It’s a bit of a pig getting it to work in LXD but it is possible.
I used ubuntu 18.04 as the lxd OS
16.04 also works
Docker CE was version 18.06.0 ce 3 on 18.04
Docker CE was 17.06 on 18.04
Here is my profile for 16.04:
### This is a yaml representation of the configuration.
### Any line starting with a '# will be ignored.
###
### A sample configuration looks like:
### name: container1
### profiles:
### - default
### config:
### volatile.eth0.hwaddr: 00:16:3e:e9:f8:7f
### devices:
### homedir:
### path: /extra
### source: /home/user
### type: disk
### ephemeral: false
###
### Note that the name is shown but cannot be changed
architecture: x86_64
config:
image.architecture: amd64
image.description: ubuntu 16.04 LTS amd64 (release) (20181004)
image.label: release
image.os: ubuntu
image.release: xenial
image.serial: "20181004"
image.version: "16.04"
linux.kernel_modules: openvswitch,nbd,ip_tables,ip6_tables,netlink_diag,nf_nat,overlay
raw.lxc: |
lxc.apparmor.profile=unconfined
lxc.mount.auto=proc:rw sys:rw cgroup:rw
lxc.cap.drop=
lxc.cgroup.devices.allow=a
security.nesting: "true"
security.privileged: "true"
volatile.base_image: c966933fdfd390d301fed3447528e2f910bf72c0615b2caaf3235a791fed3541
volatile.eth0.hwaddr: 00:16:3e:46:5f:f7
volatile.idmap.base: "0"
volatile.idmap.next: '[]'
volatile.last_state.idmap: '[]'
volatile.last_state.power: RUNNING
volatile.lxdbr1.hwaddr: 00:16:3e:9d:64:5a
volatile.lxdbr1.name: eth1
devices:
aadisable:
path: /sys/module/nf_conntrack/parameters/hashsize
source: /dev/null
type: disk
aadisable1:
path: /sys/module/apparmor/parameters/enabled
source: /dev/null
type: disk
mem:
path: /dev/mem
type: unix-char