1.2 KiB
1.2 KiB
| id | type | title | tags | importance | confidence | created | updated | relations | ||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 384eebbd-a2fd-41a5-93aa-a0f8c332686d | solution | Docker-in-LXC requires AppArmor unconfined on Proxmox |
|
0.8 | 0.8 | 2026-02-08T04:17:35.578335+00:00 | 2026-03-05T03:43:47.041443+00:00 |
|
When creating a Proxmox LXC container to run Docker, the container needs AppArmor set to unconfined. Without this, Docker containers fail to start with: 'AppArmor enabled on system but the docker-default profile could not be loaded'. Fix: Stop LXC, append to /etc/pve/nodes/proxmox/lxc/.conf: lxc.apparmor.profile: unconfined, lxc.cgroup2.devices.allow: a, lxc.cap.drop: (empty). Also need features: nesting=1,keyctl=1 for Docker support. Note: Proxmox will warn 'explicitly configured lxc.apparmor.profile overrides the following settings: features:nesting' but this is harmless and Docker works correctly.