I have installed docker in Linux Mint 17 Qiana (which is based on Ubuntu 14.04) present in the Oracle VM. If I tries to start, it shows the following error,
FATA[0000] Get http:///var/run/docker.sock/v1.18/containers/json: dial unix /var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?
I couldn't find any useful information regarding this when I tried googling regarding the same. This stackoverflow question suggesting to restart my system, but it doesn't work.
I'm seeing the following related questions which are unhelpful.
/var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?
Docker: Are you trying to connect to a TLS-enabled daemon without TLS?
So, any help on this would be greatly helpful.
I don't know how it comes with .deb package (I'm using Fedora), but TLS shouldn't be set by default, so I would suggest following some basic steps to see if it is running correctly.
1. Check if docker daemon is running
ps aux | grep docker
root 4215 0.1 0.1 440156 17332 ? Ssl 15:48 0:00 /usr/bin/docker -d -D --bip=172.17.42.1/16 --dns=172.17.42.1 --dns-search=docker -s overlay
wololock 8986 0.0 0.0 113024 2304 pts/1 S+ 15:50 0:00 /usr/bin/grep docker
I the docker process is not running, try sudo /etc/init.d/docker start or sudo service docker start
2. Check if /var/run/docker.sock exists
ls -la /var/run/docker.*
-rw-r--r--. 1 root root 4 04-23 15:48 /var/run/docker.pid
srw-rw----. 1 root docker 0 04-23 15:48 /var/run/docker.sock
The important part here is that file need to be own by group docker, so you can connect to it without root permissions.
If docker.sock does not exist, you can try running docker from the command line with debug mode on to see what causes the problem:
sudo docker -d -D
3. Check if your user is added to docker group
id -a
uid=1000(wololock) gid=1000(wololock) grupy=1000(wololock),0(root),10(wheel),100(users),977(docker),989(pkg-build)
If you wont find your user in docker group, try adding yourself to it by:
sudo gpasswd -a [username] docker
4. Get the latest docker version
If the previous attempts wont help, try getting the latest docker version from https://docs.docker.com/installation/ubuntulinux/#installing-docker-on-ubuntu I'm not sure, but this line:
FATA[0000] Get http:///var/run/docker.sock/v1.18/containers/json:
suggests that you're using docker v1.18. I might be wrong, but if it's true, this is not the most recent docker version and it should be upgraded. I use currently docker v1.5.0, it works well on Fedora 21
IMPORTANT: UBUNTU / LINUX MINT USERS
The problem we discussed here was caused by missing (or not running) apparmor package in the ubuntu/linuxmint distribution. The easiest way to fix it is to install apparmor:
sudo apt-get install apparmor
If it's installed yet not running, start it with:
sudo service apparmor start
https://wiki.ubuntu.com/AppArmor
https://github.com/docker/docker/issues/9745
I hope my answer will help you in resolving your problem. If you have any questions, feel free to ask. I will try to help you as much as I can.
Related
I'm trying to kill a docker container, but I got permission denied. I use Ubuntu 20.04, my docker version for client is 20.10.7 and the one for the server is 20.10.11.
This is the log I got:
Error response from daemon: Cannot kill container: fastapi_server: permission denied
I read that I should use this comand for restarting docker.
sudo systemctl restart docker.socket docker.service
But the thing is that when I execute this command, all my containers and images dissapear, but If I try on localhost:8000 my port is occupied by the container that I wanted to delete. And if I run sudo netstat -anp | grep 8000, I get:
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 2493/docker-proxy
tcp6 0 0 :::8000 :::* LISTEN 2500/docker-proxy
So this confirms that my port is already taken by a docker container, but when I run docker ps -a, I get no container. I also tried docker kill, but it did not work.
How should I kill this container & get my 8000 port free?
Please think twice before removing AppArmor. To my understanding this is central to application security for instance on recent major Ubuntu versions.
It seems the rights problem is specific to a Docker version. Assuming yours is also installed via snap, please attempt upgrading your Docker version to at least the current beta, e.g. with
snap refresh docker --beta
20.10.12 seems to work fine.
(In fact I fell for the suggestion and did remove my AppArmor - snaps went away. Then reinstalled ASAP, the settings of relevant snaps are still with me - afterwards installed docker back, had the problem, upgraded it: seems to work like a charm.)
It appeared that I had installed docker with snap as well as using the docker repository:
sudo snap list
So:
sudo snap remove docker --purge
sudo aa-remove-unknown
Along with re-installing Docker using the method described here solved my issues! No need to disable or remove apparmor.
Try these steps:
docker inspect
Find the PID AND kill that process.
If that does not work check with
dmesg
everything related to Docker. You can put output here that we can help you.
Ok,from you png ist seems that you have problem with AppArmor. Try this:
sudo apt purge --auto-remove apparmor
sudo service docker restart
docker system prune --all --volumes
what works for me in these cases:
sudo systemctl restart docker.socket docker.service
sudo docker image rm -f $(sudo docker image ls -q)
I installed Docker from snap and experienced the permission denied error response. After reading many users experiencing more problems with the apparmor suggestion, I uninstalled Docker from snap, then used digitalocean's Docker installation tutorial.
It worked for me, posting here as reference for others experiencing the same problem.
In my case it was also apparmor on Ubuntu 20.04 after upgrade from Bionic. By running dmesg I got error message:
[1113458.482007] audit: type=1400 audit(1672134271.112:1718): apparmor="DENIED" operation="signal" profile="docker-default" pid=1654 comm="dockerd" requested_mask="receive" denied_mask="receive" signal=kill peer="snap.docker.dockerd
To fix this please edit /etc/apparmor.d/docker and add to the beginning (however, after the 'profile docker-default .... {' ) the following line:
signal,
Then reload apparmor
sudo systemctl reload apparmor
This fixed it at least on my computer.
See more https://manpages.ubuntu.com/manpages/xenial/man5/apparmor.d.5.html under section signal:
Example AppArmor signal rules:
# Allow all signal access
signal,
I have installed Docker on my Pop OS according to the official tutorial (I also created a docker user group and added myself to it). In IntelliJ Idea I am getting:
Cannot connect to the Docker daemon at unix:/var/run/docker.sock. Is the docker daemon running? No such file or directory.
systemctl status docker shows that docker.service is active.
My permissions:
ls -l /var/run/docker.sock
srw-rw---- 1 root docker 0 Feb 28 09:05 /var/run/docker.sock
You need to :
Add your $user to the docker group:
sudo usermod -aG docker $USER
Log out, and then log back in.
Docker configuration settings:
Unix socket: This is the recommended connection option for Linux.
note
If you get permission denied errors, add the current user to the docker group on the machine, log out, and then log back in. The docker group grants privileges equivalent to the root user. For details on how this impacts security in your system, see Docker Daemon Attack Surface.
I've solved the issue by re-installing Intellij. My version was from the pop-os application store and causes the problem, but the interesting fact - other things work as expected. So the version from the JetBrains toolbox did the trick.
I have been working with Docker for about two months now, working on Windows/WSL. The other day I needed to restart my machine and once it restarted I tried setting up my docker containers again and ran into an issue that I have had before, however. All the solutions I used last time do not work, and none on google work either.
I have tried a lot of things, every single possibility on the internet I could fine and I have been stuck on this for at least 8 hours already and wish to waste no more time on it. I will list a few I have already tried but do not work:
sudo usermod -aG docker $USER
sudo ln -s /mnt/c/Program\ Files/Docker/Docker/resources/bin/docker.exe /usr/bin/docker
using sudo
restarted docker
reinstalled docker desktop (windows)
The command within our make file runs this:
docker-compose up -d
We use a MakeFile to make our lives a lot easier in terms of docker commands so usually I would run this command and it should just bring the container up and work fine. But instead I get this:
ERROR: Couldn't connect to Docker daemon at http+docker://localhost - is it running?
If it's at a non-standard location, specify the URL with the DOCKER_HOST environment variable.
Makefile:13: recipe for target 'up' failed
make: *** [up] Error 1
I was then recommended trying sudo dockerd which I then get this error, which does half explain the issue but I could not find a clear answer on how to fix my issue:
failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: iptables failed: iptables -t nat -N DOCKER: iptables v1.6.1: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
(exit status 3)
I am really hoping someone is able to help me with this as I am so stuck and need to get this to work.
It turns out the issue was to do with the groups. The solution that I found worked was to remove the user group "docker" using:
sudo groupadd docker
sudo usermod -aG docker $(whoami)
Then I ran the command for my make file and it worked!
I hope this benefits some of you!
From this github issue:
Try running dockerd or sudo dockerd if required first to start daemon. If you start dockerd with sudo you may want to run docker-compose up with sudo also. otherwise it's fine.
I had the same issue. I managed to fix this by upgrading to WSL 2 from version 1.
To get your current version in powershell :
wsl -l -v
For me it was written version 1.
To upgrade from 1 to 2 :
wsl --set-version <NAME-FROM-PREVIOUS-COMMAND> 2
For me it was Ubuntu :
wsl --set-version Ubuntu 2
And then the docker daemon could be started as expected inside wsl. (with sudo in my case)
sudo dockerd
sudo docker-compose up
I hope it could help.
I've just tried to install Docker via the instructions from their site. After starting the service a call to docker version reports the daemon isn't running. Doing a ps -ef | grep docker and I can see that Docker was run using /usr/bin/docker daemon -H fd://. If I and try to run that manually, I get FATA[0000] No sockets found.
There's an issue about this in Fedora and it recommended removing the -H fd:// option. But I can't spot that anywhere (not in /etc/init.d/docker, /etc/default/docker, etc).
Can anyone help me get past this issue please?
Right, found it. Following the advice from the Docker docs, I ran:
sudo systemctl status docker | grep Loaded
That showed me the defaults came from /lib/systemd/system/docker.service. After that I copied the contents of that file to /etc/system.d/system/docker.service, overriding the bits I wanted (and removing the items that remained the same). After that, I ran sudo systemctl daemon-reload and now the Docker service is using the right command.
Still doesn't solve why my Docker instance doesn't appear to be running though...
I am trying to get docker working on my sys
However, not able to
Steps to reproduce the issue that I am facing:
Installed EPEL on 6.5 RHEL
Installed docker-io
Able to run "docker" command
When running "docker run -i -t fedora /bin/bash" command using without root, getting below error:
FATA[0000] Post http:///var/run/docker.sock/v1.17/containers/create:
dial unix /var/run/docker.sock
http:///var/run/docker.sock/v1.17/containers/create:%20dial%20unix%20/var/run/docker.sock :
permission denied.
Are you trying to connect to a TLS-enabled daemon without TLS?
However, with root getting diff error like below for the same command:
FATA[0000] Cannot connect to the Docker daemon. Is 'docker -d' running on this host?
A RHEL 6.5, also termed Update 5, is from 21 November 2013 and comes with kernel 2.6.32-431.
That seems quite an old kernel for docker to be installed and run successfully. Docker would need ideally a 3.10+ kernel.
Although Adrian Mouat mentions in the comments that the Red Hat Enterprise Linux 6.5 (64-bit) or later is supported
You will need 64 bit RHEL 6.5 or later, with a RHEL 6 kernel version 2.6.32-431 or higher as this has specific kernel fixes to allow Docker to work.
So make sure the docker daemon is started:
sudo service docker start
Then try some sudo docker commands:
sudo docker run -i -t fedora /bin/bash
The doc mentions:
If you get a Cannot start container error mentioning SELinux or permission denied, you may need to update the SELinux policies.
This can be done using sudo yum upgrade selinux-policy and then rebooting.