moby: Error starting daemon: couldn't create plugin manager: error setting plugin manager root to private: invalid argument

Description

Steps to reproduce the issue:

  1. Copy docker graph root from /var/lib/docker to a new HD
  2. Update daemon.json configuration to point graph to new location
  3. Start dockerd

Describe the results you received:

error starting daemon: couldn't create plugin manager: error setting plugin manager root to private: invalid argument

Describe the results you expected: Docker daemon should’ve started without issues

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

Client:
 Version:      17.06.1-ce
 API version:  1.30
 Go version:   go1.8.3
 Git commit:   874a737
 Built:        Thu Aug 17 22:51:12 2017
 OS/Arch:      linux/amd64
Cannot connect to the Docker daemon at tcp://0.0.0.0:2376. Is the docker daemon running?

Output of docker info:

Cannot connect to the Docker daemon at tcp://0.0.0.0:2376. Is the docker daemon running?

Additional environment details (AWS, VirtualBox, physical, etc.):

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Reactions: 10
  • Comments: 26 (8 by maintainers)

Most upvoted comments

Presumably you should get the same error from devicemapper in this case if the plugin manager wasn’t doing the same thing.

What’s in the mount table?

What happens if you stop docker and then:

mount --bind /var/lib/docker/plugins /var/lib/docker/plugins
mount --make-private /var/lib/docker/plugins

Does the last command succeed?

+11
cpuguy83 on Oct 3, 2017

Have encountered this issue, in my case it was because I was trying to use the root of a disk as the data-root. The moment I changed data-root from “/mnt/docker_lib” to “/mnt/docker_lib/inner”, this error disappeared.

+4
Faqa on Nov 22, 2017

If /mnt/docker is not mounted before docker is started, then that would definitely produce weird errors yes

+3
thaJeztah on Nov 27, 2017

For other coming here from google, this is what I discover in my audit in a VPS with CentOS 7.4:

# mount --make-private /var/lib/docker/plugins
mount: none is write-protected, mounting read-only
mount: cannot mount none read-only

# grep docker /etc/fstab 
UUID= /var/lib/docker xfs defaults 0 0

So folder /var/lib/docker/plugins would be mount as write permissions, but actually it refuses to mount only as read-only

# dmesg | grep docker
[3785615.463271] audit: type=1400 audit(1515451857.439:760): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default-cgns" name="/var/lib/docker/plugins/" pid=44245 comm="dockerd" flags="rw, private"

So apparmor deny the mount since it is a container based in LXC

+2
shakaran on Jan 9, 2018

For me the solution came out is to mount volume /var/run/docker.sock into the container while starting it, that is run docker run -d -v "/var/run/docker.sock:/var/run/docker.sock:rw" <image>

+1
amundra2016 on Feb 18, 2018

I was able to fix this by rebooting, stopping docker, mounting the volume, starting docker

+1
jonathan-kosgei on Nov 27, 2017
Read more comments on GitHub
← moby: error starting container issue in a custom kernel
moby: Error starting daemon: error initializing graphdriver: devmapper: Device %device% is not a thin pool →