The unit docker.socket has entered the 'failed' state with result 'service-start-limit-hit'

Docker Engine General
1

Hi

i have a 14’’ HMI Industrial Control System Android Linux Debian Touch Panel PC, where its installed a stripped down debian version.

now im trying to install docker, but in getting the following error:

sudo systemctl start docker
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.

root@HMI:/boot# sudo dockerd
INFO[2026-05-03T19:44:36.041716643+02:00] Starting up
INFO[2026-05-03T19:44:36.044070124+02:00] OTEL tracing is not configured, using no-op tracer provider
INFO[2026-05-03T19:44:36.044842465+02:00] CDI directory does not exist, skipping        dir=/var/run/cdi
INFO[2026-05-03T19:44:36.044963217+02:00] CDI directory does not exist, skipping        dir=/etc/cdi
INFO[2026-05-03T19:44:36.078915011+02:00] Creating a containerd client                  address=/run/containerd/containerd.sock timeout=1m0s
INFO[2026-05-03T19:44:36.084823361+02:00] Loading containers: start.
INFO[2026-05-03T19:44:36.085125239+02:00] NRI is disabled
INFO[2026-05-03T19:44:36.085216240+02:00] Starting daemon with containerd snapshotter integration enabled
INFO[2026-05-03T19:44:36.093663282+02:00] Restoring containers: start.
INFO[2026-05-03T19:44:36.108415928+02:00] Deleting nftables IPv4 rules                  error="exit status 3" output="mnl.c:45: Unable to initialize Netlink socket: Protocol not supported"
INFO[2026-05-03T19:44:36.121713726+02:00] Deleting nftables IPv6 rules                  error="exit status 3" output="mnl.c:45: Unable to initialize Netlink socket: Protocol not supported"
INFO[2026-05-03T19:44:36.553331291+02:00] stopping event stream following graceful shutdown  error="<nil>" module=libcontainerd namespace=moby
INFO[2026-05-03T19:44:36.555116601+02:00] Daemon shutdown complete                      error="failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to register \"bridge\" driver: failed to create NAT chain DOCKER: iptables failed: iptables --wait -t nat -N DOCKER: iptables v1.8.7 (legacy): can't initialize iptables table `nat': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.\n (exit status 3)"
failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to register "bridge" driver: failed to create NAT chain DOCKER: iptables failed: iptables --wait -t nat -N DOCKER: iptables v1.8.7 (legacy): can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

image
image909×293 16 KB

what do i need to add/configure to make it start ?

2

Unable to initialize Netlink socket: Protocol not supported

indicates your stripped down Debian might be missing nftables/netfilter netlink support.

Docker supports regular Debian, check the install docs, especially the part about firewall. If you use a customized Debian, than the issue seems to be rather a dedicated Debian question.