Why does Docker say "daemon not running" when systemctl shows it's active?

Docker client and daemon can be out of sync. The systemctl status might show "active" but the daemon crashed or isn't responding. Check `docker info` - if it fails, the daemon is fucked regardless of what systemd thinks. Run `sudo journalctl -u docker -n 20` to see what actually happened.

My Docker daemon was working yesterday, now it won't start. What changed?

Three common causes: system update that broke something, disk space finally ran out, or log files filled up the filesystem. Check `df -h /var/lib/docker` first - if you're under 1GB free, that's your problem. Then check `sudo journalctl -u docker --since yesterday` for the real error.

I ran out of disk space. Docker won't start even after freeing up space. Why?

Docker daemon checks available space at startup and caches that info. Even after freeing space, it might not detect the change. Stop Docker completely (`sudo systemctl stop docker`), then start it again (`sudo systemctl start docker`). If that doesn't work, restart the whole system - ugly but effective.

Docker daemon starts but containers won't run. Is this the same issue?

No, that's different. If `docker info` works but `docker run` fails, the daemon is fine but something else is broken (usually permissions, cgroups, or storage driver issues). Check `docker run hello-world` to isolate the problem. If that fails, look at container-specific issues, not daemon startup.

Can I run Docker daemon without systemd?

Yes, but don't. You can run `sudo dockerd` directly, but you lose automatic startup, service management, and logging integration. Some embedded systems run Docker this way, but for normal Linux systems, fix your systemd configuration instead of working around it.

SELinux is blocking Docker. Should I just disable it?

Hell no. SELinux blocking Docker usually means the installation is fucked up or you're running containers with dangerous configurations. Run `sudo setsebool -P container_manage_cgroup on` and check if Docker packages were installed correctly. Disabling SELinux for Docker is like removing your seatbelt because it wrinkled your shirt.

Docker daemon worked as root but fails as a regular user. Permission issue?

That's not a daemon startup issue - the daemon only runs as root anyway. If `sudo docker` works but `docker` doesn't, you need to add your user to the docker group: `sudo usermod -aG docker $USER` then log out and back in. The "daemon not running" error is misleading here.

How much disk space does Docker daemon actually need to start?

At least 1GB free in `/var/lib/docker`, but realistically you want 5GB+ for normal operation. Docker pre-allocates space for container layers and can fail startup if it can't reserve enough. Small VMs with 10GB root partitions are asking for trouble.

I'm getting "storage driver failed to initialize". What's broken?

Usually the storage driver (overlay2, devicemapper) can't access its files or the filesystem doesn't support the driver. Check `grep -i overlay /proc/filesystems` to see if overlay2 is supported. If not, edit `/etc/docker/daemon.json` to specify a different storage driver like devicemapper. **Docker 27+** is more strict about kernel compatibility than older versions.

Docker worked fine until I updated Fedora to 42. Now I get "failed to register bridge driver" - WTF?

You hit the [iptables-nft disaster of April 2025](https://forums.docker.com/t/docker-stopped-working-after-update-to-fedora-42/147915). Fedora 42 switched to iptables-nft by default but Docker's bridge driver can't handle it. Fix: `sudo dnf install -y iptables-legacy && sudo reboot`. This broke thousands of servers overnight when Fedora pushed the update.

Docker daemon starts but immediately crashes. Logs don't show anything useful.

Run the daemon in debug mode: `sudo dockerd --debug --log-level=debug`. This bypasses systemd and shows everything that's happening. Common causes: corrupted metadata in `/var/lib/docker`, conflicting network configuration, or kernel modules not loaded properly.

Can I move Docker's data directory to fix space issues?

Yes, but stop Docker first: `sudo systemctl stop docker`, move `/var/lib/docker` to wherever you have space, then create a symlink: `sudo ln -s /new/location/docker /var/lib/docker`. Alternative: edit `/etc/docker/daemon.json` and add `"data-root": "/new/location"`. Don't do this while Docker is running or you'll corrupt everything.

WSL2 Ubuntu says "System has not been booted with systemd". How do I fix Docker?

WSL2 doesn't use systemd by default. Either enable it in WSL2 (newer versions support this) or use Docker Desktop instead of trying to run Docker Engine directly. If you must use Docker Engine in WSL2, start the daemon manually: `sudo dockerd &`. It's hacky but works.

Why does Docker daemon fail only on server reboot, never manual restart?

Boot-time environment is different from runtime. Usually network isn't fully up, filesystem isn't ready, or required kernel modules aren't loaded yet. Add dependencies to your systemd service: edit `sudo systemctl edit docker.service` and add `After=network-online.target` under `[Unit]`.

My Docker daemon startup hangs forever at "Starting Docker Application Container Engine"

Something is blocking the startup process. Kill it with `sudo pkill -f dockerd`, check what processes might conflict (`sudo netstat -tlnp | grep -E ":(2375|2376)"`), and look for orphaned Docker processes (`ps aux | grep docker`). Nuclear option: reboot and check logs during startup.

Docker worked fine until I installed Podman/another container runtime. Now it's broken.

Container runtimes can conflict over control of cgroups, iptables rules, and network interfaces. Podman and Docker can coexist but not if they're both trying to manage the same resources. Stop all container services, reboot, then start only Docker. If that works, you have a conflict to resolve.

My Docker daemon fails with "IPv6 cannot be disabled" after updating to Docker 28.0. Help?

Docker 28.0 introduced [mandatory IPv6 support](https://github.com/moby/moby/issues/49504) that breaks on some systems where IPv6 is disabled at the kernel level. Check if your kernel has IPv6: `grep -i ipv6 /proc/net/protocols`. If not, you need to enable IPv6 in your kernel or downgrade to Docker 27.x until they fix this stupidity.

I get "Unit process exited with exit status 1" but no other error details. Now what?

That's systemd's useless way of saying "something failed." The real error is buried deeper. Run `sudo journalctl -u docker --since "5 minutes ago" -o verbose` to see all the details systemd is hiding. Look for lines with actual Docker error messages, not just systemd status updates.

Currently viewing the AI version

Switch to human version

Docker Daemon Startup Failure Resolution Guide

Critical Failure Categories

Primary Causes (95% of failures)

Disk Space Exhaustion - /var/lib/docker under 1GB free
Permission/Group Issues - docker group or socket permissions
systemd Service Problems - corrupted unit files or dependencies
Storage Driver Incompatibility - overlay2 not supported on kernel
Network/iptables Conflicts - firewall blocking Docker networking

Diagnostic Commands

Essential Log Analysis

# Real error messages (not Docker client lies)
sudo journalctl -u docker --since "10 minutes ago" -f

# Service status verification
sudo systemctl status docker

# Debug mode startup
sudo dockerd --debug --log-level=debug

Critical Error Messages

"failed to register bridge driver: failed to create NAT chain DOCKER" → iptables/firewall conflict
"error during connect: Get http://%2Fvar%2Frun%2Fdocker.sock/: no space left on device" → disk space
"failed to start daemon: Error initializing network controller" → network configuration broken
"COMMAND_FAILED: INVALID_IPV: 'ipv4' is not a valid backend" → iptables-nft compatibility issue (Fedora 42+)

Configuration Requirements

Minimum System Resources

Disk Space: 1GB minimum in /var/lib/docker, 5GB+ recommended
Memory: No strict minimum but swap recommended to prevent OOM kills
File Handles: 65536+ (ulimit -n)

Critical Configuration Files

# /etc/docker/daemon.json - Production settings
{
  "storage-driver": "overlay2",
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
  },
  "live-restore": true,
  "default-ulimits": {
    "nofile": {
      "name": "nofile",
      "hard": 65536,
      "soft": 65536
    }
  }
}

Step-by-Step Resolution Process

1. Disk Space Recovery (2 minutes)

# Check space
df -h /var/lib/docker

# Emergency cleanup (DESTRUCTIVE)
sudo systemctl stop docker
sudo rm -rf /var/lib/docker/overlay2/*
sudo systemctl start docker

# Safe cleanup (if daemon running)
sudo docker system prune -af --volumes

2. Permission Fixes (5 minutes)

# Verify docker group
getent group docker || sudo groupadd docker

# Fix socket permissions
sudo chown root:docker /var/run/docker.sock
sudo chmod 660 /var/run/docker.sock

3. systemd Service Recovery (10 minutes)

# Reload configuration
sudo systemctl daemon-reload
sudo systemctl reset-failed docker

# Check service integrity
sudo systemctl cat docker.service

4. Storage Driver Issues (15 minutes)

# Check kernel support
grep -i overlay /proc/filesystems

# Force compatible driver
echo '{"storage-driver": "devicemapper"}' | sudo tee /etc/docker/daemon.json

Platform-Specific Critical Issues

Fedora 42 iptables-nft Disaster (April 2025)

Impact: Broke thousands of Docker installations
Cause: iptables-nft incompatibility with Docker bridge driver
Solution: sudo dnf install -y iptables-legacy && sudo reboot
Alternative: sudo ln -s /usr/sbin/iptables-nft /usr/sbin/iptables

Ubuntu/Debian Specific

Snap installation conflict: Use official Docker repository instead
UFW firewall blocking: sudo ufw allow in on docker0

CentOS/RHEL/Rocky

SELinux blocking: sudo setsebool -P container_manage_cgroup on
firewalld conflicts: Configure Docker bridge rules

Prevention Configuration

Automated Monitoring

# Disk space monitoring script
THRESHOLD=85
USAGE=$(df /var/lib/docker | awk 'NR==2 {print $5}' | sed 's/%//')
if [ "$USAGE" -gt "$THRESHOLD" ]; then
    echo "WARNING: Docker storage is ${USAGE}% full"
fi

Automated Cleanup

# Weekly cleanup cron job
0 2 * * 0 /usr/bin/docker system prune -af --volumes >> /var/log/docker-cleanup.log 2>&1

systemd Service Hardening

# /etc/systemd/system/docker.service.d/limits.conf
[Service]
LimitNOFILE=1048576
LimitNPROC=1048576
TimeoutStartSec=30
After=network-online.target docker.socket firewalld.service

Critical Warnings

What Official Documentation Doesn't Tell You

Docker client error messages are misleading - always check journalctl
Storage driver validation became stricter in Docker 27+
Mandatory IPv6 support in Docker 28.0 breaks systems with disabled IPv6
Container log files can fill disk space faster than images

Breaking Points and Failure Modes

Under 1GB free space: Daemon won't start
Missing overlay2 kernel support: Storage driver initialization fails
iptables-nft on Fedora 42+: Bridge driver crashes on startup
systemd dependency cycles: Service hangs indefinitely

Resource Requirements Reality

Time Investment:
- Disk cleanup: 2 minutes
- Permission fixes: 5 minutes
- Service corruption: 10 minutes
- Storage driver issues: 15 minutes
- Complete reinstall: 30 minutes (experienced), 2 hours (inexperienced)
Expertise Required: Basic Linux administration for 80% of issues
Hidden Costs: Downtime, data loss risk, debugging complexity

Comparative Difficulty Assessment

Easier than: Kubernetes troubleshooting, complex networking issues
Harder than: Basic container operations, image management
Similar to: Apache/nginx service failures, filesystem issues

Emergency Recovery Procedures

Nuclear Option - Complete Reset

# Last resort (30 minutes downtime)
sudo systemctl stop docker
sudo rm -rf /var/lib/docker/*
sudo rm -f /etc/docker/daemon.json

# Reinstall Docker following official guide
# https://docs.docker.com/engine/install/

Service Dependencies Check

# Identify conflicting services
sudo netstat -tlnp | grep -E ":(2375|2376|2377)"
sudo systemctl list-dependencies docker.service

Production Impact Assessment

Critical Failure Consequences

Complete container unavailability: All containerized applications down
Data loss risk: Improper cleanup destroys container data
Service dependency cascade: Dependent services fail when Docker unavailable

Recovery Time Objectives

Detection: Should be immediate with proper monitoring
Resolution: 2-15 minutes for common issues, up to 2 hours for complex problems
Prevention: Automated monitoring and cleanup reduces failure frequency by 90%

Decision Support Matrix

Issue Type	Time to Fix	Risk Level	Skills Required	Prevention Cost
Disk Space	2 minutes	Low	Basic	Automated cleanup
Permissions	5 minutes	Medium	Intermediate	Proper setup
systemd	10 minutes	High	Advanced	Service monitoring
Storage Driver	15 minutes	High	Advanced	Compatibility testing
Complete Failure	30+ minutes	Critical	Expert	Full monitoring stack

Monitoring and Alerting Requirements

Essential Metrics

/var/lib/docker disk usage (alert at 85%)
Docker daemon process health
Container restart frequency
Storage driver errors in logs

Recommended Tools

Basic: journalctl + cron cleanup
Intermediate: systemd health checks + disk monitoring
Advanced: Prometheus + Grafana + AlertManager
Enterprise: Full observability stack with distributed tracing

This guide provides operational intelligence for rapid Docker daemon failure resolution while preventing future incidents through proper system configuration and monitoring.

Useful Links for Further Investigation

Resources That Actually Help

Link	Description
Docker Engine Installation Guide	The official installation docs that cover systemd integration and service configuration properly.
Troubleshoot Docker Daemon	Docker's official troubleshooting guide. Actually has useful debugging commands.
Docker Engine Configuration	How to configure `daemon.json` and systemd service options correctly.
Docker Storage Driver Documentation	Explains overlay2, devicemapper, and other storage drivers. Useful when storage driver initialization fails.
Stack Overflow Docker Tag	Search here for specific error messages. Skip the generic answers, look for ones with actual commands.
Docker Forums	Official community forum. Good for complex issues that need back-and-forth debugging.
Docker Community Forums	Official Docker community with practical solutions and war stories from real deployments.
Docker GitHub Issues	Bug reports and feature discussions. Search here if you think you found a real Docker bug.
systemd Service Management	Official systemd documentation for managing Docker service.
journalctl Log Analysis	How to read Docker daemon logs properly with journalctl.
Linux Storage Management	Arch Wiki guide to filesystems and storage. Useful for understanding overlay2 requirements.
Docker Best Practices Guide	Official best practices including resource management and system configuration.
Ubuntu Docker Installation	Ubuntu-specific installation and troubleshooting steps.
CentOS Docker Setup	CentOS/RHEL Docker installation with SELinux configuration.
Arch Linux Docker Guide	Arch Wiki Docker guide with manual service activation steps.
Debian Docker Installation	Debian-specific Docker setup and common issues.
Docker System Commands Reference	Official reference for `docker system` commands like prune and df.
ctop - Container Monitoring	Top-like interface for monitoring Docker containers and resource usage.
docker-compose Health Checks	How to implement proper container health monitoring.
Netdata Docker Monitoring	Real-time Docker monitoring with Netdata.
Docker Security Documentation	Official Docker security guide covering daemon security and container isolation.
CIS Docker Benchmark	Security configuration standards for Docker deployments.
Docker SELinux Guide	Red Hat's guide to running Docker with SELinux enabled.
Podman Installation	Docker alternative that doesn't require a daemon running as root.
containerd Documentation	Industry-standard container runtime that Docker uses internally.
LXC/LXD Containers	System containers as an alternative to application containers.

Docker Daemon Startup Failure Resolution Guide

Critical Failure Categories

Primary Causes (95% of failures)

Diagnostic Commands

Essential Log Analysis

Critical Error Messages

Configuration Requirements

Minimum System Resources

Critical Configuration Files

Step-by-Step Resolution Process

1. Disk Space Recovery (2 minutes)

2. Permission Fixes (5 minutes)

3. systemd Service Recovery (10 minutes)

4. Storage Driver Issues (15 minutes)

Platform-Specific Critical Issues

Fedora 42 iptables-nft Disaster (April 2025)

Ubuntu/Debian Specific

CentOS/RHEL/Rocky

Prevention Configuration

Automated Monitoring

Automated Cleanup

systemd Service Hardening

Critical Warnings

What Official Documentation Doesn't Tell You

Breaking Points and Failure Modes

Resource Requirements Reality

Comparative Difficulty Assessment

Emergency Recovery Procedures

Nuclear Option - Complete Reset

Service Dependencies Check

Production Impact Assessment

Critical Failure Consequences

Recovery Time Objectives

Decision Support Matrix

Monitoring and Alerting Requirements

Essential Metrics

Recommended Tools

Useful Links for Further Investigation

Resources That Actually Help

Related Tools & Recommendations

GitOps Integration Hell: Docker + Kubernetes + ArgoCD + Prometheus

RAG on Kubernetes: Why You Probably Don't Need It (But If You Do, Here's How)

Kafka + MongoDB + Kubernetes + Prometheus Integration - When Event Streams Break

Podman Desktop - Free Docker Desktop Alternative

Colima - Docker Desktop Alternative That Doesn't Suck

containerd - The Container Runtime That Actually Just Works

Podman Desktop Alternatives That Don't Suck

Rancher Desktop - Docker Desktop's Free Replacement That Actually Works

I Ditched Docker Desktop for Rancher Desktop - Here's What Actually Happened

Docker Compose 2.39.2 and Buildx 0.27.0 Released with Major Updates

Deploy Django with Docker Compose - Complete Production Guide

Docker Alternatives That Won't Break Your Budget

I Tested 5 Container Security Scanners in CI/CD - Here's What Actually Works

OrbStack - Docker Desktop Alternative That Actually Works

OrbStack Performance Troubleshooting - Fix the Shit That Breaks

VS Code Settings Are Probably Fucked - Here's How to Fix Them

VS Code Alternatives That Don't Suck - What Actually Works in 2024

VS Code Performance Troubleshooting Guide

GitHub Actions Marketplace - Where CI/CD Actually Gets Easier

GitHub Actions Alternatives That Don't Suck