How to stop the docker daemon, cannot find the documentation for docker.socket

trucupey · November 30, 2023, 12:52am

My question is: Do you have information on how to stop the docker daemon and how it is related to the docker.socket? Now I proceed top explain why I ask this question

I have installed docker engine using apt and following the instructions from Install Docker Engine on Ubuntu | Docker Docs , I am using Ubuntu 22.04.1 and docker version

Client: Docker Engine - Community
 Version:           24.0.7
 API version:       1.43
 Go version:        go1.20.10
 Git commit:        afdd53b
 Built:             Thu Oct 26 09:07:41 2023
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          24.0.7
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.10
  Git commit:       311b9ff
  Built:            Thu Oct 26 09:07:41 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.25
  GitCommit:        d8f198a4ed8892c764191ef7b3b06d8a2eeb5c7f
 runc:
  Version:          1.1.10
  GitCommit:        v1.1.10-0-g18a0cb0
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

I tried to stop the docker daemon using sudo systemctl stop docker following what is exposed in Linux post-installation steps for Docker Engine | Docker Docs , and I notice that the service dockerd is no longer running. I also notice that containerd is not stop when I I stop the docker daemon, which seams odd for me.

So, I thought that after stopping docker with systemctl if I run sudo docker container ls I would get an error regarding not being able to connect to the unix socket /avr/run/docker.sock or not being able to connect to docker daemon, however, to my surprise the dockerd process started again and I was able to interact with docker. I assumed that the file /var/run/docker.sock would be deleted if I stop the docker daemon because something similar happens with docker desktop when it is intalled, that is, when docker desktop is stop the file $HOME/.docker/desktop/docker.sock is deleted, such that when I try to list the containers using the docker desktop context I get:

Cannot connect to the Docker daemon at unix:///home/agentsmith/.docker/desktop/docker.sock. Is the docker daemon running?

This was bothering mebecause it seamed that I was not able to really stop docker, however, I notice that after stopping the docker daemon with systemctl I got the following message:

Warning: Stopping docker.service, but it can still be activated by:
  docker.socket

so, decided to try stopping docker.socket (to which I have not found any documentation) with

sudo systemctl stop docker.service

and then, when I tried to run a docker command I would get what I would expect when I try to stop de docker daemon

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

I have not been able to find information on docker.socket and I do not know what it is, if it is a sub process of another process, a service o something else, any help is appreciated.

rimelek · November 30, 2023, 8:04am

A socket alone would not be able to start a service, but the systemd service called docker.socket is responsible for that. Whenever someone tries to use the socket, the service can detect it and start the daemon. That way you can stop the docker daemon unil you actually need it. I never needed tha feature though.

So there is not much more I could say than you already discovered.

trucupey · November 30, 2023, 2:49pm

Thanks for the clarification. I am not certain if docker.socket is a service, because it is not listed when I use the command systemctl list-unit-files --type=service which afaik lists all services managed by systemd. After reading some posts I believe docker.socket is a socket , that is, a type of systemd unit design to control the communication to the service docker, I know it seams obvious but I am learning Linux so I didn’t know that systemd manages more than services. This is some information that I would appreciate to have in the official documentation of docker, like in a newbies section of the FAQ section, do you know if there is a section to request those additions to the documentation?

rimelek · November 30, 2023, 8:00pm

This is a socket:

ls -la /var/run/docker.sock

Output:

srw-rw---- 1 root docker 0 Jan  4  2023 /var/run/docker.sock

You can see the “s” where it is usually “-” in case of regular files. and “d” in case of directories.

And that’s the systemd definition for the socket:

cat /etc/systemd/system/sockets.target.wants/docker.socket

Output:

[Unit]
Description=Docker Socket for the API

[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker

[Install]
WantedBy=sockets.target

This is basically what is responsible for creating the socket too. If you for example (based on a real question) remove the docker socket file while docker.socket is still running, restarting Docker would not create it so you couldn’t communicate with Docker anymore.

Well, there must be something that reads the socket definition and manages the socket, that is why I used the word “service” but considering that systemd supports different kind of units and “service” is one of them, it was not the best choice from me. However, when you get the status of docker.socket (systemctl status docker.socket), you will see the “Running” status. A socket can’t run, but an application can and it can use the socket.

I found this:

https://docs.docker.com/engine/security/rootless/#install

Note

If the system-wide Docker daemon is already running, consider disabling it: $ sudo systemctl disable --now docker.service docker.socket

So there is at least one case when it could matter and that is documented, but if you feel it could be useful to include it in the installation guide or anywhere, open the page in the documentation which you think should mention this socket unit file, and click the “Request changes” link in the top right corner.

There is also the roadmap:

Where you can open an issue to ask for changes in the documentation. At least there is a label for that.

trucupey · November 30, 2023, 10:52pm

Thanks for the info, I’ll give a look at those links.

trucupey · January 29, 2024, 10:47pm

The command that I used was
sudo systemctl stop docker.socket
instead of
sudo systemctl stop docker.service
because I needed to stop the service that manages the docker socket. Sorry for the misunderstanding.

1um6a · June 21, 2024, 5:39am

I second a guide in documentation for this. Because when installing docker (against recommendations) exclusively in WSL one gets error message in post install script about docker.socket being present. Might be a remnance from my Docker install in windows with WSL integration, which i never got to work with my gpu nvidia rtx4060 (so trying WSL only version). Confusing when install scripts errors like that.

Topic		Replies	Views
Daemon restart removing layers, breaking images, cant start containers General docker	0	1192	April 12, 2021
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? Ubuntu 18 General	2	17406	August 29, 2018
Although Docker is running, daemon cannot be connected Docker Desktop docker , linux	3	1025	October 20, 2022
Need help with stopping containers and starting Docker daemon General	2	9125	September 23, 2019
Docker 1.11.2 systemd --stop-signal=RTMIN+3 still can not stop Docker container General	3	4470	July 3, 2016

How to stop the docker daemon, cannot find the documentation for docker.socket

Related topics