Docker service not starting, system firewall not working

[frsrz]

Hello.

Device: F2-210
TOS: 4.1.18-2001031356

Steps to reproduce the problem:

• Install Docker from TOS Desktop. Installation seems to complete successfully but no shortcut is added to the desktop.
• Go to Applications->Docker and press start button: "operation successful" but server status still reads as Stopped.
• Run "docker run hello-world" from a shell: "Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?."
• Run "service docker start" from a root shell: "Starting Docker: docker 0"
• After last step the file /var/log/docker.log contains "Error starting daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain: iptables failed: iptables -t nat -N DOCKER: iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. (exit status 3)"
• Run "modprobe iptable_nat" from a root shell: "5 modules could not be probed - ip_tables- iptable_nat - nf_nat - nf_nat_ipv4 - x_tables"
• Run "dmesg | tail": "[22810.473414] x_tables: Unknown symbol kmem_cache_alloc_trace (err 0) [22828.097623] nf_nat: Unknown symbol kmem_cache_alloc_trace (err 0) [22828.149794] x_tables: Unknown symbol kmem_cache_alloc_trace (err 0)
  [22835.715838] nf_nat: Unknown symbol kmem_cache_alloc_trace (err 0) [22835.759602] x_tables: Unknown symbol kmem_cache_alloc_trace (err 0)"
• Run "iptables -L" from a root shell: "iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
  Perhaps iptables or your kernel needs to be upgraded."
• Go to Control Panel->Security->Firewall and create a rule to deny TCP/UDP connections to port 9222 (my SSH port): "Configuration saved!" but ssh connections to the device still work, proving firewall is broken.

In another post from this forum I have read that upgrading to TOS 4.1.16 could solve the problem with Docker. However I am running 4.1.18 and I am not sure if downgrading the device is even possible.

[TMSupport]

As for this issue of Docker, it's the reason of the kernel. Please update your TOS system to update the kernel. Please download the update package from this link and manually update your TOS system https://dl.terra-master.com/cn/TOS_A1.0 ... 031356.bz2 even if it's 4.1.18 already.

[frsrz]

I can confirm the suggested solution worked for me and now both docker service and firewall are running correctly.

[cjom]

As for this issue of Docker, it's the reason of the kernel. Please update your TOS system to update the kernel. Please download the update package from this link and manually update your TOS system https://dl.terra-master.com/cn/TOS_A1.0 ... 031356.bz2 even if it's 4.1.18 already.

HELP!
I installed this update, NAS automatically rebooted and died!!!
It does a very small beep when power is connected, turns on all front green leds and nothing else happens! No blinking, no fan moving, no disk activity, network leds off... DEAD

It is brand new, was working with one disk before installing the update, trying to fix the Docker not starting and power switch not powering off.

[TMSupport]

Hi, please contact us at support@terra-master.com, we will replace you a new TNAS if it's confired the reason the malfunctioned hardware.

[lantis]

Hi,

I have the same error with version 4.1.31.
I manually updated my kernel with the same version (latest on this date) but nothing changes.

Informations:
tnas : F2-210
TOS : 4.1.31.2008031214
Errors :

Code: Select all

time="2020-10-02T17:43:00.457219000+02:00" level=info msg="libcontainerd: new containerd process, pid: 4851"
time="2020-10-02T17:43:01.473968000+02:00" level=info msg="[graphdriver] using prior storage driver: overlay2"
time="2020-10-02T17:43:01.596622000+02:00" level=info msg="Graph migration to content-addressability took 0.00 seconds"
time="2020-10-02T17:43:01.597161000+02:00" level=warning msg="Your kernel does not support cgroup cpu shares"
time="2020-10-02T17:43:01.597227000+02:00" level=warning msg="Your kernel does not support cgroup cfs period"
time="2020-10-02T17:43:01.597279000+02:00" level=warning msg="Your kernel does not support cgroup cfs quotas"
time="2020-10-02T17:43:01.597328000+02:00" level=warning msg="Your kernel does not support cgroup rt period"
time="2020-10-02T17:43:01.597376000+02:00" level=warning msg="Your kernel does not support cgroup rt runtime"
time="2020-10-02T17:43:01.598583000+02:00" level=info msg="Loading containers: start."
time="2020-10-02T17:43:01.602650000+02:00" level=warning msg="Running modprobe nf_nat failed with message: ``, error: exit status 255"
time="2020-10-02T17:43:01.605904000+02:00" level=warning msg="Running modprobe xt_conntrack failed with message: ``, error: exit status 255"
Error starting daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain: iptables failed: iptables -t nat -N DOCKER: iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
 (exit status 3)

[TMSupport]

You can contact support(at)terra-master.com to ask for remotely check.