I have Docker working perfectly using the new zfs.delegate configuration option on ZFS2.2. I was thinking I would give k3s a try again since this makes Docker work so easily in Incus.
I am not sure what else I need to configure to make this work. The problem I believe is related to /dev/kmsg. I have attempted to add this as a unix-char device but it says permission denied when starting k3s.
Yeah, k8s (cadvisor I believe) checks for a bunch of things including /dev/kmsg and /proc/sysrq-trigger and a few other things that don’t make a ton of sense…
It’d be great if k8s could be made less picky about those bits in general so it’d work better inside of Incus containers.
This old thread had an example of all the hacks needed under LXD:
Note that a bunch of those are really not advisable, like the combination of raw.lxc as well as security.privileged, that basically turns off all confinement for the container at which point you may as well install the thing on your host 
I was looking everywhere for that. All I could find was information for Proxmox.
Cheers!