Add a TODO in the Dockerfile regarding nftables
Someday, we'll hopefully support nftables directly and will likely then need some kind of in-container runtime detection (perhaps based on loaded modules or something similar). This updates the related `Dockerfile` comment accordingly (linking to the appropriate `nftables` tracking issue). Signed-off-by: Tianon Gravi <admwiggin@gmail.com>
This commit is contained in:
parent
9fee52d544
commit
0ce3ab679c
1 changed files with 2 additions and 1 deletions
|
@ -286,7 +286,8 @@ RUN --mount=type=cache,sharing=locked,id=moby-dev-aptlib,target=/var/lib/apt \
|
||||||
zip
|
zip
|
||||||
|
|
||||||
|
|
||||||
# Switch to use iptables instead of nftables (to match the host machine)
|
# Switch to use iptables instead of nftables (to match the CI hosts)
|
||||||
|
# TODO use some kind of runtime auto-detection instead if/when nftables is supported (https://github.com/moby/moby/issues/26824)
|
||||||
RUN update-alternatives --set iptables /usr/sbin/iptables-legacy || true \
|
RUN update-alternatives --set iptables /usr/sbin/iptables-legacy || true \
|
||||||
&& update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy || true \
|
&& update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy || true \
|
||||||
&& update-alternatives --set arptables /usr/sbin/arptables-legacy || true
|
&& update-alternatives --set arptables /usr/sbin/arptables-legacy || true
|
||||||
|
|
Loading…
Reference in a new issue