* [meta-virtualization][PATCH] docker: Add kernel-module-xt-nat to RRECOMMENDS
@ 2022-01-19 11:59 Robert Yang
2022-01-19 13:34 ` Bruce Ashfield
0 siblings, 1 reply; 4+ messages in thread
From: Robert Yang @ 2022-01-19 11:59 UTC (permalink / raw)
To: meta-virtualization, bruce.ashfield
Fixed when kernel-module-xt-nat is not installed:
$ docker run --rm -it -p 80:80 alpine
docker: Error response from daemon: driver failed programming external connectivity on endpoint elated_cori
Try `iptables -h' or 'iptables --help' for more information.
(exit status 2)).
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
---
recipes-containers/docker/docker.inc | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/recipes-containers/docker/docker.inc b/recipes-containers/docker/docker.inc
index 40a3642c..e7bdc388 100644
--- a/recipes-containers/docker/docker.inc
+++ b/recipes-containers/docker/docker.inc
@@ -29,7 +29,13 @@ RDEPENDS:${PN} = "util-linux util-linux-unshare iptables \
"
RDEPENDS:${PN} += "virtual-containerd virtual-runc"
-RRECOMMENDS:${PN} = "kernel-module-dm-thin-pool kernel-module-nf-nat kernel-module-nf-conntrack-netlink kernel-module-xt-addrtype kernel-module-xt-masquerade"
+RRECOMMENDS:${PN} = "kernel-module-dm-thin-pool \
+ kernel-module-nf-nat \
+ kernel-module-nf-conntrack-netlink \
+ kernel-module-xt-addrtype \
+ kernel-module-xt-masquerade \
+ kernel-module-xt-nat \
+ "
PROVIDES += "virtual/docker"
--
2.17.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [meta-virtualization][PATCH] docker: Add kernel-module-xt-nat to RRECOMMENDS
2022-01-19 11:59 [meta-virtualization][PATCH] docker: Add kernel-module-xt-nat to RRECOMMENDS Robert Yang
@ 2022-01-19 13:34 ` Bruce Ashfield
2022-01-20 7:07 ` Robert Yang
0 siblings, 1 reply; 4+ messages in thread
From: Bruce Ashfield @ 2022-01-19 13:34 UTC (permalink / raw)
To: Robert Yang; +Cc: meta-virtualization
On Wed, Jan 19, 2022 at 7:00 AM Robert Yang <liezhi.yang@windriver.com> wrote:
>
> Fixed when kernel-module-xt-nat is not installed:
> $ docker run --rm -it -p 80:80 alpine
>
> docker: Error response from daemon: driver failed programming external connectivity on endpoint elated_cori
> Try `iptables -h' or 'iptables --help' for more information.
> (exit status 2)).
>
There's already a pending patch for similar changes, I'm still
working through the unification of the meta-virt fragments and the
kernel-cache fragments, so I'm not doing any of the RRECOMMENDS
changes at the moment, until I have that unified.
Since we can recommend all we want, but it can't fix a bad
configuration, and that's the issue.
Bruce
> Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
> ---
> recipes-containers/docker/docker.inc | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/recipes-containers/docker/docker.inc b/recipes-containers/docker/docker.inc
> index 40a3642c..e7bdc388 100644
> --- a/recipes-containers/docker/docker.inc
> +++ b/recipes-containers/docker/docker.inc
> @@ -29,7 +29,13 @@ RDEPENDS:${PN} = "util-linux util-linux-unshare iptables \
> "
> RDEPENDS:${PN} += "virtual-containerd virtual-runc"
>
> -RRECOMMENDS:${PN} = "kernel-module-dm-thin-pool kernel-module-nf-nat kernel-module-nf-conntrack-netlink kernel-module-xt-addrtype kernel-module-xt-masquerade"
> +RRECOMMENDS:${PN} = "kernel-module-dm-thin-pool \
> + kernel-module-nf-nat \
> + kernel-module-nf-conntrack-netlink \
> + kernel-module-xt-addrtype \
> + kernel-module-xt-masquerade \
> + kernel-module-xt-nat \
> + "
>
> PROVIDES += "virtual/docker"
>
> --
> 2.17.1
>
--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [meta-virtualization][PATCH] docker: Add kernel-module-xt-nat to RRECOMMENDS
2022-01-19 13:34 ` Bruce Ashfield
@ 2022-01-20 7:07 ` Robert Yang
2022-01-25 2:45 ` Bruce Ashfield
0 siblings, 1 reply; 4+ messages in thread
From: Robert Yang @ 2022-01-20 7:07 UTC (permalink / raw)
To: Bruce Ashfield; +Cc: meta-virtualization
Hi Bruce,
On 1/19/22 9:34 PM, Bruce Ashfield wrote:
> On Wed, Jan 19, 2022 at 7:00 AM Robert Yang <liezhi.yang@windriver.com> wrote:
>>
>> Fixed when kernel-module-xt-nat is not installed:
>> $ docker run --rm -it -p 80:80 alpine
>>
>> docker: Error response from daemon: driver failed programming external connectivity on endpoint elated_cori
>> Try `iptables -h' or 'iptables --help' for more information.
>> (exit status 2)).
>>
>
> There's already a pending patch for similar changes, I'm still
> working through the unification of the meta-virt fragments and the
> kernel-cache fragments, so I'm not doing any of the RRECOMMENDS
> changes at the moment, until I have that unified.
>
> Since we can recommend all we want, but it can't fix a bad
> configuration, and that's the issue.
Yes, makes sense, do you have a clue on how to figure out all of them, please?
// Robert
>
> Bruce
>
>> Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
>> ---
>> recipes-containers/docker/docker.inc | 8 +++++++-
>> 1 file changed, 7 insertions(+), 1 deletion(-)
>>
>> diff --git a/recipes-containers/docker/docker.inc b/recipes-containers/docker/docker.inc
>> index 40a3642c..e7bdc388 100644
>> --- a/recipes-containers/docker/docker.inc
>> +++ b/recipes-containers/docker/docker.inc
>> @@ -29,7 +29,13 @@ RDEPENDS:${PN} = "util-linux util-linux-unshare iptables \
>> "
>> RDEPENDS:${PN} += "virtual-containerd virtual-runc"
>>
>> -RRECOMMENDS:${PN} = "kernel-module-dm-thin-pool kernel-module-nf-nat kernel-module-nf-conntrack-netlink kernel-module-xt-addrtype kernel-module-xt-masquerade"
>> +RRECOMMENDS:${PN} = "kernel-module-dm-thin-pool \
>> + kernel-module-nf-nat \
>> + kernel-module-nf-conntrack-netlink \
>> + kernel-module-xt-addrtype \
>> + kernel-module-xt-masquerade \
>> + kernel-module-xt-nat \
>> + "
>>
>> PROVIDES += "virtual/docker"
>>
>> --
>> 2.17.1
>>
>
>
> --
> - Thou shalt not follow the NULL pointer, for chaos and madness await
> thee at its end
> - "Use the force Harry" - Gandalf, Star Trek II
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [meta-virtualization][PATCH] docker: Add kernel-module-xt-nat to RRECOMMENDS
2022-01-20 7:07 ` Robert Yang
@ 2022-01-25 2:45 ` Bruce Ashfield
0 siblings, 0 replies; 4+ messages in thread
From: Bruce Ashfield @ 2022-01-25 2:45 UTC (permalink / raw)
To: Robert Yang; +Cc: meta-virtualization
On Thu, Jan 20, 2022 at 2:07 AM Robert Yang <liezhi.yang@windriver.com> wrote:
>
> Hi Bruce,
>
> On 1/19/22 9:34 PM, Bruce Ashfield wrote:
> > On Wed, Jan 19, 2022 at 7:00 AM Robert Yang <liezhi.yang@windriver.com> wrote:
> >>
> >> Fixed when kernel-module-xt-nat is not installed:
> >> $ docker run --rm -it -p 80:80 alpine
> >>
> >> docker: Error response from daemon: driver failed programming external connectivity on endpoint elated_cori
> >> Try `iptables -h' or 'iptables --help' for more information.
> >> (exit status 2)).
> >>
> >
> > There's already a pending patch for similar changes, I'm still
> > working through the unification of the meta-virt fragments and the
> > kernel-cache fragments, so I'm not doing any of the RRECOMMENDS
> > changes at the moment, until I have that unified.
> >
> > Since we can recommend all we want, but it can't fix a bad
> > configuration, and that's the issue.
>
> Yes, makes sense, do you have a clue on how to figure out all of them, please?
This is something that I'm working on in cooperation with the external
kernel-cache recipe/tool that I have in meta-virt.
Your change is correct, I'm just going to let it sit on my queue for a
bit, while I work through the rest of the changes with respect to
getting the right configuration across a range of kernels and having
the ability to check for the fragments (versus the final .config,
since we don't want to start checking for individual options after the
kernel configuration runs).
Bruce
>
> // Robert
>
> >
> > Bruce
> >
> >> Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
> >> ---
> >> recipes-containers/docker/docker.inc | 8 +++++++-
> >> 1 file changed, 7 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/recipes-containers/docker/docker.inc b/recipes-containers/docker/docker.inc
> >> index 40a3642c..e7bdc388 100644
> >> --- a/recipes-containers/docker/docker.inc
> >> +++ b/recipes-containers/docker/docker.inc
> >> @@ -29,7 +29,13 @@ RDEPENDS:${PN} = "util-linux util-linux-unshare iptables \
> >> "
> >> RDEPENDS:${PN} += "virtual-containerd virtual-runc"
> >>
> >> -RRECOMMENDS:${PN} = "kernel-module-dm-thin-pool kernel-module-nf-nat kernel-module-nf-conntrack-netlink kernel-module-xt-addrtype kernel-module-xt-masquerade"
> >> +RRECOMMENDS:${PN} = "kernel-module-dm-thin-pool \
> >> + kernel-module-nf-nat \
> >> + kernel-module-nf-conntrack-netlink \
> >> + kernel-module-xt-addrtype \
> >> + kernel-module-xt-masquerade \
> >> + kernel-module-xt-nat \
> >> + "
> >>
> >> PROVIDES += "virtual/docker"
> >>
> >> --
> >> 2.17.1
> >>
> >
> >
> > --
> > - Thou shalt not follow the NULL pointer, for chaos and madness await
> > thee at its end
> > - "Use the force Harry" - Gandalf, Star Trek II
> >
--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-01-25 2:45 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-19 11:59 [meta-virtualization][PATCH] docker: Add kernel-module-xt-nat to RRECOMMENDS Robert Yang
2022-01-19 13:34 ` Bruce Ashfield
2022-01-20 7:07 ` Robert Yang
2022-01-25 2:45 ` Bruce Ashfield
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.