Docker helps in packaging the application and all its dependencies into a lightweight entity known as containers. We can deploy Docker containers on any physical machine, virtual machine, or even in the cloud.
We may face various problems while using the Docker service in different environments.
In this tutorial, we'll learn about the Docker daemon connectivity issue. This is a very common error that beginners encounter. We'll also look into what causes this issue and ways to troubleshoot it.
2. Understanding the Problem
Consider a situation where we try to run a command on Linux that is not already present on the machine. We get a command not found error message in return.
The reason for this problem could either be that the command is not actually installed on the machine or that it is installed but not configured correctly.
Let's first understand the Docker daemon (dockerd). It is a program that manages all the Docker objects, including images, containers, volumes and many more.
Another entity, the Docker client, helps pass the command from the user to the Docker service via the Docker daemon.
Under certain circumstances, the Docker client fails to connect to the Docker daemon. The Docker throws the error Cannot connect to Docker daemon in such a case.
There could be various reasons why a Docker client cannot connect to the Docker daemon. Let's now dive deep into the root cause and different solutions to solve this problem.
3. Due to Inactive Docker Service
The most common reason for this error is when we try to access the Docker service, but it is not started:
$ docker ps Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
First, we will check the status of the Docker service and whether it is running or not:
$ systemctl status docker docker.service - Docker Application Container Engine Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled) Active: inactive (dead) Docs: https://docs.docker.com
Here the output clearly shows that the Docker service is inactive.
We'll now start the Docker service. This will solve the issue in most cases.
3.1. Start Docker Using Service
Generally, when we install the Docker using the package manager, it creates a Docker service. This makes it easy to manage the Docker.
Let's now start the Docker using the systemctl service command:
$ systemctl start docker
We can check the status of Docker using the following command:
$ systemctl status docker docker.service - Docker Application Container Engine Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled) Active: active (running) since Thu 2022-02-17 19:14:51 UTC; 1min 38s ago Docs: https://docs.docker.com Main PID: 1831 (dockerd) Tasks: 8 Memory: 126.5M CGroup: /system.slice/docker.service └─1831 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
This command shows the current status Docker service as active (running).
3.2. Start the Docker Daemon Manually
Alternatively, we can also start the Docker without the service.
All we need to do is run the dockerd command in the background:
$ sudo dockerd INFO[2022-02-18T05:19:50.048886666Z] Starting up INFO[2022-02-18T05:19:50.050883459Z] libcontainerd: started new containerd process pid=2331 INFO[2022-02-18T05:19:50.050943756Z] parsed scheme: "unix" module=grpc
We need to make sure that we run the dockerd with sudo privileges.
4. Due to Insufficient Privileges
When we install Docker using package manager, it creates a docker user and group by default. In order to access Docker, we need to add the current user to the docker group.
If we try to access the Docker service from a user out of the docker group, we get this error:
$ docker ps Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/json: dial unix /var/run/docker.sock: connect: permission denied
In order to solve this problem, we can do two things. Either we can add the user to the docker group, or we can update the privileges of the Docker socket file.
Let's now dive deep into both solutions, along with examples.
4.1. Updating User Privileges
User privileges are an important concept in Linux. They decide the accessibility of resources for different users.
On installing Docker on Linux, a new docker group is created, and all the packages related to the Docker service are linked to this docker group.
If we do not find the default docker group on our machine, we can create it manually:
$ sudo groupadd docker
The above command will create a docker group.
Now we'll add the current user inside the docker group:
$ sudo usermod -aG docker docker-test
Here the -a option will append the user docker-test to the docker group. The -G option is used to mention the group name.
Finally, we'll restart the Docker service to bring the changes into effect:
$ sudo service docker restart
4.2. Updating Docker Socket File Privileges
We can also fix the problem by changing the owner of the /var/run/docker.sock file:
$ sudo chown docker-test /var/run/docker.sock
Notice that we run this command with sudo privileges. Otherwise, the permission for the file won't update.
In this article, we learned about the frequently encountered Docker daemon connectivity issue.
This issue occurs when the Docker service is not started correctly or when we don't have the proper user privileges to access the Docker service.
We looked into various ways to solve this issue by adding the user into the docker group and changing the permission of the sock file.