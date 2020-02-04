Skip to content

jamiekt asked this question in General
docker service will not start on Debian on wsl2 #4872
@jamiekt jamiekt
352d ago · 19 answers
@jamiekt jamiekt 352d ago

  • Your Windows build number: (Type ver at a Windows Command Prompt)

Microsoft Windows [Version 10.0.19041.21]

  • What you're doing and what's happening:

I am attempting to run docker on debian buster on wsl2.

I have installed debian:

wsl -l -v
NAME STATE VERSION
* Debian Running 2

As this proves, I have buster installed

C:\Users\jamie> wsl
jamiet@DESKTOP-GA45TGH:/mnt/c/Users/jamie$ cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

I have installed docker as per the instructions at https://linuxconfig.org/how-to-install-docker-on-debian-10-buster-linux:

sudo apt update
sudo apt install docker.io

and it reported a successful installation. However the canonical verification test fails:

/mnt/c/Users/jamie$ docker run hello-world
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.

Let's check to see if the service is running:

/mnt/c/Users/jamie$ sudo service docker status
[FAIL] Docker is not running ... failed!

Its not, so let's try restarting service:

/mnt/c/Users/jamie$ sudo service docker restart
grep: /etc/fstab: No such file or directory
[ ok ] Starting Docker: docker

Shot in the dark, let's try creating the file that is missing then retry:

/mnt/c/Users/jamie$ sudo touch /etc/fstab
jamiet@DESKTOP-GA45TGH:/mnt/c/Users/jamie$ sudo service docker restart
[ ok ] Starting Docker: docker.
jamiet@DESKTOP-GA45TGH:/mnt/c/Users/jamie$ sudo service docker status
[FAIL] Docker is not running ... failed!

Oh dear, still not working. Let's look at the logs:

/mnt/c/Users/jamie$ cat /var/log/docker.log | grep -i error
time="2020-02-04T21:59:32.414437600Z" level=warning msg="Error while setting daemon root propagation, this is not generally critical but may cause some functionality to not work or fallback to less desirable behavior" dir=/var/lib/docker error="error writing file to signal mount cleanup on shutdown: open /var/run/docker/unmount-on-shutdown: no such file or directory"
time="2020-02-04T21:59:32.471556800Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.btrfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
time="2020-02-04T21:59:32.511078900Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.aufs" error="modprobe aufs failed: \"modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-19041-Microsoft/modules.dep.bin'\\nmodprobe: FATAL: Module aufs not found in directory /lib/modules/4.4.0-19041-Microsoft\\n\": exit status 1"
time="2020-02-04T21:59:32.512853700Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.zfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
time="2020-02-04T21:59:32.513108800Z" level=warning msg="could not use snapshotter zfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
time="2020-02-04T21:59:32.513136900Z" level=warning msg="could not use snapshotter btrfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
time="2020-02-04T21:59:32.513157000Z" level=warning msg="could not use snapshotter aufs in metadata plugin" error="modprobe aufs failed: \"modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-19041-Microsoft/modules.dep.bin'\\nmodprobe: FATAL: Module aufs not found in directory /lib/modules/4.4.0-19041-Microsoft\\n\": exit status 1"
time="2020-02-04T21:59:32.623222800Z" level=warning msg="Running modprobe nf_nat failed with message: `modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-19041-Microsoft/modules.dep.bin'\nmodprobe: WARNING: Module nf_nat not found in directory /lib/modules/4.4.0-19041-Microsoft`, error: exit status 1"
time="2020-02-04T21:59:32.641814000Z" level=warning msg="Running modprobe xt_conntrack failed with message: `modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-19041-Microsoft/modules.dep.bin'\nmodprobe: WARNING: Module xt_conntrack not found in directory /lib/modules/4.4.0-19041-Microsoft`, error: exit status 1"
time="2020-02-04T21:59:33.032273200Z" level=info msg="stopping event stream following graceful shutdown" error="<nil>" module=libcontainerd namespace=moby
time="2020-02-04T21:59:33.032535400Z" level=info msg="stopping event stream following graceful shutdown" error="context canceled" module=libcontainerd namespace=plugins.moby
Error starting daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: iptables failed: iptables -t nat -N DOCKER: iptables/1.8.2 Failed to initialize nft: Protocol not supported
time="2020-02-04T22:00:03.393508800Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.btrfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
time="2020-02-04T22:00:03.414625400Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.aufs" error="modprobe aufs failed: \"modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-19041-Microsoft/modules.dep.bin'\\nmodprobe: FATAL: Module aufs not found in directory /lib/modules/4.4.0-19041-Microsoft\\n\": exit status 1"
time="2020-02-04T22:00:03.415163000Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.zfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
time="2020-02-04T22:00:03.415226600Z" level=warning msg="could not use snapshotter aufs in metadata plugin" error="modprobe aufs failed: \"modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-19041-Microsoft/modules.dep.bin'\\nmodprobe: FATAL: Module aufs not found in directory /lib/modules/4.4.0-19041-Microsoft\\n\": exit status 1"
time="2020-02-04T22:00:03.415251600Z" level=warning msg="could not use snapshotter zfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
time="2020-02-04T22:00:03.415275400Z" level=warning msg="could not use snapshotter btrfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
time="2020-02-04T22:00:03.504188200Z" level=warning msg="Running modprobe nf_nat failed with message: `modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-19041-Microsoft/modules.dep.bin'\nmodprobe: WARNING: Module nf_nat not found in directory /lib/modules/4.4.0-19041-Microsoft`, error: exit status 1"
time="2020-02-04T22:00:03.524803200Z" level=warning msg="Running modprobe xt_conntrack failed with message: `modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-19041-Microsoft/modules.dep.bin'\nmodprobe: WARNING: Module xt_conntrack not found in directory /lib/modules/4.4.0-19041-Microsoft`, error: exit status 1"
time="2020-02-04T22:00:03.882998600Z" level=info msg="stopping event stream following graceful shutdown" error="<nil>" module=libcontainerd namespace=moby
time="2020-02-04T22:00:03.883324400Z" level=info msg="stopping event stream following graceful shutdown" error="context canceled" module=libcontainerd namespace=plugins.moby
Error starting daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: iptables failed: iptables -t nat -N DOCKER: iptables/1.8.2 Failed to initialize nft: Protocol not supported

None of that means anything to me I'm afraid, so I'm stuck.

  • What's wrong / what should be happening instead:

docker run hello-world should return:

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

@ad-on-is ad-on-is 346d ago

Did you try installing Docker Desktop with WSL2 support? Then enable it in Debian? Maybe this works.
See: https://docs.docker.com/docker-for-windows/wsl-tech-preview/
@jamiekt jamiekt 343d ago
Author

@ad-on-is I have not. Looks interesting, I'll give it a go, thanks.
@sidgrafix

sidgrafix 99d ago

Just ran into this myself this is what I had to do: WSL2 Debian with Docker (NOT using docker for windows)

first I had to add fstab file as for some reason didn't exist or couldn't be read with:
touch /etc/fstab

Then per dockerd at the end regarding network controller error I had to switch from nftables to iptables for nat with
update-alternatives --set iptables /usr/sbin/iptables-legacy
-and-
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy

Starting docker now should work!
service docker start

  • insert sudo before code if needed (I always run root)
    Hope it helps
@h3ct0rjs

h3ct0rjs 63d ago

Thanks @sidgrafix this works for me.

Anybody knows why fstab file didn't exist under debian ?
@rferraton

rferraton 58d ago

also work for me thanks
@jamiekt jamiekt 343d ago
Author

Can't install docker for desktop because I am running Windows 10 Home :(
@jishi jishi 343d ago

I think I had the same problem, I installed the official docker-ce packages instead. I added the following apt source (created /etc/apt/sources.list.d/docker.list and put it in)

deb [arch=amd64] https://download.docker.com/linux/debian buster edge

And then just apt-get install docker-ce (and docker-ce-cli). Not sure where I found those instructions, but there was some post about it. Now I run docker straight up from WSL2 and don't need docker desktop, and uses the memory ballooning in WSL2.
@ad-on-is ad-on-is 343d ago

Yeah, docker indeed works in WSL2 straight up. The only downside right now is, that you can't connect to your machine from other devices, if you wish to do so.

http://localhost on the local machine will work, but http://192.x.x.x from another device within the same network will not.

However, if you have Docker for Win installed and enable it in WSL like it's described in the docs, you can use docker within WSL (as if it was installed straight up there) and have the additional benefit of accessing your docker-services from other devices within the same network. Or even from outside of your network, if your firewall allows that ;-)
@jishi jishi 343d ago

Yes, that is one pitfall with running it only in WSL2. It also only binds to the ipv6 localhost, so certain apps who default to ipv4 lookup of localhost fails to connect.

Portproxy is however a builtin feature of netsh, which can be used to give external access if needed. A bit cumbersome to work with though, Docker desktop really simplifies that.

In hindsight, WSL2 for development has some horrible gotchas (filesystem access speed for one), I'm actually leaning towards going full Linux to be honest.

Oh, and also, the docker service will be stopped every time you close the last WSL2 terminal. Haven't figured out a way to make it autostart with the WSL2 virtual machine. This is also annoying.
@ad-on-is ad-on-is 343d ago

Oh, and also, the docker service will be stopped every time you close the last WSL2 terminal. Haven't figured out a way to make it autostart with the WSL2 virtual machine. This is also annoying.

This does not happen when using Docker Desktop.

In hindsight, WSL2 for development has some horrible gotchas (filesystem access speed for one)

Yep, therefore I've moved all my project-files into the WSL2s *.vhdx file... The performance is outstanding. As an example, WordPress sites load within ~500ms, while they need ~2-3 seconds to load when mounting files from C:/, D:/, etc...
@jishi jishi 343d ago

Yeah, but you get similar problems the other way around, when accessing the wsl$ drive (which also is discouraged by microsoft for some reason), not to mention the slew of problems you get when then trying to use a test-runner within the IDE to execute from that drive...

It's all a huge compromise.
@ad-on-is ad-on-is 343d ago

Yeah, but you get similar problems the other way around, when accessing the wsl$ drive (which also is discouraged by microsoft for some reason), not to mention the slew of problems you get when then trying to use a test-runner within the IDE to execute from that drive...

Not really, I'm using the VSCode remote extension, which is blazingly fast. I never work on \wsl$ directly.

It's all a huge compromise.

It sure is.
@kawaiiDango kawaiiDango 316d ago

I was having the same issue on Debian but it was working fine on Ubuntu.
I had to create /etc/fstab
I had to change iptables to legacy mode https://forums.docker.com/t/failing-to-start-dockerd-failed-to-create-nat-chain-docker/78269
Then i got cgroups: cannot find cgroup mount destination: unknown.
So, i had to do this docker/for-linux#219 (comment)
Then i got hello world to run

Edit: the changes seem to stick after a windows reboot.

My build number is 19041.113. Im usually on the Slow Ring.
@StefanScherer StefanScherer 315d ago

@jamiekt You now can install Docker Desktop Edge version on Windows 10 Home Insider Slow Ring.
https://www.docker.com/blog/docker-desktop-for-windows-home-is-here/
@isaacbatst isaacbatst 168d ago

Exactly same error in WSL2, using Ubuntu 20
@ivanch ivanch 134d ago

Had the same error with Debian, on Ubuntu it worked fine.
@therealkenc therealkenc 133d ago
Collaborator

image

Debian Buster uses iptables-nft, which means the nonauthoritative HOWTO blog cited in the OP does not work with Debian and no systemd. On modern Debian docker is started with systemd/systemctl, which is #1579 aka #994. There is no WSL actionable short of that. The fail comes from userspace.

Recipe that will get you there:

$ sudo apt remove docker docker-engine docker.io containerd runc
$ sudo apt install apt-transport-https  ca-certificates  curl gnupg-agent software-properties-common iptables
$ sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
$ /sbin/iptables --version
$ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
$ sudo apt-key fingerprint 0EBFCD88
$ sudo add-apt-repository    "deb [arch=amd64] https://download.docker.com/linux/debian \
   $(lsb_release -cs) \
   stable"
$ sudo apt update
$ sudo apt install docker-ce docker-ce-cli containerd.io
$ sudo service docker start
$ sudo docker ps -a
$ sudo docker run --rm hello-world
