@trystan First person with the RIGHT knowledge… thanks
Just to extend the response:
- Add “aufs” or “overlay” (or both) to
/etc/modules-load.d/modules.confin your PVE host and reboot. Check it withlsmod | grep -E 'overlay|aufs' - Use a LXC image with unprivilege features (you can check them here)
- Create the container with unprivilege option, and “keyctl=1, nesting=1” features (Options section in proxmox).
- Maybe you would want to mount an external point into /var/lib/docker (Resources section in proxmox)
- Check this link to change your storage-driver in docker to use aufs or overlay2.
- Voilá…
P.S: now people please keep worring about having docker inside LXC or even in the PVE host, but now worried at all having docker in a bare production host … thats cool