Docker Error response from daemon: Cannot start container

Question

I need help. I have a problem with docker. My OS is Centos 6. tnx

$ sudo docker run -it --name atom-mysql -p 3310:3306 -e MYSQL_ROOT_PASSWORD=root -d mysql/mysql-server:5.5.44

Unable to find image 'mysql/mysql-server:5.5.44' locally 5.5.44: Pulling from mysql/mysql-server

8c3e49cb06dc: Pull complete 90fed8b1ceab: Pull complete 8a2b759d9dd8: Pull complete 33529391d37f: Pull complete 4268ebc0501a: Pull complete 71c6842c97e5: Pull complete 80c90f40a6e5: Pull complete 0be01ae3bd72: Pull complete b1b23a5825ac: Pull complete d4b9b32ae2f0: Already exists Digest: sha256:64c6209e62002209ea3f35125bf6e10f9f4807a3a80bc1f3730c8b8313dad457 Status: Downloaded newer image for mysql/mysql-server:5.5.44 264a844c0f2b6e7f6a9fff872d401709216fb5704d24225233972f0719e52b6c

Error response from daemon: Cannot start container 264a844c0f2b6e7f6a9fff872d401709216fb5704d24225233972f0719e52b6c: iptables failed: iptables -t filter -A DOCKER ! -i docker0 -o docker0 -p tcp -d 172.17.0.4 --dport 3306 -j ACCEPT: iptables: No chain/target/match by that name. (exit status 1)

Answer 1

It looks like you missing docker firewall rules. Docker creates own iptables chains named DOCKER*. You can see it by the command iptables -L

...
Chain DOCKER (4 references)
...
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
...
Chain DOCKER-ISOLATION-STAGE-2 (4 references)
...
Chain DOCKER-USER (1 references)
...

If you don't see at least DOCKER chain you need to find why do you miss that. Try to restart docker service to reinit docker iptables rules:

service docker restart

But keep in mind that this action will stop all running containers.