问题
在某台centos7机器上,启动docker服务
sudo systemctl start docker
报下列错误:
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Fri 2025-02-07 16:17:41 CST; 3s ago
Docs: https://docs.docker.com
Process: 60262 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
Main PID: 60262 (code=exited, status=1/FAILURE)
该错误什么信息都没有透露,但是我们可以通过查看docker日志,来进一步分析原因。
日志
查看 Docker 守护进程的日志,以获取更多错误信息
sudo journalctl -u docker.service
得到下列日志信息:
Feb 07 16:10:17 localhost.localdomain dockerd[54216]: time="2025-02-07T16:10:17.194747005+08:00" level=info msg="Firewalld: docker zone already exists, return
Feb 07 16:10:17 localhost.localdomain dockerd[54216]: time="2025-02-07T16:10:17.691552194+08:00" level=warning msg="could not create bridge network for id 50d
Feb 07 16:10:17 localhost.localdomain dockerd[54216]: time="2025-02-07T16:10:17.771015154+08:00" level=info msg="stopping event stream following graceful shut
Feb 07 16:10:17 localhost.localdomain dockerd[54216]: failed to start daemon: Error initializing network controller: Error creating default "bridge" network:
Feb 07 16:10:17 localhost.localdomain systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Feb 07 16:10:17 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
基本能够断定Linux的防火墙和docker的网络冲突导致的
解决
首先查看防火墙配置,命令如下:
firewall-cmd --list-all-zones
会看到docker0的配置,此时需要将docker0的配置删除
如果docker0在public,删除命令是:
firewall-cmd --zone=public --remove-interface=docker0
如果docker0在trusted,删除命令是:
firewall-cmd --zone=trusted --remove-interface=docker0
删除完之后,重启docker
systemctl restart docker