Docker container cannot start due to apparmor, why?

Question

I have a fresh install of ubuntu 18.04. The only program installed is docker.

But if I try to run the hello-world container, to test the installation, the run failed:

docker: Error response from daemon: AppArmor enabled on system but the docker-default profile could not be loaded: running `/sbin/apparmor_parser apparmor_parser -Kr /var/lib/docker/tmp/docker-default847992402` failed with output: apparmor_parser: Unable to replace "docker-default".  Permission denied; attempted to load a profile while confined?

error: exit status 243.
ERRO[0000] error waiting for container: context canceled

There are no apparmor profiles installed on the system:

apparmor module is loaded.
0 profiles are loaded.
0 profiles are in enforce mode.
0 profiles are in complain mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.

How can I install the profile? And fix the error?

I am trying to run:

sudo docker run hello-world 

I installed docker via:

sudo apt install docker.io

The system is Ubuntu 18.04 on a LXC vserver

Jonas

Answer 1

To run docker properly on an LXC vServer, there are some settings to change outside the vServer, in the LXC configurations. In my case I had to enable docker support on my hosting account´s dashboard.