Afiadi, I created a fresh new container with just one change of security.nesting=true, and docker ran perfectly! So you were correct! So all is good 
but then I saw the video by Stephane Graber above…
In the video above, Stephane says to also set:-
security.syscalls.intercept.mknod=true
security.syscalls.intercept.setxattr=true
So I want to know if it works fine with just nesting enabled, are the above two changes necessary? If so, why?
Finally to make things even more confusing, Stephane says docker will not work if the storage pool is zfs. But mine is zfs and it works fine! Why? 
If anyone here (preferably Stephane himself) can clarify, it would be wonderful!
Thank you.