My entire Docker setup experienced some downtime yesterday. I did some weekly maintenance, as usual, upgrading the linux-aarch64 kernel to 6.17.7. What I wasn’t aware however, the pre-compiled version of the new kernel omitted the raw table from iptables, preventing Docker from dropping incoming connection to the container system.
https://archlinuxarm.org/forum/viewtopic.php?f=15&t=17296
6.18rc seems to have reverted this, but with the move from legacy iptables to nftables I decided to replace iptables with iptables-nft and restarted the Docker service. All good now.
Maybe I shouldn’t live life on the bleeding edge…