Bug ID 1046024
Summary Docker networking broken after boot
Classification openSUSE
Product openSUSE Distribution
Version Leap 42.2
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Other
Assignee bnc-team-screening@forge.provo.novell.com
Reporter adam@mizerski.pl
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

After reboot docker networking is usually broken, with various symptoms.

Sometimes the containers are created, but have not network inside.

Sometimes creating container fails with the following message:
docker: Error response from daemon: driver failed programming external
connectivity on endpoint twister
(46c42ea16960cd7002792b62e844c68f560a1ec336061dd8ef4a03a53e1ab7d6): iptables
failed: iptables --wait -t filter -A DOCKER ! -i docker0 -o docker0 -p tcp -d
172.17.0.2 --dport 28332 -j ACCEPT: iptables: No chain/target/match by that
name.
 (exit status 1).

Fixing this is possible by restarting docker service, but sometimes it also
requires restarting Networkmanager or SuSEFirewall2 before and manually
deleting docker0 bridge interface.

On the internet I've found various reports and solutions, but couldn't find
anything reliable.

I suspect it's a race condition to iptables between docker and SuSEFirewall2.

It might be also a problem with systemd. Archlinux wiki has some hints:
https://wiki.archlinux.org/index.php/Docker

You are receiving this mail because: