phenomenon:

[root@localhost ~]# docker run -d -p 9000:80 centos:httpd /bin/sh -c /usr/local/bin/start.sh
d5b2bd5a7bc4895a973fe61efd051847047d26385f65c278aaa09e4fa31c4d76
docker: Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen (6bda693d1143657e46bee0300276aa05820da2b21a3d89441e820d1a274c48b6): (iptables failed: iptables –wait -t nat -A DOCKER -p tcp -d 0/0 –dport 9000 -j DNAT –to-destination 172.17.0.2:80 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1)).

[root@localhost ~]# docker start d5b2bd5a7bc4
Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen (4127da7466709fd45695a1fbe98e13c2ac30c2a554e18fb902ef5a03ba308438): (iptables failed: iptables –wait -t nat -A DOCKER -p tcp -d 0/0 –dport 9000 -j DNAT –to-destination 172.17.0.2:80 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1))
Error: failed to start containers: d5b2bd5a7bc4

Reason:

The custom chain DOCKER defined when the docker service is started is cleared for some reason.
Restart the docker service and regenerate the custom chain. DOCKER
Chain PREROUTING (policy ACCEPT)
target prot opt ​​source destination        
DOCKER all – 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT)
target prot opt ​​source destination        

Chain OUTPUT (policy ACCEPT)
target prot opt ​​source destination        
DOCKER all – 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT)
target prot opt ​​source destination        
MASQUERADE all – 172.17.0.0/16 0.0.0.0/0          
MASQUERADE  tcp  —  172.17.0.2           172.17.0.2           tcp dpt:8080

Chain DOCKER (2 references)
target     prot opt source               destination
RETURN     all  —  0.0.0.0/0            0.0.0.0/0
DNAT       tcp  —  0.0.0.0/0            0.0.0.0/0            tcp dpt:8888 to:172.17.0.2:8080
root@router:playbook#iptables -t nat -nL
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DOCKER     all  —  0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
DOCKER     all  —  0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  —  172.17.0.0/16        0.0.0.0/0
MASQUERADE  tcp  —  172.17.0.2           172.17.0.2           tcp dpt:8080

Chain DOCKER (2 references)
target     prot opt source               destination
RETURN     all  —  0.0.0.0/0            0.0.0.0/0
DNAT       tcp  —  0.0.0.0/0            0.0.0.0/0            tcp dpt:8888 to:172.17.0.2:8080

Solution:

Restart the docker service and then start the container
systemctl restart docker
docker start foo

Read More:

• [Solved] docker: Error response from daemon: driver failed programming external connectivity on endpoint mysql-test …
• [Solved] Docker Error: Error response from daemon: driver failed programming external connectivity on endpoint
• [Solved] Docker: Error response from daemon: driver failed programming external connectivity on endpoint mysq
• [Solved] Docker Error: driver failed programming external connectivity on endpoint
• [Solved] Docker Start nginx error: driver failed programming external connectivity on endpoint nginx
• Docker Create or Start Nginx Error: docker: Error response from daemon: driver failed programming external connectivity
• [Solved] docker Error response from daemon OCI runtime create failed container_linux.go380
• [Solved] ERROR: for jms_koko Cannot start service koko: driver failed programming
• Docker Error response from daemon: Get https://registry-1.docker.io/v2/: x509: certificate has expired or is not yet valid
• [Solved] Error response from daemon: OCI runtime create failed: container with id exists: xxzxxxxxxxx
• [Solved] Docker failed to start daemon: error initializing graphdriver: driver not supported
• [Solved] Docker Start Error: iptables failed: iptables –wait -t nat -A DOCKER -p tcp -d 0/0 –dport 10241
• Docker Error response from daemon: Get https://registry-1.docker.io/v2/portainer/portainer/…
• [environment] docker: error response from daemon: OCI runtime
• Docker run Error: container_linux.go:235: starting container process caused “process_linux.go:258: appl
• Mac Docker pull Error: Error response from daemon: Get https://xx.xx.xx.xx/v2/: Service Unavailable
• Docker Open Error: Warning: docker.service changed on disk. Run ‘systemctl daemon-reload‘ to reload unit
• [Solved] MinIO Start Error: “WARNING: Console endpoint is listening on a dynamic port…”
• The spring project is normal locally, and the bean cannot be found error is thrown when entering the docker container
• [Solved] CentOS build a docker error: job for docker.service failed….