CIFS mounting on boot using domain name and credentials file

[shalak]

RancherOS Version: 1.5.8

Where are you running RancherOS? (docker-machine, AWS, GCE, baremetal, etc.)

In a VM on Proxmox VE 7.0

---

Hello!

I want to keep containers' volumes on a SMB share, so in order to achieve that, I've put the following in my config:

#cloud-config
mounts:
-  - "//my_nas_dns_address/share_name"
   - "/mnt/mountpoint"
   - "cifs"
   - "credentials=/root/.cifs,iocharset=utf8,_netdev"

And, of course, the /root/.cifs:

username=XXX
password=YYY

Unfortunately, this doesn't work. The dmesg complains:

[   15.422067] Unable to determine destination address.

I changed the mount to use an IP address instead of domain, this solved the issue above, but produced another one:

[   62.978180] CIFS VFS: No username specified

After changing the credentials=/root/.cifs to username=XXX,password=YYY it stared to work. But I don’t like that workaround as it exposes the secrets in configuration.

To solve first issue ( Unable to determine destination address ) I switched to ubuntu console and installed the cifs-utils package. Then I tried adding name resolve order = host lmhosts wins bcast to /etc/samba/smb.conf, as mentioned here, but it sill didn’t accept the host DNS name.

I can live with hardcoded IP address, but I cannot stand the secrets being hardcoded in the config file.

Is there something that I'm missing?

The sudo mount -t cifs "//my_nas_address/share_name" "/mnt/mountpoint" -o credentials=/root/.cifs,iocharset=utf8,_netdev works (but again - only after I switched to ubuntu console and I installed cifs-utils package).

In topics unrelated to RancherOS, according to the internet, those issues should be solved by installing cifs-utils.

If I understand the architecture correctly, the udev container listed in system-docker is the one responsible for mounts. My guess is that the image of this container (rancher/os-base) does not have the cifs-utils. Is this true? If so, can I work around this somehow?