search

ehough / docker-nfs-server

A lightweight, robust, flexible, and containerized NFS server.
https://hub.docker.com/r/erichough/nfs-server/
GNU General Public License v3.0
672 stars 221 forks source link

Exposing nfs service on host #2

Closed n1b0r closed 6 years ago

n1b0r commented 6 years ago

Hello, thanks for your container.

I cannot mount an nfs share using the host ip address :

$ sudo mount -v -t nfs -o proto=tcp,port=2049 10.2.4.110:/var/nfs-export /tmp/toto
mount.nfs: timeout set for Mon May  7 13:17:49 2018
mount.nfs: trying text-based options 'proto=tcp,port=2049,vers=4.2,addr=10.2.4.110,clientaddr=10.2.4.111'
mount.nfs: mount(2): No such file or directory
mount.nfs: trying text-based options 'proto=tcp,port=2049,addr=10.2.4.110'
mount.nfs: prog 100005, trying vers=3, prot=6
mount.nfs: portmap query failed: RPC: Program not registered
mount.nfs: requested NFS version or transport protocol is not supported

But using the container ip, it works :

sudo mount -v -t nfs -o proto=tcp,port=2049 172.17.0.2:/var/nfs-export /tmp/toto
mount.nfs: timeout set for Mon May  7 13:19:49 2018
mount.nfs: trying text-based options 'proto=tcp,port=2049,vers=4.2,addr=172.17.0.2,clientaddr=172.17.0.1'
mount.nfs: mount(2): No such file or directory
mount.nfs: trying text-based options 'proto=tcp,port=2049,addr=172.17.0.2'
mount.nfs: prog 100005, trying vers=3, prot=6
mount.nfs: trying 172.17.0.2 prog 100005 vers 3 prot TCP port 32767

We are publishing the port 2049 :

docker run -v /etc/exports:/etc/exports -v /var/nfs-export:/var/nfs-export --cap-add SYS_ADMIN -p 2049:2049 -e NFS_VERSION=3 erichough/nfs-server:latest

Did you already succeed mounting the share using the host ip ? What is the goal of mounting the share using container ip address ?

ehough commented 6 years ago

Thanks for your question. I was able to reproduce this error on my workstation, so it definitely appears to be a bug. I'm working on it now and will report back here once I have a fix.

Did you already succeed mounting the share using the host ip ?

Yes, I have the image running on my personal NAS and I'm able to access it remotely via the host's IP. So I know it works in some cases..

ehough commented 6 years ago

Have you tried to mount the share from a remote host? i.e. a client that is not 10.2.4.110?

In my testing, the problem seems isolated to the loopback interface; I can mount from remote hosts without issue, but not via localhost. Still trying to gain a better understanding.

n1b0r commented 6 years ago

Yes we did the tests with from local host and from remote hosts with same error. These are private openstack vm instances. I will try on physical hosts asap and let you know.

ehough commented 6 years ago

I did some more testing and had some success. The trick for me was to expose ports 111 and 32767 (in addition to 2049) when trying to mount a share via NFS v3. i.e.

ehough@nas ~ > docker run ... -p 2049:2049 -p 111:111 -p 32767:32767 erichough/nfs-server

And mounting from a separate machine on my LAN:

ehough@blue ~ > sudo mount -v -t nfs -o nfsvers=3,proto=tcp nas:/nfs/htpc-media ./nas
mount.nfs: timeout set for Tue May  8 21:52:18 2018
mount.nfs: trying text-based options 'nfsvers=3,proto=tcp,addr=192.168.1.99'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 192.168.1.99 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=6
mount.nfs: trying 192.168.1.99 prog 100005 vers 3 prot TCP port 32767

Mounting from the Docker host (nas in the example above) works just as well. For NFS v4, you only need to expose port 2049.

Could you try to expose ports 2049, 111 and 32767 to see if that fixes things for you? If you're still having trouble after that, could you paste the logs from your erichough/nfs-server container so I could study the issue further?

ehough commented 6 years ago

Just checking in. Were you able to get things working? Let us know - thanks!

ehough commented 6 years ago

Closing due to inactivity, but feel free to re-open.

andyneff commented 5 years ago

I had this exact same problem, only the solution was https://www.cyberciti.biz/faq/mount-nfs4-reason-given-by-server-no-such-file-directory/

Basically I had to give my one mount fsid=0 (non-0 was not working) and then I had to mount it as /, not /nfs (or whatever)

ehough commented 5 years ago

@andyneff Could you share a copy of your /etc/exports or any further details of your setup? My understanding is that using the fsid parameter is only required in very rare situations, like when NFS has trouble uniquely identifying the underlying filesystem.

I'd just like to make sure that the README isn't missing any docs that could've helped you.

andyneff commented 5 years ago

Disclaimer: I know (little to) nothing about the exports file.

This is my compose file

  nfs:
    depends_on:
      - modprobe
    image: erichough/nfs-server
    ports:
      - '2049:2049'
      # - '2049:2049/udp'
      # - '111:111'
      # - '111:111/udp'
      # - '32765:32765'
      # - '32765:32765/udp'
      # - '32767:32767'
      # - '32767:32767/udp'
    cap_add:
      - SYS_ADMIN
    volumes:
      - type: bind
        source: /tmp/nfs
        target: /nfs
    environment:
      - NFS_EXPORT_0=/nfs *(rw,insecure,no_subtree_check,fsid=0,no_root_squash)

If I did not specify the fsid, I got an error message saying I had to specify the fsid. I read a little about it and first thought "Well, it's not my /, so fsid=1)

nfs_1       | ==================================================================
nfs_1       |       STARTING SERVICES
nfs_1       | ==================================================================
nfs_1       | ----> mounting rpc_pipefs filesystem onto /var/lib/nfs/rpc_pipefs
nfs_1       | mount: rpc_pipefs mounted on /var/lib/nfs/rpc_pipefs.
nfs_1       | ----> mounting nfsd filesystem onto /proc/fs/nfsd
nfs_1       | mount: nfsd mounted on /proc/fs/nfsd.
nfs_1       | ----> starting rpcbind
nfs_1       | ----> exporting filesystem(s)
nfs_1       | exportfs: /nfs requires fsid= for NFS export
nfs_1       | exporting *:/nfs
nfs_1       | ----> 
nfs_1       | ----> ERROR: exportfs failed
nfs_1       | ---->

Running on Fedora 29

ehough commented 5 years ago

exportfs: /nfs requires fsid= for NFS export

I've never seen that error before but will research it. Have you tried changing the source from /tmp to something else? Wondering if something like this would also fail:

volumes:
  - type: bind
   source: /home/andyneff/foo
   target: /bar
environment:
  - NFS_EXPORT_0=/bar *(rw,insecure,no_subtree_check,no_root_squash)

I guess I'm just trying to figure out if it's an issue with the filesystem on the host's end or the container's end.

andyneff commented 5 years ago 
mount | grep /tmp
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,seclabel)

Yes, now that you mention it, when I it on my btrfs, it works

mount | grep /opt
/dev/sdc3 on /opt type btrfs (rw,relatime,seclabel,ssd,space_cache,subvolid=259,subvol=/opt)

Update

However, without fsid=0 (using a /opt dir), I'm back to I can't mount the filesystem.

# Both these fail
> mount -v {server_ip}:/nfs -o "vers=4.2,soft,intr"  /mnt
> mount -v {server_ip}:/ -o "vers=4.2,soft,intr"  /mnt
mount.nfs: timeout set for Thu Jan 31 16:29:30 2019
mount.nfs: trying text-based options 'vers=4.2,soft,intr,addr={server_ip},clientaddr={client_ip}'
mount.nfs: mount(2): No such file or directory
mount.nfs: mounting {server_ip}:/nfs failed, reason given by server: No such file or directory
andyneff commented 5 years ago

Just an update, I still have the exact same behavior with the new alpine version. So I'm not sure why, but I have to have fsid=0

Summary

Does not work (for version 4 and 3)

Works

NFS_EXPORT_0=/nfs *(rw,insecure,no_subtree_check,fsid=0,no_root_squash)

Sorry if this is all just due to my lack of knowledge in how to set nfs from scratch.