dockeriptablesfirewalldnftables

nftables rules for docker


System : RHEL 8.4 Docker Version : 20.10

RHEL 8 has moved from iptables to nftables and Docker inbuild uses iptables to set firewall rules on the machine.

It seems to have break the communication from docker containers to host services, and also to other hosted docker containers on the same network.

I have to communicate to registry hosted in container on port 5000.

And also I am hosting impala services in container and opened exposed following ports

21000

21050

25000

25010

25020

Also when i logged in to container it cannot make contact to internet.

Does anyone know what rules can be set to make proper communications to docker. Also the service hosted in container must be able to contact all the related host services.

Things tried until now :

Made changes in /etc/docker/daemon.json

{
"iptables" : false
}

And based on this link tried to set up rules , but no luck

FYI : I have no idea for setting up any type of rules in linux firewall (not with iptables nor with nftables)


Solution

  • From Docker 20.10, Docker provides support for firewalld, and no need to add any rules manually.

    It resolved my issues related to iptables and efatbles