I’m a fan of Canonical’s LXD containers—which essentially copy the same approach to lightweight virtualisation enjoyed by Solaris Zones users (and by extension, any illumos-based distros such as SmartOS) for over ten years. One area however where Canoncial is playing catch-up compared to commercial UNIX is in incomplete documentation spread out absolutely everywhere—blog posts, articles, wikis, and so on. Trying to find consistent information on the level of support for Docker running in an LXD container is a perfect example of this. It’s a real mess.
At the time of writing, running Docker as installed from the official Docker repository will fail in an LXD container. This is noted in the following two bug reports:
The advice provided in both reports is to use Ubuntu’s Docker packages:
“Only Docker coming from Ubuntu (docker.io package) works inside LXD containers.
“The Docker coming from upstream is missing a number of patches to make it work, leading to the problem you describe above. We’ve been pushing for those changes to be merged upstream and some were, but we’re not yet at a point where the upstream packages work.”
Otherwise, the prerequisite for running Docker in LXD is that the container is launched with the docker profile applied, and is configured as a privileged container (by default, LXC containers are unprivileged). In the following example, the nextcloud-dev-1 container is created with the default and docker profiles applied, and its configuration is set to be privileged:
$ sudo lxc launch ubuntu:16.04 nextcloud-dev-1 -p default -p docker -c security.privileged=true
Post installation, log into the container and install the Ubuntu Docker package:
$ sudo apt install docker.io
From there, Docker should work as expected.
More on privileged containers is here: