I made an assembly based on
Thinstation. Added package
docker. I run the distribution, everything loads without problems. Docker starts after downloading the distribution. I download
nginx:alpine and run it with port
80 forwarding. The container starts, there are no problems:
Code:
ts_0800273e9027:~# docker run --restart always --name mynginx -p 80:80 -d nginx:alpine
4fc242d58285: Loading layer [==================================================>] 5.855MB/5.855MB
4721bfafc708: Loading layer [==================================================>] 19.05MB/19.05MB
45b275e8a06d: Loading layer [==================================================>] 3.072kB/3.072kB
a43749efe4ec: Loading layer [==================================================>] 4.096kB/4.096kB
d6dd885da0bb: Loading layer [==================================================>] 3.584kB/3.584kB
c0e7c94aefd8: Loading layer [==================================================>] 7.168kB/7.168kB
Loaded image: nginx:alpine
a22e21817fbd4040e6cbf0d590180117ee88cecb1259080e7af4016b0931b5ce
ts_0800273e9027:~# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a22e21817fbd nginx:alpine "/docker-entrypoint.…" 10 seconds ago Up 9 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp mynginx
ts_0800273e9027:~# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 3678/docker-proxy
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2321/dropbear
tcp 0 0 :::80 :::* LISTEN 3685/docker-proxy
tcp 0 0 :::22 :::* LISTEN 2321/dropbear
The problem is that I can't connect even locally to the lifted container at the
localhost address.
Telnet also does not connect to port
80. The remote connection doesn't work either.
If I restart
docker.socket - access to the container from the outside is provided, I open the page in the browser.
I have rebuild the assembly with the ability to debug (
/usr/bin/docker d --debug -H fd://).
I attach the FULL docker download
docker.log.
After downloading the distribution, I rebooted
docker.socket and unloaded the log with debugging information. In the log I saw the difference between automatic loading of Docker when downloading the distribution and after restarting the
docker.socket service. There you can see that after restarting
docker.socket, new
iptables rules are prescribed, which were not prescribed at the initial boot. After that, the service became available from the outside.
Here is a comparison of the two logs.
I can't understand why RESTARTING the service causes adding new
iptables rules. Why doesn't this work on initial boot?
I also provide an infographic of the distribution download.
I also attach the full distribution startup log.