if you run docker inside an LXD container, it will fail with following error message
root@sok-nodejs:~# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
e6590344b1a5: Pull complete
Digest: sha256:c41088499908a59aae84b0a49c70e86f4731e588a737f1637e73c8c09d995654
Status: Downloaded newer image for hello-world:latest
docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "cgroup" to rootfs at "/sys/fs/cgroup": mount cgroup:/sys/fs/cgroup (via /proc/self/fd/6), flags: 0xf: permission denied: unknown.
root@sok-nodejs:~# To fix this, run following command on the host machine
lxc config set <your-container-name> security.nesting true
lxc restart <your-container-name>Example
root@ns5028044:~# lxc config set sok-nodejs security.nesting true
root@ns5028044:~# lxc restart sok-nodejs
root@ns5028044:~# Back to LXD
Leave a Reply