Yep. It’s AppArmor causing the problem. Although I did not see AppArmor error message and the error message always was “dial tcp: lookup registry-1.docker.io on xx.xx.xx.xx:53: │
│ no such host.”
I tried to use different DNS settings (Google, Cloudflare, Pi-Hole, Technitium) or use a real PC yet nothing worked.
apply the following 2 commands at the console then reinstall Portainer and the installation finally went through without error
apt install apparmor
systemctl disable --now apparmor