search

ehough / docker-nfs-server

A lightweight, robust, flexible, and containerized NFS server.
https://hub.docker.com/r/erichough/nfs-server/
GNU General Public License v3.0
672 stars 221 forks source link

[Permission denied] files not writable #33

Closed marxangels closed 4 years ago

marxangels commented 4 years ago

export options:

# NFS_EXPORT_0
/data *(rw,sync,fsid=0,crossmnt,no_subtree_check)

mount options:

172.21.2.249:/ on /data type nfs4 (rw,relatime,vers=4.2,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=172.31.209.181,local_lock=none,addr=172.21.2.249)

The mount was successful, but why is the file read-only?

whoami
output: root

cat testfile
output: testcontent

rm testfile 
output: rm: cannot remove ‘testfile’: Permission denied

touch testfile 
output: touch: cannot touch ‘testfile’: Permission denied
marxangels commented 4 years ago

kubectl logs nfs4

==================================================================
      SETTING UP ...
==================================================================
----> log level set to DEBUG
----> will use 2 rpc.nfsd server thread(s) (1 thread per CPU)
----> building /etc/exports from environment variables
----> collected 1 valid export(s) from NFS_EXPORT_* environment variables
----> kernel module nfs is loaded
----> kernel module nfsd is loaded
----> setup complete

==================================================================
      STARTING SERVICES ...
==================================================================
----> mounting rpc_pipefs filesystem onto /var/lib/nfs/rpc_pipefs
mount: mount('rpc_pipefs','/var/lib/nfs/rpc_pipefs','rpc_pipefs',0x00008000,'(null)'):0
----> mounting nfsd filesystem onto /proc/fs/nfsd
mount: mount('nfsd','/proc/fs/nfsd','nfsd',0x00008000,'(null)'):0
----> starting rpcbind
----> starting exportfs
exporting *:/data
----> starting rpc.mountd on port 32767
----> starting rpc.nfsd on port 2049 with 2 server thread(s)
rpc.nfsd: knfsd is currently down
rpc.nfsd: Writing version string to kernel: -2 -3 +4 +4.1 +4.2
rpc.nfsd: Created AF_INET TCP socket.
rpc.nfsd: Created AF_INET UDP socket.
rpc.nfsd: Created AF_INET6 TCP socket.
rpc.nfsd: Created AF_INET6 UDP socket.
----> terminating rpcbind
----> all services started normally

==================================================================
      SERVER STARTUP COMPLETE
==================================================================
----> list of enabled NFS protocol versions: 4.2, 4.1, 4
----> list of container exports:
---->   /data   *(rw,sync,wdelay,hide,crossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,fsid=0,anonuid=65534,anongid=65534,sec=sys,rw,secure,root_squash,no_all_squash)
----> list of container ports that should be exposed: 2049 (TCP)

==================================================================
      READY AND WAITING FOR NFS CLIENT CONNECTIONS
==================================================================
marxangels commented 4 years ago

top

Mem: 7737660K used, 271512K free, 157088K shrd, 155376K buff, 3509880K cached
CPU:   9% usr   5% sys   0% nic  85% idle   0% io   0% irq   0% sirq
Load average: 1.63 1.33 1.05 2/1026 63
  PID  PPID USER     STAT   VSZ %VSZ CPU %CPU COMMAND
   43     1 root     S    57156   1%   0   0% /usr/sbin/rpc.mountd --port 32767 --nfs-version 4.2 --no-nfs-version 2 --no-nfs-version 3 --debug all
    1     0 root     S     2616   0%   1   0% bash /usr/local/bin/entrypoint.sh
   58     0 root     S     2412   0%   0   0% bash
   63    58 root     R     1552   0%   0   0% top
   57     1 root     S     1540   0%   1   0% sleep 2073600

netstat -ntulp

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:2049            0.0.0.0:*               LISTEN      -
tcp        0      0 :::2049                 :::*                    LISTEN      -
udp        0      0 0.0.0.0:2049            0.0.0.0:*                           -
udp        0      0 :::2049                 :::*                                -
bash-5.0#
marxangels commented 4 years ago

change /data *(rw,sync,fsid=0,crossmnt,no_subtree_check) to /data *(rw,sync,fsid=0,crossmnt,no_subtree_check,no_root_squash)

done

ehough commented 4 years ago

Glad you got it working and thank you for sharing your solution! Let us know if you run into any further trouble.