Comment 3 for bug 1296459

@shemgp, this suggests that you're using a non-ubuntu kernel which comes with incomplete apparmor support. This typically happens when you're using a mainline kernel build rather than an official Ubuntu kernel.

You can force LXD to use such a kernel, though as mentioned, confinement will be partial.

    lxc profile default set raw.lxc lxc.aa_allow_incomplete=1

Should ensure it's set for all your containers.