I investigated further and came a cross different solutions an posts:
- I found an entry in the nomad-gitter which proposed to set the
CAP_SYS_ADMIN, CAP_NET_ADMIN, CAP_CHOWNfor the iptables binary or onlyCAP_SYS_ADMIN, CAP_CHOWN - I found this discussion, which was solved by running nomad as root.
- Maybe it would help to set some permissions via
visudo
In the end I ended up going with the root option, which I dont like.
Shouldnt docker have the same issue? I found the post which basically explains the same issue.