This error occurs when Docker cannot create a network endpoint for a container because an endpoint with the same name already exists on the network, usually due to a stale endpoint left behind after a container was improperly removed or the Docker daemon state became inconsistent.
When you start a Docker container, the Docker daemon creates a network endpoint that connects the container to the specified network (usually the default bridge network). This endpoint is identified by the container name. The 'failed to create endpoint' error with 'network endpoint already attached' indicates that Docker's internal database still contains a reference to an endpoint with that container name, even though the container itself may no longer exist. This typically happens when a container is forcefully killed, the Docker daemon crashes, or there's a race condition during container cleanup. The orphaned endpoint blocks new containers from using the same name on that network.
First, confirm the orphaned endpoint exists:
docker network inspect bridgeLook for your container name in the 'Containers' section. If it appears here but docker ps -a doesn't show the container, you have an orphaned endpoint.
Use the force flag to disconnect the orphaned endpoint:
docker network disconnect --force bridge <container_name>Replace <container_name> with the name shown in the error message (e.g., 'mycontainer'). The --force flag allows disconnecting even when the container no longer exists.
Confirm the endpoint is no longer attached:
docker network inspect bridgeThe container name should no longer appear in the 'Containers' section.
Now try running your container again:
docker run --name mycontainer <your_image>The container should start successfully without the endpoint error.
If the force disconnect doesn't work, restart the Docker daemon:
sudo systemctl restart dockerThis clears stale network state but will stop all running containers.
If issues persist, prune all unused networks:
docker network pruneWarning: This removes all networks not used by at least one container. Only use if you don't have important custom networks.
Root cause analysis: This issue is tracked in several GitHub issues (moby/moby #33156, docker/cli #1891, moby/moby #23302). The underlying problem is that Docker's network driver occasionally fails to clean up endpoints when containers are removed, especially during abnormal termination.
Prevention tips:
- Always stop containers gracefully before removing: docker stop <container> && docker rm <container>
- Avoid using docker rm -f unless necessary
- After kernel updates, reboot the system before running Docker
- Consider using docker-compose down which handles cleanup more reliably
Windows-specific fix: If you're on Windows and encounter this error with HNS (Host Networking Service):
Stop-Service docker
Stop-Service hns
Start-Service hns
Start-Service docker
docker network prunePersistent issues: If the problem keeps recurring, check for:
- Insufficient disk space causing cleanup failures
- SELinux or AppArmor blocking network operations
- Outdated Docker version with known bugs
image operating system "linux" cannot be used on this platform
How to fix 'image operating system linux cannot be used on this platform' in Docker
manifest unknown: manifest unknown
How to fix 'manifest unknown' in Docker
cannot open '/etc/passwd': Permission denied
How to fix 'cannot open: Permission denied' in Docker
Error response from daemon: failed to create the ipvlan port
How to fix 'failed to create the ipvlan port' in Docker
toomanyrequests: Rate exceeded for anonymous users
How to fix 'Rate exceeded for anonymous users' in Docker Hub