I am trying to install Docker on a Raspi 3 Model B running the latest Raspberry OS, (Debian bookworm) using the installation steps from the Docker website (https://docs.docker.com/desktop/setup/i … ux/debian/). The installation fails due to unmet dependencies, foremost iptables.
It seems that Raspberry OS (and Debian) have deprecated iptables in favor of nftables, and that the iptables package is no longer in the standard repository/ies. Docker requires iptables.
I have searched the Internet, including various forums, for hours over several days but not found any helpful hints so far. Restarting the Pi (which has solved the issue in the only directly relevant forum post that I have found) has not helped in my case.
I think that maybe installing iptables from a legacy repository may be a solution, but I have not found anything in that direction.
Does anybody here have any helpful suggestions for me? Thanks much.
$ sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
docker-ce : Depends: iptables but it is not installable
Recommends: docker-ce-rootless-extras but it is not going to be installed
Recommends: git but it is not installable
Recommends: libltdl7 but it is not installable
Recommends: pigz but it is not installable
E: Unable to correct problems, you have held broken packages.
Did you really use the installation guide of Docker Desktop that you linked?
Your shared code shows that you install Docker Engine (Docker CE). That guide starts with:
Docker is only compatible with iptables-nft and iptables-legacy. Firewall rules created with nft are not supported on a system with Docker installed. Make sure that any firewall rulesets you use are created with iptables or ip6tables, and that you add them to the DOCKER-USER chain, see Packet filtering and firewalls.
I’m not sure about your error message, but I just tried installing iptables in a debian:12 container and worked. So if it is not automatically installable, you can try to do it manually.
I guess it is not installable in your machine automatically because another package is installed which is not compatible. That could be “nftables” as you also mentioned. So you could uninstall it and install iptables if you want to use Docker
PS.: According to your error message, “git” is not installable either, and it is not likely that git is not in standard repositories, so the message doesn’t mean it is not available, just not installable automatically
@rimelek: I sure hope I didn’t follow the wrong instructions. More likely I linked the wrong instructions in my initial post.
As an update, I set up a new Raspberry Pi OS Lite system on another medium. I then installed iptables and the Docker packages following the same installation instructions for testing and comparison. Everything went through smoothly, and Docker runs as intended (based on the little “hello-world” test from the Docker instructions). This proves you right, @rimelek.
On the old system, I can still install neither iptables nor Docker.
I compared the repos that ‘apt-get update’ queries on both systems. The new system also queries five Debian repos which the old one does not. (Unfortunately, being a new forum user, I cannot paste the queries here - too many links.)
That seems odd as I am quite sure that the old system is also Raspberry Pi OS Lite, first installed in fall 2024.
So the issue probably is related to the missing Debian repos.
I guess that I rather work with the new system and discard the old one, rather than investing more time and energy (both of others and me) into figuring that one out.
Thanks for helping out.