You are currently viewing How to Fix Docker Daemon Connection Issue in WSL: ‘Cannot Connect to the Docker Daemon at unix:///var/run/docker.sock’

How to Fix Docker Daemon Connection Issue in WSL: ‘Cannot Connect to the Docker Daemon at unix:///var/run/docker.sock’

When working with Docker in Windows Subsystem for Linux (WSL), you may encounter the following error:

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

This issue occurs when the Docker client cannot communicate with the Docker daemon responsible for managing Docker containers. Below, we will explain the cause of this issue and provide a simple and effective solution to fix it.

What we’ll cover

Understanding the error and its cause

In WSL, Docker relies on specific networking components and services to run smoothly. One of the root causes of this problem is related to the version of iptables being used. Docker may be incompatible with the default iptables configuration in some WSL distributions, leading to connection issues.

By default, WSL may be configured to use nftables, but Docker often works better with iptables-legacy, which provides a more compatible interface for Docker networking.

Solution: Switch to iptables-legacy

The best way to resolve this issue is by switching from nftables to iptables-legacy. Below is a step-by-step guide to implement the solution.

1. Switch to iptables-legacy

To switch from nftables to iptables-legacy, follow these steps:

  1. Open your WSL terminal (Ubuntu, Debian, or another distribution).

  2. Run the following command to configure iptables:

    sudo update-alternatives --config iptables

  3. You will see a list of available options for iptables:

    There are 2 choices for the alternative iptables (providing /usr/sbin/iptables).

  Selection    Path                     Priority   Status
------------------------------------------------------------
* 0            /usr/sbin/iptables-nft     20        auto mode
  1            /usr/sbin/iptables-legacy  10        manual mode

  4. Type 1 and press Enter to select iptables-legacy.

2. Start the Docker Service

Once you have switched to iptables-legacy, start the Docker daemon using the following command:

sudo service docker start

3. Verify Docker is Working

To ensure everything is working correctly, run a simple Docker command:

docker run hello-world

If the command runs successfully and outputs the “Hello from Docker!” message, the issue is resolved.

Why This Fix Works

The iptables-legacy mode provides compatibility with the way Docker manages networking rules and connections. By switching to iptables-legacy, the Docker daemon can correctly set up networking rules, avoiding the conflict that occurs with nftables.

Additional Troubleshooting Tips

  • If Docker still fails to start, ensure that your Docker installation is up-to-date by running:

    sudo apt update && sudo apt upgrade

  • If you continue facing issues, consider restarting WSL:

    wsl --shutdown

    Then reopen your terminal.

Conclusion

The error “Cannot connect to the Docker daemon at unix:///var/run/docker.sock” can be frustrating, but by switching to iptables-legacy, you can resolve the issue quickly and get back to using Docker. This solution ensures compatibility between Docker and WSL’s networking components, making your development workflow smooth and efficient.

 

Leave a Reply