Failed to StartContainer - iptables: No chain/target/match by that name

Solution In Progress - Updated -

Issue

-Containers deployed on a new node do not fail, just stuck in containerCreating mode

logging-fluentd-1-jcyt7           0/1       ContainerCreating   0          44m
Name:           logging-fluentd-1-jcyt7
Namespace:      logging
Node:           dc1sbinfra01.example.datadyne.com/10.37.16.104
Start Time:     Tue, 27 Jun 2017 08:16:48 -0700
Labels:         component=fluentd,deployment=logging-fluentd-1,deploymentconfig=logging-fluentd,provider=openshift
Status:         Pending
IP:
Controllers:    ReplicationController/logging-fluentd-1
Containers:
  fluentd-elasticsearch:
    Container ID:
    Image:              registry.access.redhat.com/openshift3/logging-fluentd@sha256:9f0f0bee8fb60225c0e4a00d558dbc66f2a252ff038330146b115a0e5e4f2dc3
    Image ID:
    Port:               1095/TCP
    QoS Tier:
      memory:   BestEffort
      cpu:      Guaranteed
    Limits:
      cpu:      100m
    Requests:
      cpu:              100m
    State:              Waiting
      Reason:           ContainerCreating
    Ready:              False
    Restart Count:      0
    Environment Variables:
      K8S_HOST_URL:     https://kubernetes.default.svc.cluster.local
      ES_HOST:          logging-es
      ES_PORT:          9200
      ES_CLIENT_CERT:   /etc/fluent/keys/cert
      ES_CLIENT_KEY:    /etc/fluent/keys/key
      ES_CA:            /etc/fluent/keys/ca
      OPS_HOST:         logging-es-ops
      OPS_PORT:         9200
      OPS_CLIENT_CERT:  /etc/fluent/keys/cert
      OPS_CLIENT_KEY:   /etc/fluent/keys/key
      OPS_CA:           /etc/fluent/keys/ca
Conditions:
  Type          Status
  Ready         False
Volumes:
  varlog:
    Type:       HostPath (bare host directory volume)
    Path:       /var/log
  varlibdockercontainers:
    Type:       HostPath (bare host directory volume)
    Path:       /var/lib/docker/containers
  certs:
    Type:       Secret (a volume populated by a Secret)
    SecretName: logging-fluentd
  dockerhostname:
    Type:       HostPath (bare host directory volume)
    Path:       /etc/hostname
  localtime:
    Type:       HostPath (bare host directory volume)
    Path:       /etc/localtime
  aggregated-logging-fluentd-token-fjf2f:
    Type:       Secret (a volume populated by a Secret)
    SecretName: aggregated-logging-fluentd-token-fjf2f
Events:
  FirstSeen     LastSeen        Count   From                                    SubobjectPath   Type            Reason          Message
  ---------     --------        -----   ----                                    -------------   --------        ------          -------
  45m           45m             1       {default-scheduler }                                    Normal          Scheduled       Successfully assigned logging-fluentd-1-jcyt7 to dc1sbinfra01.example.datadyne.com
  45m           45m             1       {kubelet dc1sbinfra01.example.datadyne.com}                 Warning         FailedSync      Error syncing pod, skipping: failed to "StartContainer" for "POD" with RunContainerError: "runContainer: API error (500): {\"message\":\"driver failed programming external connectivity on endpoint k8s_POD.202fded_logging-fluentd-1-jcyt7_logging_a3870744-5b4b-11e7-8fb2-005056965d40_ef7b35e9 (d80bc14d7ea7c3c67e0e16ad92d826b2d426699ae89d011f1befacdb60fa1ff6): iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 1095 -j DNAT --to-destination 10.251.71.4:1095 ! -i lbr0: iptables: No chain/target/match by that name.\\n (exit status 1)\"}\n"

Environment

  • Red Hat OpenShift Container Platform
    • 3.2, 3.3, 3.4, 3.5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content