Install of Docker-CE in LXC unprivileged container in Proxmox

• create an unprivileged LXC container in Proxmox based on the the template of your choice

• apt-get update & apt-get upgrade (eventually 2x if you get an « unable to fetch some archives… » message in the end)

• install curl if it was not provided by the distribution

• curl -fsSL https://download.docker.com/linux/ 179<your_distro>/gpg | sudo apt-key add -
  where <your_distro> is "debian" or "ubuntu" or whatever (altough I didn't test the others)

• edit /etc/apt/sources.list and add the appropriate repository from docker :
  deb [arch=amd64] https://download.docker.com/linux/debian 60 stretch stable
  deb [arch=amd64] https://download.docker.com/linux/ubuntu 54 xenial stable

• apt-get update

• apt-cache policy docker-ce to ensure that a package for docker-ce is available

• apt-get install docker-ce

• systemctl status docker
  should return « Active (running) »
  In case not (trick #1), work around the systemd bug by adding an "ExecStartPre=" to containerd service.
  This link 136 has a clear explanation of the steps:
  a) mkdir -p /etc/systemd/system/containerd.service.d
  b) echo -e "[Service]\nExecStartPre=\n" > /etc/systemd/system/containerd.service.d/override.conf
  c) systemctl daemon-reload
  d) systemctl start docker
  e) systemctl enable docker

• Now the docker daemon should be OK ; it's time for the second error:
  docker run hello-world returns an error « mounting proc to rootfs…permission denied »

• Fix it (trick #2) by inserting manually a line containing the following :

            features:  keyctl=1,nesting=1

• In Web Console of proxmox server 
  

in the config file of your LXC as documented in this Proxmox doc 340.
In Proxmox you find the LXC config here: /etc/pve/local/lxc/<container_id>.conf
So you have to do it via an SSH connection directly into your Proxmox host.

• stop/start the LXC container
• docker run hello-world gives you « Hello from Docker ! » now.