/modules': No such file or directory
, error: exit status 1
WARN[0001] Running modprobe nf_nat failed with message: `modprobe: can't change directory to '/lib/modules': No such file or directory`, error: exit status 1
WARN[0001] Running modprobe xt_conntrack failed with message: `modprobe: can't change directory to '/lib/modules': No such file or directory`, error: exit status 1
FATA[0001] Error starting daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain: Iptables not found

JaredReisinger
New here
Posts: 3
Joined: Tue Nov 15, 2016 11:51 am

Re: Container Station & Dind

Postby JaredReisinger » Fri Jun 02, 2017 8:07 am

I'm having the same problem, stemming from an incomplete iptables installation on my QNAP TS-451+ (Running QTS 4.3.3.0188 build 20170516). I've seen the posts that say "don't use the NAS as a security device", but I/we are not trying to that. Docker needs to be able to perform some iptable magic in order to get docker networks/containers communicating with each other in expected ways.

From what I've been able to tell, it's the lack of the "xt_conntrack" module that prevents some critical iptable nat PREROUTING rules from jumping to the DOCKER chain (the command docker uses is: "iptables --wait -t nat -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER", after having created a chain called "DOCKER". The error is (unrolled to make it easier to read):
Error starting daemon:
Error initializing network controller:
Error creating default "bridge" network:
Failed to program NAT chain:
Failed to inject docker in PREROUTING chain:
iptables failed:

iptables --wait -t nat -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER

: iptables: No chain/target/match by that name.


How hard would it be to get a viable xt_conntrack added to the available modules?

Thanks!

benfishbus
New here
Posts: 9
Joined: Mon Sep 05, 2016 6:12 am

Re: Container Station & Dind

Postby benfishbus » Thu Aug 09, 2018 12:36 pm

Hey! One year later, I am seeing this problem with docker daemon on Container Station 1.8.3103. Is it possible to compile our own kernel modules?


Return to “Container Station”

Who is online

Users browsing this forum: Vortax and 1 guest