docker container stopped working after upgrade to DSM 7.0 with Synology NAS.

This is due to tighten permission in DSM 7.0. It can be fixed by enabling container capacity “NET_ADMIN”. The problem is the DSM docker UI does not support this feature. This can be easier done in portainer, another open source container manager.

Here is the steps to deploy portainer as a container. This requires ssh into DSM 7.0

# ssh into your nas as administrator
ssh nas -l admin

# create  dir for holding portainer config
sudo mkdir  /volume1/docker/portainer

# deploy portainer as a container thru docker, please ensure ports still available
sudo docker run -d -p 8000:8000 -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /volume1/docker/portainer:/data portainer/portainer-ce

If everything goes thru fine, portainer container should be up and running. This can be verified in dsm docker ui as well.

connect to portainer at http://nas:9000 in browser.

Set up initial password

Select connect to “docker”

go to containers:

You are supposed to see all your containers, haugene container should be stopped state. (one of mine is up since screenshot is taken after everything fixed.)

Please focus on container haugene-transimission-openvpn3, this is the original one that stopped working after upgrade to dsm 7.0.

open “haugene-transimission-openvpn3”

Click “Duplicate/Edit” button on the top right, then you will have an opportunity to re-config a copy of original container.

change the name so that you can tell this is a new container..

Click “Advanced container settings”

Disable “Privileged mode” in “Runtime & Resources” tab.

Enable “NET_ADMIN” in Capability tab.

Click “Deploy the container” button, then you are done. It should be up and running in a few secs.

Verify if traffics are going thru vpn at http://checkmyip.torrentprivacy.com/