Learn through the super-clean Baeldung Pro experience:
>> Membership and Baeldung Pro.
No ads, dark-mode and 6 months free of IntelliJ Idea Ultimate to start with.
1. Overview
Docker helps to package an application and all its dependencies into a lightweight entity known as a container. We can deploy Docker containers on any physical machine, virtual machine, or even in the cloud.
However, we may face various problems while using the Docker service in different environments.
In this tutorial, we’ll learn about the Docker daemon connectivity issue. This is a very common error that beginners and advanced users encounter. In addition, we’ll look into what causes this issue and ways to troubleshoot it.
2. Understanding the Problem
When working with Docker, we most often interact with the Docker daemon. This is a behind-the-scenes process that manages containers, images, and other Docker objects. It’s like the engine that keeps everything running in sync.
As users, we communicate with this daemon through the Docker client, which acts like a messenger to relay commands and requests.
However, sometimes this communication channel breaks down, and the client fails to connect to the daemon. This results in the Cannot connect to the Docker daemon error.
Several factors can cause this communication breakdown:
- the Docker daemon might be inactive or not running at all
- we might have insufficient permissions to interact with the daemon
- there might be issues with the Docker socket, i.e., the internal communication interface
In the following sections, let’s explore potential causes of the error and ways to troubleshoot them.
3. Check Docker Service Status
One of the most common reasons for an error is when we try to access the Docker service, but it’s not started:
$ docker ps
Cannot connect to the Docker daemon at unix:///var/run/docker.sock.
Is the docker daemon running?To troubleshoot the situation, we can check the status of the Docker service and whether it’s running or not:
$ systemctl status docker
docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Docs: https://docs.docker.comHere, the output clearly shows that the Docker service is inactive.
So, let’s see how to start the Docker service. In most cases, this solves the issue.
4. Start Docker Service
Generally, when we install Docker using the package manager, the Docker service is created. This makes it easy to manage the platform.
So, let’s start the Docker using the systemctl command:
$ systemctl start dockerThen, we check the status of Docker using the status subcommand:
$ systemctl status docker
docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Thu 2022-02-17 19:14:51 UTC; 1min 38s ago
Docs: https://docs.docker.com
Main PID: 1831 (dockerd)
Tasks: 8
Memory: 126.5M
CGroup: /system.slice/docker.service
└─1831 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sockNow, the current status Docker service is active (running).
5. Start Docker Daemon Manually
Alternatively, we can also start the Docker without the service.
To that end, we run the dockerd command in the background:
$ sudo dockerd
INFO[2022-02-18T05:19:50.048886666Z] Starting up
INFO[2022-02-18T05:19:50.050883459Z] libcontainerd: started new containerd process pid=2331
INFO[2022-02-18T05:19:50.050943756Z] parsed scheme: "unix" module=grpcAdditionally, it’s important to make sure that dockerd runs with sudo privileges.
6. Check User Permissions
When we install Docker using a package manager, the installer also creates a docker user and group by default. To access Docker, we need to add the current user to the docker group.
If we try to access the Docker service from a user out of the docker group, we get a permissions error:
$ docker ps
Got permission denied while trying to connect to the Docker daemon socket
at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/json:
dial unix /var/run/docker.sock: connect: permission deniedTo solve this problem, we usually have two alternatives:
- add the user to the docker group
- update the permissions of the Docker socket file
The latter isn’t usually recommended unless the permissions are corrupted.
7. Configure the docker Group
As already mentioned, upon installing Docker on Linux, a new docker group is created. All packages related to the Docker service are linked to this docker group.
However, if we don’t find this default group on the machine, we can create the docker group manually:
$ sudo groupadd dockerThe above command creates a docker group.
Now, let’s add the current user to the docker group:
$ sudo usermod -aG docker docker-testHere, the -a option includes the user docker-test in the docker group. The -G option is used to specify the group name.
Finally, let’s restart the Docker service to bring the changes into effect:
$ sudo service docker restartAt this point, Docker should detect the new group.
8. Update Docker Socket File Privileges
We can also fix some problems by changing the owner of the /var/run/docker.sock file:
$ sudo chown docker-test /var/run/docker.sockNotably, we run this command with sudo privileges. Otherwise, the permission for the file won’t update.
9. Conclusion
In this article, we learned about the frequently encountered Docker daemon connectivity issue.
This issue occurs when the Docker service isn’t started correctly or when we don’t have the proper user privileges to access the Docker service.
We looked into various ways to solve this issue by recreating the docker group, adding the current user into the docker group, and changing the permission of the sock file.