latest update (2/8/21) broke docker in container?

kyriazis · Feb 9, 2021

Hello,

yesterday I just upgraded packages and noticed that docker in my LXC containers stopped working. I found out that now /proc/sys is now mounted read-only inside the container, while previously it was mounted read-write. The errors I got in the container's syslog are:

Code:

Feb  9 16:38:11 <hostname> dockerd[490]: failed to start daemon: Error initializing network controller: error obtaining controller instance: Enabling IP forwarding failed: open /proc/sys/net/ipv4/ip_forward: read-only file system

Is there any way to get around that issue?

thank you!

George

juliokele · Feb 9, 2021

Hi George,

on PVE Host:
run: sysctl -w net.ipv4.ip_forward=1
for permanent change, uncomment the "net.ipv4.ip_forward=1" line in /etc/sysctl.conf

Julio

kyriazis · Feb 10, 2021

Thank you! That worked.

But why was docker working before, with net.ipv4.ip_forward=0 ? What changed? Anything else that might have been affected?

dariuszszyc · Feb 15, 2021

Thank you ! I had the same issue and setting ip_forward=1 on PVE Host worked!
I am also wondering what changed as docker used to work fine and suddenly - it stopped .

Interestingly - I didn't upgrade packages on PVE.

mokaz · Mar 29, 2022

Old thread but I've done that this way:

Code:

nano /etc/pve/lxc/100.conf
...
lxc.hook.autodev = sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
...

This in order not to enable ip_forward on the complete host.

Search

Search

latest update (2/8/21) broke docker in container?

kyriazis

Well-Known Member

juliokele

Renowned Member

kyriazis

Well-Known Member

dariuszszyc

Member

mokaz

Member