How to fix Docker daemon permission denied, docker.sock access denied in Kubernetes | DevErrorsHow to fix Docker daemon permission denied, docker.sock access denied in Kubernetes
KubernetesBEGINNERCRITICAL
Container runtime socket access denied. Fix by adding kubelet user to docker group, fixing socket permissions, or using rootless Docker.
What this error means
The kubelet (or container runtime) can't access the Docker daemon socket due to insufficient permissions. This prevents pod creation.
Typical symptoms
- Node status shows NotReady
- kubelet fails to create pods
- Permission denied errors in kubelet logs
- Socket file inaccessible
Common causes
- kubelet user not in docker group
- Docker socket has restrictive permissions
- SELinux blocking access
How to fix "Docker daemon permission denied, docker.sock access denied"
sudo usermod -aG docker kubelet
sudo systemctl restart kubelet
ls -la /var/run/docker.sock
Advanced notes
Never change socket permissions directly. Always use group membership.
Official resources & further reading
5Use rootless Docker if needed
Consider rootless mode for better security.