LXD: nested containers

Nested
https://ubuntu.com/blog/nested-containers-in-lxd

lxc config set ${CONTAINER} security.nesting true
lxc config set ${CONTAINER} security.privileged true
 
# load kernel module on hypervisor by start of the VM
lxc config set ${CONTAINER} linux.kernel_modules aufs
#cp -a /lib/modules/$(uname -r) /var/lib/lxd/containers/CONTAINER/rootfs/lib/modules/
echo 50000 > /proc/sys/kernel/keys/maxkeys
CONTAINER=lxd-nested-docker
lxc config set ${CONTAINER} security.nesting true
#lxc launch ${CONTAINER} -p default -p docker
#lxc exec ${CONTAINER} -- apt install -y linux-modules-extra-$(uname -r)
#lxc config set ${CONTAINER} security.privileged true
lxc exec ${CONTAINER} apt install docker.io

Docker inside LXD

lxc launch ubuntu:18.04 gitlab-runner1-dev \
  -p disk-zfs \
  -p nic-dev-mgmt \
  -c security.nesting=true 
#  -c security.privileged=true

raw.lxc parameter
https://blog.simos.info/how-to-add-multi-line-raw-lxc-configuration-to-lxd/

printf 'lxc.apparmor.profile = unconfined\nlxc.cgroup.devices.allow = a\nlxc.mount.auto=proc:rw sys:rw\nlxc.cap.drop=' | lxc config set ${CONTAINER_NAME} raw.lxc -

Links:
https://docs.gitlab.com/runner/install/docker.html
https://blog.ubuntu.com/2015/10/30/nested-containers-in-lxd
https://ubuntu.com/blog/nested-containers-in-lxd
https://dshcherb.github.io/2017/12/04/qemu-kvm-virtual-machines-in-unprivileged-lxd.html