Encountering Cannot connect to the Docker daemon at tcp://docker:2375
in CI/CD jobs when using Docker-in-Docker
Issue
When using Docker-in-Docker v19.03 in GitLab CI/CD jobs, users encounter an error message:
Cannot connect to the Docker daemon at tcp://docker:2375
Environment
- GitLab Runner using Docker executor or Kubernetes executor.
- Docker-in-Docker (
dind
) v19.03 or later specified in CI/CD jobs.
Impacted offerings:
- GitLab.com
- GitLab Dedicated
- GitLab Self-Managed
Cause
Docker is unable to connect to the Docker daemon over TLS.
Docker 19.03 and later uses TLS by default to connect to the Docker daemon. GitLab Runner must be configured to use TLS, or TLS must be explicitly turned off.
Resolution
Configure GitLab Runner to use TLS to connect to the Docker daemon:
- Docker-in-Docker with TLS enabled in the Docker executor
- Docker-in-Docker with TLS enabled in Kubernetes
If TLS must be disabled:
- Docker-in-Docker with TLS disabled in the Docker executor
- Docker-in-Docker with TLS disabled in Kubernetes
Additional information
- The following error message can be found in the GitLab CI/CD job log:
docker: Cannot connect to the Docker daemon at tcp://docker:2375. Is the docker daemon running?
- You should always specify a version tag when using a Docker image (e.g.
docker:24.0.5
instead ofdocker:latest
) to avoid incompatibility problems with new version releases. - This error can also occur with the Kubernetes executor when attempts are made to access the Docker-in-Docker service before it has fully started up. See this issue for more details.
Related links
- Blog post: Update: Changes to GitLab CI/CD and Docker in Docker with Docker 19.03
- Feature request issue: Create readiness probes for services in kubernetes executor