LXD unprivileged container creation error?

I’m running Ubuntu MATE 16.04 (kernel version 4.4.38-v7+) on Raspberry Pi 3B. I’m experimenting on using LXD but being new to virtualization, I am stumped with creating an unprivileged container.

These are the installation steps I followed:

> sudo apt install lxd
> sudo lxd init
	Do you want to configure a new storage pool (yes/no) [default=yes]? yes
	Name of the storage backend to use (dir or zfs) [default=dir]: dir
	Would you like LXD to be available over the network (yes/no) [default=no]? no
	Do you want to configure the LXD bridge (yes/no) [default=yes]? yes
	Would you like to setup a network bridge for LXD containers now? no
	Do you want to use an existing bridge? yes
	Bridge interface name:  br0
> reboot
> sudo lxc launch ubuntu:xenial/armhf ct01

However, the output of the last command produces an error:

error: Failed container creation:
	- https://cloud-images.ubuntu.com/releases: LXD doesn't have a uid/gid allocation. In this mode, only privileged containers are supported.

These are the contents of my subuid and subgid files:

> cat /etc/subuid
ubuntupi:165536:65536
lxd:231072:65536
root:231072:65536
> cat /etc/subgid
ubuntupi:165536:65536
lxd:231072:65536
root:231072:65536

I tried changing lxd and root to 100000:65536 but the results were still the same. I have read some references regarding uid/gid allocation like this and other threads as well but I still can’t figure out a way to go about this. Can anyone tell me what’s wrong? How can I create unprivileged containers?

Most likely this is because your kernel has user namespaces disabled one way or another.

Which of those files exist on your system?

  • /proc/self/uid_map
  • /proc/self/gid_map
  • /proc/self/ns/user

If any of those are missing, LXD isn’t going to let you run unprivileged containers.