我正在尝试在ACI(https://github.com/kylemanna/docker-openvpn)中使用此OpenVPN映像。作为它的一部分,它尝试设置iptables并失败。
+ setupIptablesAndRouting
+ iptables -t nat -C POSTROUTING -s 192.168.255.0/24 -o eth0 -j MASQUERADE
iptables v1.6.2: can't initialize iptables table 'nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
+ iptables -t nat -A POSTROUTING -s 192.168.255.0/24 -o eth0 -j MASQUERADE
iptables v1.6.2: can't initialize iptables table 'nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
这可能是因为Docker映像使用--cap-add=NET_ADMIN
在Docker中正常运行。有没有办法在ACI中执行此操作(或以更高的权限运行iptables命令)?