Help creating a standard template for creating LXC Docker hosts on a ZFS pool?

Hello fellow LXDers (Lexies? Lexamaniacs?),

Very lazily I was going to ask for some help to define a basic configuration for LXCs which will run Docker and will also use ZFS block mode where required. It seems the documentation is scattered around a bit and I’m struggling a bit to know what to include. Ideally, I would like a profile which can be applied to LXC instances to set the proper parameters to allow Docker (privileged? unprivileged?) to run and to consume a ZFS block mode storage pool which has been created for it.

There’s some debate as to the profile, but I have :

  cloud-init.user-data: |
    package_update: true
    - curl
    - wget
    - curl -fsSL -o
    - sh
  environment.TZ: Europe/London
  raw.lxc: |
    lxc.apparmor.profile=unconfined sys:rw cgroup:rw
  security.nesting: "true"
  security.privileged: "true"
  security.syscalls.intercept.mknod: "true"
  security.syscalls.intercept.setxattr: "true"
description: Default Docker LXD profile
    name: eth0
    nictype: bridged
    parent: br0
    type: nic
    path: /
    pool: store
    type: disk
name: docker
used_by: []

… as a very basic start, and I’m not even sure the convenience script is the best way to achieve this. And I don’t know how many of the config attributes are really trunly needed, since people use different ones. I would have thought apparmor.profile=unconfined and security.privileged: true achieve similar results?

Then I assume I want to create a new blockmode volume to add to the container, add it as a volume, and … profit?

I’m also assuming I should start the container with an IPv4 address at a minimum (since I want static IPs for these).