問題
在某臺centos7機器上,啟動docker服務
sudo systemctl start docker
報下列錯誤:
● docker.service - Docker Application Container EngineLoaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)Active: failed (Result: start-limit) since Fri 2025-02-07 16:17:41 CST; 3s agoDocs: https://docs.docker.com Process: 60262 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)Main PID: 60262 (code=exited, status=1/FAILURE)
該錯誤什么信息都沒有透露,但是我們可以通過查看docker日志,來進一步分析原因。
日志
查看 Docker 守護進程的日志,以獲取更多錯誤信息
sudo journalctl -u docker.service
得到下列日志信息:
Feb 07 16:10:17 localhost.localdomain dockerd[54216]: time="2025-02-07T16:10:17.194747005+08:00" level=info msg="Firewalld: docker zone already exists, return
Feb 07 16:10:17 localhost.localdomain dockerd[54216]: time="2025-02-07T16:10:17.691552194+08:00" level=warning msg="could not create bridge network for id 50d
Feb 07 16:10:17 localhost.localdomain dockerd[54216]: time="2025-02-07T16:10:17.771015154+08:00" level=info msg="stopping event stream following graceful shut
Feb 07 16:10:17 localhost.localdomain dockerd[54216]: failed to start daemon: Error initializing network controller: Error creating default "bridge" network:
Feb 07 16:10:17 localhost.localdomain systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Feb 07 16:10:17 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
基本能夠斷定Linux的防火墻和docker的網絡沖突導致的
解決
首先查看防火墻配置,命令如下:
firewall-cmd --list-all-zones
會看到docker0的配置,此時需要將docker0的配置刪除
如果docker0在public,刪除命令是:
firewall-cmd --zone=public --remove-interface=docker0
如果docker0在trusted,刪除命令是:
firewall-cmd --zone=trusted --remove-interface=docker0
刪除完之后,重啟docker
systemctl restart docker
)
)
)
)