Tip: If you would like to host Docker on a PVE 9 host

[jkotran]

Hey,

I host Docker on one of my PVE hosts for personal reasons. When I upgraded from 8 to 9, I couldn't connect to my containers. AppArmor was blocking it.

Disable AppArmor Specifically for Docker Daemon:

1) Edit the Docker systemd service override:
sudo systemctl edit docker

2) Add the following:

[Service]
Environment="container=docker"

3) Reload and restart:

sudo systemctl daemon-reload
sudo systemctl restart docker

4) Profit!

 

[Johannes S]

So you are removing a security layer for doing something you shouldn't do in the first place? Is there any reason you can't host docker from a vm?

 

[jkotran]

Yes, it's a personal preference. In my situation it provides the lowest possible latency to directly attached storage. It's a homelab so there's that. I wouldn't do it for business.

Cheers

 

[Johannes S]

What latencys issues do you have that you feel the need to do that?