Skip to main content
NetApp Knowledge Base

How to resolve Podman iptables CNI network issue

Views:
214
Visibility:
Public
Votes:
0
Category:
solidfire-enterprise-sds
Specialty:
solidfire
Last Updated:

Applies to

Systems running SolidFire Enterprise SDS on RedHat Enterprise Linux 7.6 host nodes.

Description

This is a known timing issue with Podman & iptables/iptables-restore, where lock files are not being respected. As a result, the Container Network Interface (CNI) is unable to come up. See the known issues linked below.

Known Issues

https://bugzilla.redhat.com/show_bug.cgi?id=1417234

https://github.com/openshift/origin/pull/13845

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712691

 

An example of the error signature is as shown:

ERRO[0000] Error adding network: running [/usr/sbin/iptables -t nat -N CNI-6bb4e32ac5d462b1f066864d --wait]: exit status 4: ipt unavailable.
ERRO[0000] Error while adding pod to CNI network "podman": running [/usr/sbin/iptables -t nat -N CNI-6bb4e32ac5d462b1f066864d -bles: Resource temporarily unavailable.
Error: error configuring network namespace for container 3b0ccbd068b9f7cfa52df9e4b1500abe02b4157f13b75ee34d87b6d52bd5df1a: runnnat -N CNI-6bb4e32ac5d462b1f066864d --wait]: exit status 4: iptables: Resource temporarily unavailable.

 

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support