Provider can't connect to Docker daemon in WSL 2

[mavogel]

This issue was originally opened by @mattwelke as https://github.com/hashicorp/terraform-provider-docker/issues/303. It was migrated here as a result of the community provider takeover from @kreuzwerker. The original body of the issue is below.

---

Terraform Version

Terraform v0.12.29 (using old version intentionally because I'm following a tutorial that references particular modules that don't yet support 0.13)

Affected Resource(s)

n/a

Terraform Configuration Files

versions.tf:

terraform {
  required_version = "~> 0.12"
  required_providers {
    google  = "~> 2.16"
    random  = "~> 2.2"
    docker  = "~> 2.3"
  }
}

providers.tf:

provider "google" {
  credentials = file("account.json")
  project     = var.gcp.project_id
  region      = var.gcp.region
}

provider "docker" {
  host = "tcp://127.0.0.1:2375/"
}

variables.tf:

variable "gcp" {
  type = object({
    project_id = string
    region     = string
  })
}

terraform.tfvars:

gcp = {
  project_id = "REDACTED"
  region     = "us-east1"
}

outputs.tf:

output "addresses" {
  value = {
    gcp1         = module.gcp1.network_address
    gcp2         = module.gcp2.network_address
    loadbalancer = module.loadbalancer.network_address
  }
}

main.tf:

module "gcp1" {
  source     = "scottwinkler/vm/cloud//modules/gcp"
  project_id = var.gcp.project_id
  environment = {
    name             = "GCP 1"
    background_color = "red"
  }
}

module "gcp2" {
  source     = "scottwinkler/vm/cloud//modules/gcp"
  project_id = var.gcp.project_id
  environment = {
    name             = "GCP 2"
    background_color = "blue"
  }
}

module "loadbalancer" {
  source = "scottwinkler/vm/cloud//modules/loadbalancer"
  addresses = [
    module.gcp1.network_address,
    module.gcp2.network_address,
  ]
}

Debug Output

Please provider a link to a GitHub Gist containing the complete debug output: https://gist.github.com/mattwelke/ce34d58c1281d49930f81caaa257800e

Panic Output

n/a

Expected Behavior

A docker container being created.

Actual Behavior

An error applying Terraform config when it tried to use the Docker provider.

Steps to Reproduce

1. Start Docker Desktop in Windows, wait til it's ready
2. Ensure the Docker daemon is reachable from within WSL 2 (ex. run docker ps)
3. Add Docker provider to config
4. Run terraform apply

Important Factoids

I ensured I had Docker set up to be useable from within WSL 2 first. I was able to run commands like docker ps:

> docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

But then, when running terraform apply, it displayed that error, saying it couldn't reach the daemon. I tried using the port 2376 instead of 2375 in the Terraform config, but that didn't work. I also tried enabling this option in Docker Desktop in Windows:

But this also made no difference (even when using port 2375 in the Terraform config).

I'm using Ubuntu 20.10 in WSL 2.

References

When troubleshooting, I tried the steps in the issue https://github.com/terraform-providers/terraform-provider-docker/issues/210, but it didn't help.

[mattwelke]

I fixed this. And usually I leave a comment when I do. Really disappointed that I didn't though because now I don't remember how I did. xD

I think what happened was I misunderstood how Docker is meant to be used from within WSL 2. I installed it in the Linux distro. I didn't use Docker Desktop in Windows (which makes Docker available for use from within WSL 2 as long as Windows programs are on the path - which is the default setting for WSL 2).

And I think when I used the installation of Docker that was done from the host side in Windows 10 using Docker Desktop, it worked.

[mavogel]

What a pity. If you find out/remember the steps how to fix it, then please update here and we'll add it to the documentation.

[mattwelke]

@mavogel Once I typed it all out, I remembered it. That's exactly what it was. I would consider this issue closed. As far as I know, it's just an issue with how I was using Docker, which of course let to an issue with this provider trying to use Docker.

[mavogel]

Alright, thanks for the update.

[theCrius]

Hi there, sorry for barging in after this one was closed but I can't seem to figure out a solution to this issue.

I started from here which was the exact problem I had: https://github.com/hashicorp/terraform-provider-docker/issues/180

But I see that that repo is closed now, for some reason. The solution suggested there, is not working as of today on a fresh installation of terraform and docker. So I decided to try the docker port open instead, even if it's a security issue. I'm just testing locally after all, no big deal.

If you think that there will be a better place to post this, please link it for me.

I'm following this tutorial: https://learn.hashicorp.com/tutorials/terraform/install-cli?in=terraform/gcp-get-started And I altered my main.tf file to this:

terraform {
  required_providers {
    docker = {
      source = "kreuzwerker/docker"
      version = "~> 2.7"
    }
  }
}

provider "docker" {
  # host    = "npipe:////.//pipe//docker_engine"
  host = "tcp://127.0.0.1:2375/"
}

resource "docker_image" "nginx" {
  name         = "nginx:latest"
  keep_locally = false
}

resource "docker_container" "nginx" {
  image = docker_image.nginx.latest
  name  = "tutorial"
  ports {
    internal = 80
    external = 8000
  }
}

Despite that, it output an error:

╷
│ Error: Error pinging Docker server: Cannot connect to the Docker daemon at tcp://127.0.0.1:2375/. Is the docker daemon running?
│
│   with provider["registry.terraform.io/kreuzwerker/docker"],
│   on main.tf line 10, in provider "docker":
│   10: provider "docker" {
│
╵

Even if I have the ports open and the docker engine running. I have docker installed and running from the windows host and I already use it successfully while creating images/containers directly with the docker and docker compose commands from inside the WSL distro (ubuntu 20.x in my case).

[mavogel]

Hi @theCrius , no worries. We're happy to help. Could you update to the latest version ~> 2.13.0 and try again? Unfortunately, I don't have a windows machine to test here yet (it's in progress)

[theCrius]

Hey, thanks for the quick reply.

When running terraform init I get this ouput:

Initializing provider plugins...
- Reusing previous version of kreuzwerker/docker from the dependency lock file
- Using previously-installed kreuzwerker/docker v2.13.0

However, I checked the "show terminal" button on the tutorial I was following and noticed that in the sandbox, the commands are working. So I checked the main.tf files in there and noticed that it's different from the one written in the tutorial itself.

The main.tf file that the sandbox terminal uses is:

terraform {
  required_providers {
    docker = {
      source = "kreuzwerker/docker"
    }
  }
  required_version = ">= 0.13"
}

resource "docker_image" "nginx" {
  name = "nginx:latest"
}

resource "docker_container" "nginx" {
  image = docker_image.nginx.latest
  name  = "tutorial"
  ports {
    internal = 80
    external = 80
  }
}

So I tried starting from that one and making just some small changes. ports -> external set to 8000. Not specifying a version for kreuzwerker/docker is downloading already the latest version (I suppose) but just in case I added that as well.

The final version of the file is this one:

terraform {
  required_providers {
    docker = {
      source = "kreuzwerker/docker"
      version = "2.13.0"
    }
  }
  required_version = ">= 0.13"
}

resource "docker_image" "nginx" {
  name = "nginx:latest"
}

resource "docker_container" "nginx" {
  image = docker_image.nginx.latest
  name  = "tutorial"
  ports {
    internal = 80
    external = 8000
  }
}

I cleaned up everything except the main.tf file and run again terraform init and terraform apply and it works without a fuss. I also tested by removing the option Expose daemon on tcp://localhost:2375 without TLS from Docker Engine and again, cleaning everything and running again init and apply and it works flawlessly.

I guess the problem was this snippet:

provider "docker" {
  host    = "npipe:////.//pipe//docker_engine"
}

# But why it was there and it's a problem, I don't know.

Is there a way to reach the writers of the tutorial to tell them to update the content? I can do it myself If it's an open source project as well.

[mavogel]

@theCrius I asked internally what's the best way to update this page and will come back to you :) THanks for reporting this. I'm also interested in having the tutorials work

[theCrius]

Good to know @mavogel, let me know if I can help in any way. My office's laptop run on windows so I can run tests if needed.

My experience with Terraform is not vast but I'm quite experienced with devops works anyway (dockers, kubernetes, jenkins, etc) so, as much as I can, I'll gladly help.

[mavogel]

@theCrius , here the internal response:

I'm being told the feedback link at the bottom of the tutorial is the best place to report this, but also that the Learn team is aware of the issue and is working on it.

Thanks for reporting the issue, and if you feel contributing to this project let me know :)

[theCrius]

Thanks @mavogel, I had already wrote a feedback specifying the issue the other day. I guessed that that could have been one of the channels anyway :)

Have a good weekend!

[littleccguy]

I replied in the feedback as well. I just removed provider "docker" { host = "npipe:////.//pipe//docker_engine" } and it worked for me

[NDPsss]

I had a problem with the lab and found this thread. Every time problem was with this part

provider "docker" {
  host    = "npipe:////.//pipe//docker_engine"
}

I ran docker from Win start menu and after terraform apply I got the error docker Error: Error initializing Docker client: protocol not available │ │ with provider["registry.terraform.io/kreuzwerker/docker"], │ on main.tf line 10, in provider "docker": │ 10: provider "docker" {}

Then I start docker with docker run -d -p 80:80 docker/getting-started and after that the protocol became available.

The part that docker has be to running is missed in the description of the lab.

[yevda1]

I replied in the feedback as well. I just removed provider "docker" { host = "npipe:////.//pipe//docker_engine" } and it worked for me

This worked for me as well!

[adoublef]

Hey all, hoping someone can try help. I am having a similar issue with my docker provider not working via Terraform Cloud.

I have been able to get this working locally but when I tried Terraform Cloud (in order to setup GitHub actions) I am now getting errors.

I am not using GCP and trying to push to docker registry instead, unsure if that matters.

I am using v3.0.1 of the plug-in. I am using debian as my WSL2 distro

I have tried to check tcp://localhost without TLS and I have tried to set the host explicitly with no luck.

Terraform v1.4.0
on linux_amd64
Initializing plugins and modules...

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: Error pinging Docker server: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
│ 
│   with module.docker.provider["registry.terraform.io/kreuzwerker/docker"],
│   on modules/docker/main.tf line 10, in provider "docker":
│   10: provider "docker" {

[sterlp]

same here, windows 11 using WSL. The problem is, that "http://127.0.0.1:2375/_ping" is not reachable from windows but in the WSL. Not sure if it is a terraform issue in itself.

But docker info works from windows and also all other commands concerning docker; so I am not sure if maybe the plugin has an issue; including the VS Code docker integration.

\learn-terraform-docker-container> terraform.exe apply
╷
╷│ Error: Error pinging Docker server: error during connect: Get "http://127.0.0.1:2375/_ping": dial tcp 127.0.0.1:2375: connectex: No connection could be made because the target machine actively refused it.
│
│   with provider["registry.terraform.io/kreuzwerker/docker"],
│   on main.tf line 10, in provider "docker":
│   10: provider "docker" {
│
╵
\learn-terraform-docker-container> docker ps --all
CONTAINER ID   IMAGE         COMMAND    CREATED          STATUS                      PORTS     NAMES4d8fd97434cf   hello-world   "/hello"   9 minutes ago    Exited (0) 9 minutes ago              mystifying_raman

[sanzog03]

make sure that the docker is running (use docker ps) before terraform apply. .

[Verayth]

Reconfiguring docker in WSL2 to listen on port 2375 worked for me: https://stackoverflow.com/a/63417004/4479786