Is there a known problem with LXD and iptables on linux kernel 4.18+?
After running for a few hours iptables stops working on both the host and in containers, and the iptables command fails with:
iptables v1.6.1: can't initialize iptables table `filter': No child processes
Perhaps iptables or your kernel needs to be upgraded.
(I tried iptables 1.8.2 from git and it didn’t help.)
I’m using Ubuntu 18.04, and lxd 3.7 from snap. The container which seems to trigger the kernel bug is an OpenWrt router. (Fortunately I have another /firewall between my network and the Internet.)
I have tried several mainline kernels for Ubuntu and “4.17.0-041700-generic #201806041953 SMP Mon Jun 4 19:55:25 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux” doesn’t have the bug, but the bug is triggered on all 4.18+ kernels I have tried:
- 4.18.0-041800-generic #201808122131 SMP Sun Aug 12 21:33:20 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
- 4.18.11-041811-generic #201809290731 SMP Sat Sep 29 11:33:39 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
- 4.19.5
- 4.20.0-042000rc4-generic #201811252331 SMP Sun Nov 25 23:32:52 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
- 4.20.0-042000rc5-generic #201812030721 SMP Mon Dec 3 12:23:24 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux