Generic Top

Get started with Spring 5 and Spring Boot 2, through the Learn Spring course:

>> CHECK OUT THE COURSE

1. Overview

Docker helps in packaging the application and all its dependencies into a lightweight entity known as containers. We can deploy Docker containers on any physical machine, virtual machine, or even in the cloud.

We may face various problems while using the Docker service in different environments. In this tutorial, we'll learn about the Docker daemon connectivity issue. This is a very common error that beginners encounter. We'll also look into what causes this issue and ways to troubleshoot it.

2. Understanding the Problem

Consider a situation where we try to run a command on Linux that is not already present on the machine. We get a “command not found” error message in return. The reason for this problem could either be that the command is not actually installed on the machine, or it is installed but not configured correctly.

Let's first understand the Docker daemon (dockerd). It is a program that manages all the Docker objects, including images, containers, volumes, and many more.

Another entity, the Docker client, helps pass the command from the user to the Docker service via the Docker daemon. Under certain circumstances, the Docker client fails to connect to the Docker daemon. The Docker throws the error “Cannot connect to Docker daemon” in such a case.

There could be various reasons why a Docker client cannot connect to the Docker daemon. Let's now dive deep into the root cause and different solutions to solve this problem.

3. Due to Inactive Docker Service

The most common reason for this error is when we try to access the Docker service, but it is not started:

$ docker ps
Cannot connect to the Docker daemon at unix:///var/run/docker.sock.
  Is the docker daemon running?

Firstly, we will check the status of the Docker service, whether it is running or not:

$ systemctl status docker
 docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: inactive (dead)
   Docs: https://docs.docker.com

Here, the output clearly shows that the Docker service is inactive. We'll now start the Docker service. This will solve the issue in most cases.

3.1. Start Docker Using Service

Generally, when we install the Docker using the package manager, it creates a Docker service. This makes it easy to manage the Docker. Let's now start the Docker using the systemctl service command:

$ systemctl start docker

We can check the status of Docker using the following command:

$ systemctl status docker
 docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2022-02-17 19:14:51 UTC; 1min 38s ago
     Docs: https://docs.docker.com
 Main PID: 1831 (dockerd)
    Tasks: 8
   Memory: 126.5M
   CGroup: /system.slice/docker.service
           └─1831 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

This command shows the current status Docker service as active(running).

3.2. Start the Docker Daemon Manually

Alternatively, we can also start the Docker without the service. All we need to do is to run the dockerd command in the background:

$ sudo dockerd
INFO[2022-02-18T05:19:50.048886666Z] Starting up                                  
INFO[2022-02-18T05:19:50.050883459Z] libcontainerd: started new containerd process  pid=2331
INFO[2022-02-18T05:19:50.050943756Z] parsed scheme: "unix"                         module=grpc

We need to make sure that we run the dockerd with Sudo privileges.

4. Due to Insufficient Privileges

When we install Docker using package manager, it creates a docker user and group by default. In order to access Docker, we need to add the current user to the docker group.

If we try to access the Docker service from a user out of the docker group, we get the following error:

$ docker ps
Got permission denied while trying to connect to the Docker daemon socket
  at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/json:
  dial unix /var/run/docker.sock: connect: permission denied

In order to solve this problem, we can do two things. Either we can add the user to the docker group, or we can update the privileges of the Docker socket file. Let's now dive deep into both solutions, along with sample examples.

4.1. Updating User Privileges

User privileges are an important concept in Linux. It decides the accessibility of resources for different users.

On installing Docker on Linux, a new docker group is created, and all the packages related to the Docker service are linked to this docker group. If we do not find the default docker group on our machine, we can create it manually:

$ sudo groupadd docker

The above command will create a docker group. Now we'll add the current user inside the docker group:

$ sudo usermod -aG docker docker-test

Here, the -a option will append the user docker-test to the docker group. The -G option is used to mention the group name.

Finally, we'll restart the Docker service to bring the changes into effect:

$ sudo service docker restart

4.2. Updating Docker Socket File Privileges

We can also fix the problem by changing the owner of the /var/run/docker.sock file:

$ sudo chown docker-test /var/run/docker.sock

Notice that we run this command with sudo privileges. Otherwise, the permission for the file won't update.

5. Conclusion

In this tutorial, we learned about the frequently encountered Docker daemon connectivity issue.

Finally, this issue occurs when the Docker service is not started correctly, or we don't have the proper user privileges to access the Docker service.

We looked into various ways to solve this issue by adding the user into the docker group and changing the permission of the sock file.

Generic bottom

Get started with Spring 5 and Spring Boot 2, through the Learn Spring course:

>> CHECK OUT THE COURSE
Generic footer banner
Comments are closed on this article!