Giter Site home page Giter Site logo

sjiveson / nfs-server-alpine Goto Github PK

View Code? Open in Web Editor NEW
282.0 9.0 177.0 23.16 MB

A handy Alpine Linux based NFS Server image running NFS v4 only, over TCP on port 2049

Home Page: https://hub.docker.com/r/itsthenetwork/nfs-server-alpine/

License: GNU General Public License v3.0

Shell 89.91% Dockerfile 10.09%

nfs-server-alpine's Introduction

nfs-server-alpine

A handy NFS Server image comprising Alpine Linux and NFS v4 only, over TCP on port 2049.

Overview

The image comprises of;

  • Alpine Linux v3.8.1. Alpine Linux is a security-oriented, lightweight Linux distribution based on musl libc (v1.1.19) and BusyBox.
  • NFS v4 only, over TCP on port 2049. Rpcbind is enabled for now to overcome a bug with slow startup, it shouldn't be required.

Confd is no longer used, making the image simpler & smaller and providing wider device compatibility.

For ARM versions, tag 6-arm is based on hypriot/rpi-alpine and tag 7 onwards based on the stock Alpine image. Tag 7 uses confd v0.16.0.

For previous tags 7, 8 & 9;

  • Alpine Linux v3.7.0
  • Musl v1.1.18
  • Confd v0.14.0

For previous tag 6;

  • Alpine Linux v3.6.0
  • Musl v1.1.15

For previous tag 5;

  • Confd v0.13.0

For previous tag 4;

  • Alpine Linux v3.5
  • Confd v0.12.0-dev

Note: There were some serious flaws with image versions 3 and earlier. Please use 4 or later. The earlier version are only here in case they are used in automated workflows.

When run, this container will make whatever directory is specified by the environment variable SHARED_DIRECTORY available to NFS v4 clients.

docker run -d --name nfs --privileged -v /some/where/fileshare:/nfsshare -e SHARED_DIRECTORY=/nfsshare itsthenetwork/nfs-server-alpine:latest

Add --net=host or -p 2049:2049 to make the shares externally accessible via the host networking stack. This isn't necessary if using Rancher or linking containers in some other way.

Adding -e READ_ONLY will cause the exports file to contain ro instead of rw, allowing only read access by clients.

Adding -e SYNC=true will cause the exports file to contain sync instead of async, enabling synchronous mode. Check the exports man page for more information: https://linux.die.net/man/5/exports.

Adding -e PERMITTED="10.11.99.*" will permit only hosts with an IP address starting 10.11.99 to mount the file share.

Due to the fsid=0 parameter set in the /etc/exports file, there's no need to specify the folder name when mounting from a client. For example, this works fine even though the folder being mounted and shared is /nfsshare:

sudo mount -v 10.11.12.101:/ /some/where/here

To be a little more explicit:

sudo mount -v -o vers=4,loud 10.11.12.101:/ /some/where/here

To unmount:

sudo umount /some/where/here

The /etc/exports file contains these parameters unless modified by the environment variables listed above:

*(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)

Note that the showmount command won't work against the server as rpcbind isn't running.

Privileged Mode

You'll note above with the docker run command that privileged mode is required. Yes, this is a security risk but an unavoidable one it seems. You could try these instead: --cap-add SYS_ADMIN --cap-add SETPCAP --security-opt=no-new-privileges but I've not had any luck with them myself. You may fare better with your own combination of Docker and OS. The SYS_ADMIN capability is very, very broad in any case and almost as risky as privileged mode.

See the following sub-sections for information on doing the same in non-interactive environments.

Kubernetes

As reported here #8 it appears Kubernetes requires the privileged: true option to be set:

spec:
  containers:
  - name: ...
    image: ...
    securityContext:
      privileged: true

To use capabilities instead:

spec:
  containers:
  - name: ...
    image: ...
    securityContext:
      capabilities:
        add: ["SYS_ADMIN", "SETPCAP"]

Note that AllowPrivilegeEscalation is automatically set to true when privileged mode is set to true or the SYS_ADMIN capability added.

Docker Compose v2/v3 or Rancher v1.x

When using Docker Compose you can specify privileged mode like so:

privileged: true

To use capabilities instead:

cap_add:
  - SYS_ADMIN
  - SETPCAP

RancherOS

You may need to do this at the CLI to get things working:

sudo ros service enable kernel-headers
sudo ros service up kernel-headers

Alternatively you can add this to the host's cloud-config.yml (or user data on the cloud):

#cloud-config
rancher:
  services_include:
    kernel-headers: true

RancherOS also uses overlayfs for Docker so please read the next section.

OverlayFS

OverlayFS does not support NFS export so please volume mount into your NFS container from an alternative (hopefully one is available).

On RancherOS the /home, /media and /mnt file systems are good choices as these are ext4.

Other Operating Systems

You may need to ensure the nfs and nfsd kernel modules are loaded by running modprobe nfs nfsd.

Host Mode Networking & Rancher DNS

You'll need to use this label if you are using host network mode and want other services to resolve the NFS service's name via Rancher DNS:

  labels:
    io.rancher.container.dns: 'true'

Mounting Within a Container

The container requires the SYS_ADMIN capability, or, less securely, to be run in privileged mode.

Multiple Shares

This image can be used to export and share multiple directories with a little modification. Be aware that NFSv4 dictates that the additional shared directories are subdirectories of the root share specified by SHARED_DIRECTORY.

Note its far easier to volume mount multiple directories as subdirectories of the root/first and share the root.

To share multiple directories you'll need to mount additional volumes and specify additional environment variables in your docker run command. Here's an example:

docker run -d --name nfs --privileged -v /some/where/fileshare:/nfsshare -v /some/where/else:/nfsshare/another -e SHARED_DIRECTORY=/nfsshare -e SHARED_DIRECTORY_2=/nfsshare/another itsthenetwork/nfs-server-alpine:latest

You should then modify the nfsd.sh file to process the extra environment variables and add entries to the exports file. I've already included a working example to get you started:

if [ ! -z "${SHARED_DIRECTORY_2}" ]; then
  echo "Writing SHARED_DIRECTORY_2 to /etc/exports file"
  echo "{{SHARED_DIRECTORY_2}} {{PERMITTED}}({{READ_ONLY}},{{SYNC}},no_subtree_check,no_auth_nlm,insecure,no_root_squash)" >> /etc/exports
  /bin/sed -i "s@{{SHARED_DIRECTORY_2}}@${SHARED_DIRECTORY_2}@g" /etc/exports
fi

You'll find you can now mount the root share as normal and the second shared directory will be available as a subdirectory. However, you should now be able to mount the second share directly too. In both cases you don't need to specify the root directory name with the mount commands. Using the docker run command above to start a container using this image, the two mount commands would be:

sudo mount -v 10.11.12.101:/ /mnt/one
sudo mount -v 10.11.12.101:/another /mnt/two

You might want to make the root share read only, or even make it inaccessible, to encourage users to only mount the correct, more specific shares directly. To do so you'll need to modify the exports file so the root share doesn't get configured based on the values assigned to the PERMITTED or SYNC environment variables.

What Good Looks Like

A successful server start should produce log output like this:

Writing SHARED_DIRECTORY to /etc/exports file
The PERMITTED environment variable is unset or null, defaulting to '*'.
This means any client can mount.
The READ_ONLY environment variable is unset or null, defaulting to 'rw'.
Clients have read/write access.
The SYNC environment variable is unset or null, defaulting to 'async' mode.
Writes will not be immediately written to disk.
Displaying /etc/exports contents:
/nfsshare *(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)

Starting rpcbind...
Displaying rpcbind status...
   program version netid     address                service    owner
    100000    4    tcp6      ::.0.111               -          superuser
    100000    3    tcp6      ::.0.111               -          superuser
    100000    4    udp6      ::.0.111               -          superuser
    100000    3    udp6      ::.0.111               -          superuser
    100000    4    tcp       0.0.0.0.0.111          -          superuser
    100000    3    tcp       0.0.0.0.0.111          -          superuser
    100000    2    tcp       0.0.0.0.0.111          -          superuser
    100000    4    udp       0.0.0.0.0.111          -          superuser
    100000    3    udp       0.0.0.0.0.111          -          superuser
    100000    2    udp       0.0.0.0.0.111          -          superuser
    100000    4    local     /var/run/rpcbind.sock  -          superuser
    100000    3    local     /var/run/rpcbind.sock  -          superuser
Starting NFS in the background...
rpc.nfsd: knfsd is currently down
rpc.nfsd: Writing version string to kernel: -2 -3 +4
rpc.nfsd: Created AF_INET TCP socket.
rpc.nfsd: Created AF_INET6 TCP socket.
Exporting File System...
exporting *:/nfsshare
/nfsshare     	<world>
Starting Mountd in the background...
Startup successful.

What Good Looks Like - Confd Versions

The PERMITTED environment variable is missing or null, defaulting to '*'.
Any client can mount.
The READ_ONLY environment variable is missing or null, defaulting to 'rw'
Clients have read/write access.
The SYNC environment variable is missing or null, defaulting to 'async'.
Writes will not be immediately written to disk.
Starting Confd population of files...
confd 0.14.0 (Git SHA: 9fab9634, Go Version: go1.9.1)
2018-05-07T18:24:39Z d62d37258311 /usr/bin/confd[14]: INFO Backend set to env
2018-05-07T18:24:39Z d62d37258311 /usr/bin/confd[14]: INFO Starting confd
2018-05-07T18:24:39Z d62d37258311 /usr/bin/confd[14]: INFO Backend source(s) set to
2018-05-07T18:24:39Z d62d37258311 /usr/bin/confd[14]: INFO /etc/exports has md5sum 4f1bb7b2412ce5952ecb5ec22d8ed99d should be 92cc8fa446eef0e167648be03aba09e5
2018-05-07T18:24:39Z d62d37258311 /usr/bin/confd[14]: INFO Target config /etc/exports out of sync
2018-05-07T18:24:39Z d62d37258311 /usr/bin/confd[14]: INFO Target config /etc/exports has been updated
Displaying /etc/exports contents...
/nfsshare *(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)
Starting rpcbind...
Displaying rpcbind status...
   program version netid     address                service    owner
    100000    4    tcp6      ::.0.111               -          superuser
    100000    3    tcp6      ::.0.111               -          superuser
    100000    4    udp6      ::.0.111               -          superuser
    100000    3    udp6      ::.0.111               -          superuser
    100000    4    tcp       0.0.0.0.0.111          -          superuser
    100000    3    tcp       0.0.0.0.0.111          -          superuser
    100000    2    tcp       0.0.0.0.0.111          -          superuser
    100000    4    udp       0.0.0.0.0.111          -          superuser
    100000    3    udp       0.0.0.0.0.111          -          superuser
    100000    2    udp       0.0.0.0.0.111          -          superuser
    100000    4    local     /var/run/rpcbind.sock  -          superuser
    100000    3    local     /var/run/rpcbind.sock  -          superuser
Starting NFS in the background...
rpc.nfsd: knfsd is currently down
rpc.nfsd: Writing version string to kernel: -2 -3 +4
rpc.nfsd: Created AF_INET TCP socket.
rpc.nfsd: Created AF_INET6 TCP socket.
Exporting File System...
exporting *:/nfsshare
/nfsshare     	<world>
Starting Mountd in the background...
Startup successful.

Dockerfile

The Dockerfile used to create this image is available at the root of the file system on build.

FROM alpine:latest
LABEL maintainer "Steven Iveson <[email protected]>"
LABEL source "https://github.com/sjiveson/nfs-server-alpine"
LABEL branch "master"
COPY Dockerfile README.md /

RUN apk add --no-cache --update --verbose nfs-utils bash iproute2 && \
    rm -rf /var/cache/apk /tmp /sbin/halt /sbin/poweroff /sbin/reboot && \
    mkdir -p /var/lib/nfs/rpc_pipefs /var/lib/nfs/v4recovery && \
    echo "rpc_pipefs    /var/lib/nfs/rpc_pipefs rpc_pipefs      defaults        0       0" >> /etc/fstab && \
    echo "nfsd  /proc/fs/nfsd   nfsd    defaults        0       0" >> /etc/fstab

COPY exports /etc/
COPY nfsd.sh /usr/bin/nfsd.sh
COPY .bashrc /root/.bashrc

RUN chmod +x /usr/bin/nfsd.sh

ENTRYPOINT ["/usr/bin/nfsd.sh"]

Acknowlegements

Thanks to Torsten Bronger @bronger for the suggestion and help around implementing a multistage Docker build to better handle the inclusion of Confd (since removed).

nfs-server-alpine's People

Contributors

adi90x avatar liejuntao001 avatar siaimes avatar sjiveson avatar tobyfoo avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

robotmay roger-russel lrdcasimir tobyfoo quailautomation safesoftware mayanktahil jefflaplante bunchc gerardhollemans eltonrodrigues tn7818 adi90x muchrm honos2014 theresaliao ludovic-terral kitewu mycloudlab konstantinj eubr-atmosphere schmichri fanggu jellyfishgroup kahidna colearendt taotao335 zsoerenm yangyufans vodaka mel3c recipedude liamzebedee adphi mona-cyclope kawaway fanzhenya lushtech eidansoft nctiggy shantur robwilkes greenkeytech skyice2013 t7tran allanhung taylo0or qarnot phalski yubele wwwins oniram88 absozed fatihboy sknigh perepinol wpj-cz pzghost avaussant yizhelee scottmayhew smartve d0whc3r danreyesdev king-dopey chenmins net-sec pyguy ccjon rodriguezst gabrielruiu flppsilva aminvakil sdir fysh iperezx yongkimnsw guzhavinaleksey any-mbi gniang molchanovar edumelo bheuvel romainf kvalev ucub nickma82 2100992 phongphuhanam watcher00090 simonschuang n0rad voteforpresident romanchyla jtruong2 bwcxyk yakworks c6o lucas-tang stasperekrestov

nfs-server-alpine's Issues

Rancher network

Hello,
It seems that I am not able to connect via the rancher network internal name of the containers ( IP acces is fine) . Is it a normal behavior/limitation ?
Regards

Automatic build on Docker hub.

Could you turn this into an automatic build on Docker Hub?
Automatic builds are more trustworthy than uploaded builds and get better search rankings.

Dynamic multiple shared directories

Feature Request

As specified in the README file, if you want to share more than two directories, you need to add a code snippet in nfsd.sh file, one for each directory you want to share other than first two.

This couldn't be enough in some specific situation, as (for example) if you want to use this docker image as NFS Server in a Google Kubernetes Engine, where using NFS fs is the only (cheeper) way to mount a volume in more than a container replica with ReadWriteMany access type.

Could be useful to handle multiple shared directories dynamically directly in this docker image, avoiding users to create their own Dockerfile.

My proposal is to create a specific environment variables for additional directories other than the first one. Basically, the main shared directory is the most important one, because all other have to be its subdirectories.

For example:

  • SHARED_DIRECTORY environment allows user to declare the main shared directory (ex: /exports)
  • EXTRA_SHARED_DIRECTORY_* environment, instead, should allow user to declare incremental extra shared directories (ex: /exports/mysql-datafile).

Then, in nfsd.sh, you can fetch all environment variables starting with EXTRA_SHARED_DIRECTORY_*, and spool them into /etc/exports file.

nfs-server-alpine have arm docker image for avaible?

arm environment ๏ผŒ i use omaerz/nfs-server-alpine:0.12 docker image for nfs-server pod, and use csi-driver-nfs as client to visit nfs-server by k8s svc , but when nfs-server pod restart , nfs-server by k8s svc become unavaible , but X86 enviroment is ready , X86 docker image is latest version

image

Fails on raspberry zero w

Hi im trying to use this container using docker-compose

  nfsserver:
    image: itsthenetwork/nfs-server-alpine:9-arm
    restart: unless-stopped
    volumes:
      - /data/share:ro
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    environment:
      SHARED_DIRECTORY: /share
      READ_ONLY: 'true'
    privileged: true
    ports:
      - "2049:2049/tcp"
      - "2049:2049/udp"
      - "111:111/tcp"
      - "111:111/udp"

using the same setup on a pi3 works.

log:

The PERMITTED environment variable is missing or null, defaulting to '*'.
Any client can mount.
The SYNC environment variable is missing or null, defaulting to 'async'.
Writes will not be immediately written to disk.
Starting Confd population of files...
/usr/bin/nfsd.sh: line 91:     7 Illegal instruction     (core dumped) /usr/bin/confd -version

Displaying /etc/exports contents...
/usr/bin/nfsd.sh: line 91:     8 Illegal instruction     (core dumped) /usr/bin/confd -onetime
# /etc/exports
#
# See exports(5) for a description.

# use exportfs -arv to reread
#/export    192.168.1.10(rw,no_root_squash)


Starting rpcbind...
Displaying rpcbind status...
   program version netid     address                service    owner
    100000    4    tcp6      ::.0.111               -          superuser
    100000    3    tcp6      ::.0.111               -          superuser
    100000    4    udp6      ::.0.111               -          superuser
    100000    3    udp6      ::.0.111               -          superuser
    100000    4    tcp       0.0.0.0.0.111          -          superuser
    100000    3    tcp       0.0.0.0.0.111          -          superuser
    100000    2    tcp       0.0.0.0.0.111          -          superuser
    100000    4    udp       0.0.0.0.0.111          -          superuser
    100000    3    udp       0.0.0.0.0.111          -          superuser
    100000    2    udp       0.0.0.0.0.111          -          superuser
    100000    4    local     /var/run/rpcbind.sock  -          superuser
    100000    3    local     /var/run/rpcbind.sock  -          superuser
Starting NFS in the background...
rpc.nfsd: knfsd is currently down
rpc.nfsd: Writing version string to kernel: -2 -3 +4
rpc.nfsd: Created AF_INET TCP socket.
rpc.nfsd: Created AF_INET6 TCP socket.
Exporting File System...
exportfs: No file systems exported!
Starting Mountd in the background...
Startup successful.

im using hypriot os on both units, the pi zero is using a somewhat older version.

Edit existing file, but cannot create (continued)

@sjiveson I am running into this same issue and attempting to resolve based on your comments on Jan 29 on #7 / #17 . Unfortunately, I am not very experienced with NFS, so I do not completely follow this advice. What should I change? Should I just remove the no_root_squash option or replace it with something?

The no_root_squash option is entirely different and changes to -mapall=. Would you be able to try building the container from scratch after changing this in the nfs-server-alpine/confd/tmpl/exports.tmpl file?

FWIW, this error has popped up between docker containers (client / server as separate containers) on my Mac host using the same UIDs, as well as with Mac as the client. Editing files and reading files works fine, but creating fails at the following line (in an strace):

openat(AT_FDCWD, "/mnt/tmp/blah.txt", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1 EIO (Input/output error)

how to permit specific IP addresses using the PERMITTED env variables?

Hey,
The only example in your documentation about the PERMITTED environment variable uses wildcard (*) in the IP address:

"Adding -e PERMITTED="10.11.99.*" will permit only hosts with an IP address starting 10.11.99 to mount the file share."

Is there any way to permit specific IP addresses to mount directories from the NFS server? For example, I want to permit only the IP addresses 1.2.3.4, 13.15.16.19, etc to connect the NFS server (without using a wildcard).

Thanks!

Rancher NFS / Network managed / Multiple Host

Hi,

i use your nfs-server-alpine in Rancher infrastructure like below :

  • Server Data on RancherOS (with kernel header) - with your docker image started with Rancher managed network (with fixed docker ip : 10.42.x.x).

  • Server Host (with several apps using rancher nfs volume) : Running Rancher NFS Driver targeting 10.42.x.x.

Every thing work fine, until i use a rancher volume on an another host. For exemple, if i add a 2nd host server and launch a new app with new rancher nfs volume, i have : i/O error alternatively on every rancher-nfs volume.

For testing, i just launch two app (one on each host) and connect to it with shell and read in loop a single line file with sleep 1 second. I have i/o error sometimes on host 1 sometimes on host 2. To prevent i/o errors i need to delete app (and check rancher storage volume is well detach) and have only one host with rancher volumes attached.

Do you already have this issue ?

I also try to launch nfs-server with "host" network and target directly nfs-server host real ip in rancher nfs driver config. It work fine in this case. Maybe error is due to "managed" network layer in rancher.

By the way, when we use "host" network, due to /etc/exports generated with * everybody can mount. Is there a way to limit access ?

Thanks in advance,
Feel free to ask me if you need more information.

clnt_create: RPC: Program not registered

  1. docker run -d --name nfs --privileged --net=host -v /wwwroot:/nfsshare -e SHARED_DIRECTORY=/nfsshare itsthenetwork/nfs-server-alpine

2.root@lianhuazi-PC:/ # showmount -e 192.168.110.42
clnt_create: RPC: Program not registered

why? pls tell me where is error!

The /usr/sbin/rpc.mountd process failed to start

root@nfs-server-alpine-65bb5fbdb6-26gg5:/ # ps -ef
PID USER TIME COMMAND
1 root 0:00 {nfsd.sh} /bin/bash /usr/bin/nfsd.sh
16 rpc 0:00 /sbin/rpcbind -w
385 root 0:00 sleep 2
386 root 0:00 bash
392 root 0:00 ps -ef

The /usr/sbin/rpc.mountd --debug all --no-udp --no-nfs-version 2 --no-nfs-version 3 process failed to start

Startup takes quite a while (IPv6 issue?)

Hi, I noticed that the startup takes quite a while:

2018-01-02T15:14:28.448553150Z  Starting NFS in the background...
2018-01-02T15:14:28.452406602Z  rpc.nfsd: knfsd is currently down
2018-01-02T15:14:28.452425323Z  rpc.nfsd: Writing version string to kernel: -2 -3 +4
2018-01-02T15:14:28.452428157Z  rpc.nfsd: Created AF_INET TCP socket.
2018-01-02T15:17:37.771778045Z  rpc.nfsd: Created AF_INET6 TCP socket.
2018-01-02T15:17:37.774152827Z  Exporting File System...
2018-01-02T15:17:37.774663674Z  exporting *:/nfsshare
2018-01-02T15:17:37.777056127Z  Starting Mountd in the background...

Actually the only thing that needs so much time seems to be the creation of an AF_INET6 TCP socket. On my machine it always takes about 189 seconds. Do you have an idea what the issue could be? It has probably something to do with IPv6 but giving the container an IPv6 address didn't help in my case.

Need password support

I am currently running nfs server with this image, exposing port 2049 to public internet.
With no authorization process, anyone can mount it, that is not a situation we want.
So can you please add passord support to this image, so we can pass the password in the container with a environment or in some other form ?
e.g.

nfs:
  image: itsthenetwork/nfs-server-alpine:latest
  privileged: true
  ports:
    - 2049:2049
  volumes:
    - ~/nfs:/nfsshare
  environment:
    - SHARED_DIRECTORY=/nfsshare
#    - PASSWORD=password

Error when starting NFS service

I am trying to run this container in Kubernetes but there is an error that is logged when starting the NFS service. It also looks like the port is not listening.

Error:

Starting NFS in the background...
rpc.nfsd: Unable to access /proc/fs/nfsd errno 2 (No such file or directory).
Please try, as root, 'mount -t nfsd nfsd /proc/fs/nfsd' and then restart rpc.nfsd to correct the problem

Complete startup logs:

Starting Confd population of files...
confd 0.14.0 (Git SHA: 9fab9634, Go Version: go1.9.1)
2018-02-22T20:59:41Z indiatts-cutaudio-67fb8d88d4-n8n78 /usr/bin/confd[14]: INFO Backend set to env
2018-02-22T20:59:41Z indiatts-cutaudio-67fb8d88d4-n8n78 /usr/bin/confd[14]: INFO Starting confd
2018-02-22T20:59:41Z indiatts-cutaudio-67fb8d88d4-n8n78 /usr/bin/confd[14]: INFO Backend source(s) set to
2018-02-22T20:59:41Z indiatts-cutaudio-67fb8d88d4-n8n78 /usr/bin/confd[14]: INFO /etc/exports has md5sum 4f1bb7b2412ce5952ecb5ec22d8ed99d should be e00bc1ed62ce760dcaedf40a45211f66
2018-02-22T20:59:41Z indiatts-cutaudio-67fb8d88d4-n8n78 /usr/bin/confd[14]: INFO Target config /etc/exports out of sync
2018-02-22T20:59:41Z indiatts-cutaudio-67fb8d88d4-n8n78 /usr/bin/confd[14]: INFO Target config /etc/exports has been updated

Displaying /etc/exports contents...
/data/cutaudio *(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)

Starting rpcbind...
Displaying rpcbind status...
   program version netid     address                service    owner
    100000    4    tcp6      ::.0.111               -          superuser
    100000    3    tcp6      ::.0.111               -          superuser
    100000    4    udp6      ::.0.111               -          superuser
    100000    3    udp6      ::.0.111               -          superuser
    100000    4    tcp       0.0.0.0.0.111          -          superuser
    100000    3    tcp       0.0.0.0.0.111          -          superuser
    100000    2    tcp       0.0.0.0.0.111          -          superuser
    100000    4    udp       0.0.0.0.0.111          -          superuser
    100000    3    udp       0.0.0.0.0.111          -          superuser
    100000    2    udp       0.0.0.0.0.111          -          superuser
    100000    4    local     /var/run/rpcbind.sock  -          superuser
    100000    3    local     /var/run/rpcbind.sock  -          superuser
Starting NFS in the background...
rpc.nfsd: Unable to access /proc/fs/nfsd errno 2 (No such file or directory).
Please try, as root, 'mount -t nfsd nfsd /proc/fs/nfsd' and then restart rpc.nfsd to correct the problem
Exporting File System...
exporting *:/data/cutaudio
Starting Mountd in the background...

NFSv3

Hello sjveson,
I've been trying to use your dockerfile as a base to support NFSv3 has the client for this server does not currently support v4. I was wondering if it could be possible to add the support as their are not that many arm dockerfile for it.

How to use this nfs server with windows clients ?

Hi,

How do I connect a windows 10 pro client with standard NFS enabled ? I tried 6-arm and arm-latest.

Linux server and client work, with given command lines. (eg mount -v -o vers=4,loud IP:/ /tmp/nfs )

But how do I connect a Windows 10 pro NFS client ?
followed https://graspingtech.com/mount-nfs-share-windows-10 like
mount -o anon \IP\nfsshare Z:
mount -o anon IP:/nfsshare Z:
etc etc
Network Error - 53 : The network path was not found.

Can you help here ?

I can edit an existing file, but can not create one

How to replicate: just did what you described in README.

Server side: the host is a Mac. I use docker for Mac to spawn a container. The docker logs message looks the same as you mentioned in README.

Client side, a linux server that can connect to the container through host ip. I can rename the file / edit the file / mkdir without problem, but I cannot create file. The mounted directory should have all the permissions enabled (777)

The error is like this:

touch: cannot touch 'cccc': Input/output error

Unable to create files on OSX

This is the same issue as #7. I instantiate the NFS server in Docker For Desktop with Kubernetes. I am unable to create any files on the shares. The client is just another container in kubernetes. Creating and deleting directories works fine.

touch x

touch: cannot touch 'x': Input/output error

I can create files on the NFS server and they are accessible on the client.

Docker for Desktop: 18.06.0 ce
Osx: 10.13.3

Question: Is it possible to create more than one shared folder?

I think it is not possible to create multiple shared folder(/path/to/share_1 /path/to/share_2) in the current configuration. I wonder if there is some technical issues causing not to implement in that way.

By the way thank you for this Docker image.

ARM image confd issue

ARM image should have ARM version for confd binary

Starting Confd population of files...
/usr/bin/nfsd.sh: line 34: /usr/bin/confd: cannot execute binary file: Exec format error
/usr/bin/nfsd.sh: line 35: /usr/bin/confd: cannot execute binary file: Exec format error

Start failed on Synology

When starting on my Synology I get the following error. privileged: true is set. Someone can give me a hint what'S the problem?

docker-compose.yml

version: '2'
services:
  nfs-server:
    privileged: true
    container_name: nfs-server
    restart: unless-stopped
    image: itsthenetwork/nfs-server-alpine
    environment: 
    - TZ=Europe/Berlin
    - VERSION=latest
    - SHARED_DIRECTORY=/nfsshare
    ports:
    - "2049:2049"

    volumes:
    - /volume1/Kids:/nfsshare

Log

nfs-server
date,stream,content
2019-01-28 13:23:39,stdout,Startup successful.

2019-01-28 13:23:39,stdout,Starting Mountd in the background...These

2019-01-28 13:23:39,stdout,/nfsshare     	<world>

2019-01-28 13:23:39,stdout,exporting *:/nfsshare

2019-01-28 13:23:39,stdout,Exporting File System...

2019-01-28 13:23:39,stderr,"Please try, as root, 'mount -t nfsd nfsd /proc/fs/nfsd' and then restart rpc.nfsd to correct the problem
"
2019-01-28 13:23:39,stderr,rpc.nfsd: Unable to access /proc/fs/nfsd errno 2 (No such file or directory).

2019-01-28 13:23:39,stdout,Starting NFS in the background...

2019-01-28 13:23:39,stdout,    100000    3    local     /var/run/rpcbind.sock  -          superuser

2019-01-28 13:23:39,stdout,    100000    4    local     /var/run/rpcbind.sock  -          superuser

2019-01-28 13:23:39,stdout,    100000    2    udp       0.0.0.0.0.111          -          superuser

2019-01-28 13:23:39,stdout,    100000    3    udp       0.0.0.0.0.111          -          superuser

2019-01-28 13:23:39,stdout,    100000    4    udp       0.0.0.0.0.111          -          superuser

2019-01-28 13:23:39,stdout,    100000    2    tcp       0.0.0.0.0.111          -          superuser

2019-01-28 13:23:39,stdout,    100000    3    tcp       0.0.0.0.0.111          -          superuser

2019-01-28 13:23:39,stdout,    100000    4    tcp       0.0.0.0.0.111          -          superuser

2019-01-28 13:23:39,stdout,    100000    3    udp6      ::.0.111               -          superuser

2019-01-28 13:23:39,stdout,    100000    4    udp6      ::.0.111               -          superuser

2019-01-28 13:23:39,stdout,    100000    3    tcp6      ::.0.111               -          superuser

2019-01-28 13:23:39,stdout,    100000    4    tcp6      ::.0.111               -          superuser

2019-01-28 13:23:39,stdout,   program version netid     address                service    owner

2019-01-28 13:23:39,stdout,Displaying rpcbind status...

2019-01-28 13:23:39,stdout,Starting rpcbind...

2019-01-28 13:23:39,stdout,

2019-01-28 13:23:39,stdout,"/nfsshare *(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)
"
2019-01-28 13:23:39,stdout,Displaying /etc/exports contents:

2019-01-28 13:23:39,stdout,Writes will not be immediately written to disk.

2019-01-28 13:23:39,stdout,"The SYNC environment variable is unset or null, defaulting to 'async' mode.
"
2019-01-28 13:23:39,stdout,Clients have read/write access.

2019-01-28 13:23:39,stdout,"The READ_ONLY environment variable is unset or null, defaulting to 'rw'.
"
2019-01-28 13:23:39,stdout,This means any client can mount.

2019-01-28 13:23:39,stdout,"The PERMITTED environment variable is unset or null, defaulting to '*'.
"
2019-01-28 13:23:39,stdout,Writing SHARED_DIRECTORY to /etc/exports file

2019-01-28 13:23:36,stdout,Terminated.

2019-01-28 13:23:36,stdout,"SIGTERM caught, terminating NFS process(es)...
"
2019-01-28 13:18:29,stdout,Startup successful.

2019-01-28 13:18:29,stdout,Starting Mountd in the background...These

2019-01-28 13:18:29,stdout,/nfsshare     	<world>

2019-01-28 13:18:29,stdout,exporting *:/nfsshare

2019-01-28 13:18:29,stdout,Exporting File System...

2019-01-28 13:18:29,stderr,"Please try, as root, 'mount -t nfsd nfsd /proc/fs/nfsd' and then restart rpc.nfsd to correct the problem
"
2019-01-28 13:18:29,stderr,rpc.nfsd: Unable to access /proc/fs/nfsd errno 2 (No such file or directory).

2019-01-28 13:18:29,stdout,Starting NFS in the background...

2019-01-28 13:18:29,stdout,    100000    3    local     /var/run/rpcbind.sock  -          superuser

2019-01-28 13:18:29,stdout,    100000    4    local     /var/run/rpcbind.sock  -          superuser

2019-01-28 13:18:29,stdout,    100000    2    udp       0.0.0.0.0.111          -          superuser

2019-01-28 13:18:29,stdout,    100000    3    udp       0.0.0.0.0.111          -          superuser

2019-01-28 13:18:29,stdout,    100000    4    udp       0.0.0.0.0.111          -          superuser

2019-01-28 13:18:29,stdout,    100000    2    tcp       0.0.0.0.0.111          -          superuser

2019-01-28 13:18:29,stdout,    100000    3    tcp       0.0.0.0.0.111          -          superuser

2019-01-28 13:18:29,stdout,    100000    4    tcp       0.0.0.0.0.111          -          superuser

2019-01-28 13:18:29,stdout,    100000    3    udp6      ::.0.111               -          superuser

2019-01-28 13:18:29,stdout,    100000    4    udp6      ::.0.111               -          superuser

2019-01-28 13:18:29,stdout,    100000    3    tcp6      ::.0.111               -          superuser

2019-01-28 13:18:29,stdout,    100000    4    tcp6      ::.0.111               -          superuser

2019-01-28 13:18:29,stdout,   program version netid     address                service    owner

2019-01-28 13:18:29,stdout,Displaying rpcbind status...

2019-01-28 13:18:29,stdout,Starting rpcbind...

2019-01-28 13:18:29,stdout,

2019-01-28 13:18:29,stdout,"/nfsshare *(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)
"
2019-01-28 13:18:29,stdout,Displaying /etc/exports contents:

2019-01-28 13:18:29,stdout,Writes will not be immediately written to disk.

2019-01-28 13:18:29,stdout,"The SYNC environment variable is unset or null, defaulting to 'async' mode.
"
2019-01-28 13:18:29,stdout,Clients have read/write access.

2019-01-28 13:18:29,stdout,"The READ_ONLY environment variable is unset or null, defaulting to 'rw'.
"
2019-01-28 13:18:29,stdout,This means any client can mount.

2019-01-28 13:18:29,stdout,"The PERMITTED environment variable is unset or null, defaulting to '*'.
"
2019-01-28 13:18:29,stdout,Writing SHARED_DIRECTORY to /etc/exports file

can't mount

i create a docker container as a nfs server and expose 2049 port in computer A(ip:172.25.78.130).

docker run -d --name nfs --privileged -v /home/nfs:/data/nfs -e SHARED_DIRECTORY=/data/nfs -p 2049:2049 itsthenetwork/nfs-server-alpine:latest

but i use another computer B(ip:172.25.78.39) to mount it .it's wrong

showmount -e 172.25.78.130
RPC: Remote system errorRPC: Port mapper failure - RPC: Timed out.

How to run nfs server on boot2docker with docker-machine ?

I ran on macos. Detailed commands are as follows.

  • sw_vers
ProductName:    Mac OS X
ProductVersion: 10.14.5
BuildVersion:   18F132
  • docker-machine -v
docker-machine version 0.16.1, build cce350d7
  • docker-machine create nfs
  • docker-machine ls
NAME   ACTIVE   DRIVER       STATE     URL                         SWARM   DOCKER     ERRORS                                   
nfs    -        virtualbox   Running   tcp://192.168.99.100:2376           v19.03.0
  • eval $(docker-machine env nfs)
  • docker info | grep 'Operating'
Operating System: Boot2Docker 19.03.0 (TCL 10.1)
  • docker-machine ssh nfs mkdir nfsshare
  • docker-machine ssh nfs ls -l /home/docker/nfsshare
total 0
  • docker run -d -p 2049:2049 --name nfs --privileged -v /home/docker/nfsshare:/nfsshare -e SHARED_DIRECTORY=/nfsshare itsthenetwork/nfs-server-alpine:latest
  • docker logs nfs
Writing SHARED_DIRECTORY to /etc/exports file
The PERMITTED environment variable is unset or null, defaulting to '*'.
This means any client can mount.
The READ_ONLY environment variable is unset or null, defaulting to 'rw'.
Clients have read/write access.
The SYNC environment variable is unset or null, defaulting to 'async' mode.
Writes will not be immediately written to disk.
Displaying /etc/exports contents:
/nfsshare *(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)

Starting rpcbind...
Displaying rpcbind status...
   program version netid     address                service    owner
    100000    4    tcp6      ::.0.111               -          superuser
    100000    3    tcp6      ::.0.111               -          superuser
    100000    4    udp6      ::.0.111               -          superuser
    100000    3    udp6      ::.0.111               -          superuser
    100000    4    tcp       0.0.0.0.0.111          -          superuser
    100000    3    tcp       0.0.0.0.0.111          -          superuser
    100000    2    tcp       0.0.0.0.0.111          -          superuser
    100000    4    udp       0.0.0.0.0.111          -          superuser
    100000    3    udp       0.0.0.0.0.111          -          superuser
    100000    2    udp       0.0.0.0.0.111          -          superuser
    100000    4    local     /var/run/rpcbind.sock  -          superuser
    100000    3    local     /var/run/rpcbind.sock  -          superuser
Starting NFS in the background...
rpc.nfsd: Unable to access /proc/fs/nfsd errno 2 (No such file or directory).
Please try, as root, 'mount -t nfsd nfsd /proc/fs/nfsd' and then restart rpc.nfsd to correct the problem
Exporting File System...
exporting *:/nfsshare
/nfsshare       <world>
Starting Mountd in the background...These
Startup successful.

The following error occurred. These did not occur on Ubuntu server.

rpc.nfsd: Unable to access /proc/fs/nfsd errno 2 (No such file or directory).
Please try, as root, 'mount -t nfsd nfsd /proc/fs/nfsd' and then restart rpc.nfsd to correct the problem

Thanks.

NFS Client Connection Error

I deployed this image on my linux laptop and trying to mount the shares in my raspberry pi(running debian). I get the following error.

sudo mount -v 10.0.0.58:/ /mnt/nfs-p4
mount.nfs: timeout set for Thu Dec 12 10:20:10 2019
mount.nfs: trying text-based options 'vers=4.2,addr=10.0.0.58,clientaddr=10.0.0.33'
mount.nfs: mount(2): Protocol not supported
mount.nfs: trying text-based options 'vers=4.1,addr=10.0.0.58,clientaddr=10.0.0.33'
mount.nfs: mount(2): Protocol not supported
mount.nfs: trying text-based options 'vers=4.0,addr=10.0.0.58,clientaddr=10.0.0.33'
mount.nfs: mount(2): Protocol not supported
mount.nfs: trying text-based options 'addr=10.0.0.58'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: portmap query retrying: RPC: Unable to receive
mount.nfs: prog 100003, trying vers=3, prot=17
mount.nfs: portmap query failed: RPC: Unable to receive - Connection refused
mount.nfs: trying text-based options 'vers=4.0,addr=10.0.0.58,clientaddr=10.0.0.33'
mount.nfs: mount(2): Protocol not supported
mount.nfs: trying text-based options 'addr=10.0.0.58'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: portmap query retrying: RPC: Unable to receive
mount.nfs: prog 100003, trying vers=3, prot=17
mount.nfs: portmap query failed: RPC: Unable to receive - Connection refused
mount.nfs: trying text-based options 'vers=4.0,addr=10.0.0.58,clientaddr=10.0.0.33'
mount.nfs: mount(2): Protocol not supported
mount.nfs: trying text-based options 'addr=10.0.0.58'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: portmap query retrying: RPC: Unable to receive
mount.nfs: prog 100003, trying vers=3, prot=17
mount.nfs: portmap query failed: RPC: Unable to receive - Connection refused
mount.nfs: trying text-based options 'vers=4.0,addr=10.0.0.58,clientaddr=10.0.0.33'
mount.nfs: mount(2): Protocol not supported
mount.nfs: trying text-based options 'addr=10.0.0.58'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: portmap query retrying: RPC: Unable to receive
mount.nfs: prog 100003, trying vers=3, prot=17
mount.nfs: portmap query failed: RPC: Unable to receive - Connection refused

Though, my container logs show no errors. The log from container is below.


docker logs 09665f043dfd
Writing SHARED_DIRECTORY to /etc/exports file
The PERMITTED environment variable is unset or null, defaulting to '*'.
This means any client can mount.
The READ_ONLY environment variable is unset or null, defaulting to 'rw'.
Clients have read/write access.
The SYNC environment variable is set, using 'sync' mode.
Writes will be immediately written to disk.
Displaying /etc/exports contents:
/nfsshare *(rw,fsid=0,sync,no_subtree_check,no_auth_nlm,insecure,no_root_squash)

Starting rpcbind...
Displaying rpcbind status...
   program version netid     address                service    owner
    100000    4    tcp6      ::.0.111               -          superuser
    100000    3    tcp6      ::.0.111               -          superuser
    100000    4    udp6      ::.0.111               -          superuser
    100000    3    udp6      ::.0.111               -          superuser
    100000    4    tcp       0.0.0.0.0.111          -          superuser
    100000    3    tcp       0.0.0.0.0.111          -          superuser
    100000    2    tcp       0.0.0.0.0.111          -          superuser
    100000    4    udp       0.0.0.0.0.111          -          superuser
    100000    3    udp       0.0.0.0.0.111          -          superuser
    100000    2    udp       0.0.0.0.0.111          -          superuser
    100000    4    local     /var/run/rpcbind.sock  -          superuser
    100000    3    local     /var/run/rpcbind.sock  -          superuser
Starting NFS in the background...
rpc.nfsd: knfsd is currently down
rpc.nfsd: Writing version string to kernel: -2 -3
rpc.nfsd: Created AF_INET TCP socket.
rpc.nfsd: Created AF_INET6 TCP socket.
Exporting File System...
exporting *:/nfsshare
/nfsshare       <world>
Starting Mountd in the background...These
Startup successful.

Not Working on RancherOS - Help Wanted.

I've mounted this image in RancherOS and am trying to use this NFS server next to Rancher (platform). It is connecting and everything but the instance that needs to use the volume. It stays in "Waiting: container starting" ad eternum.

How do I debug this?

Cheers

Command used in Docker for RancherOS
docker run -d --name nfs --privileged -v /home/dgraph:/nfsshare -e SHARED_DIRECTORY=/nfsdgraph itsthenetwork/nfs-server-alpine:latest

Instance Volume Config

Volume: dataServices:/dgraph/dataServices
Volume Driver: rancher-nfs

Rancher OS - Latest

Rancher | v1.6.14

sudo ros service list
disabled amazon-ecs-agent
disabled amazon-ena-driver
disabled crontab
disabled open-iscsi
enabled  kernel-extras
enabled  kernel-headers
disabled kernel-headers-system-docker
disabled open-vm-tools
disabled rancher-server
disabled rancher-server-stable
disabled zfs
disabled amazon-metadata
disabled volume-cifs
disabled volume-efs
enabled  volume-nfs

nfs-server-alpine Instance

PID   USER     TIME   COMMAND
    1 root       0:00 {nfsd.sh} /bin/bash /usr/bin/nfsd.sh
   23 rpc        0:00 /sbin/rpcbind -w
   30 root       0:00 /usr/sbin/rpc.mountd --debug all --no-udp --no-nfs-version 2 --no-nfs-version 3
 1380 root       0:00 bash
 1405 root       0:00 sleep 1
 1406 root       0:00 ps aux
 1407 root       0:00 bash

nfs-driver = rancher/storage-nfs:v0.8.5

26/04/2018 23:34:12+ (( i < 4  ))
26/04/2018 23:34:12+ create '{"name":"dataSocial","rancher":"true"}'
26/04/2018 23:34:12+ '[' -z dataSocial ']'
26/04/2018 23:34:12+ local host=192.168.25.150
26/04/2018 23:34:12+ local exportDir=nfsdgraph
26/04/2018 23:34:12+ local opts=,nfsvers=4
26/04/2018 23:34:12+ local name=dataSocial
26/04/2018 23:34:12++ tmp_dir
26/04/2018 23:34:12+++ cat /dev/urandom
26/04/2018 23:34:12+++ tr -dc a-z0-9
26/04/2018 23:34:12+++ fold -w5
26/04/2018 23:34:12+++ head -n1
26/04/2018 23:34:12++ echo /tmp/gdhhb
26/04/2018 23:34:12+ local mountDir=/tmp/gdhhb
26/04/2018 23:34:12+ local onRemove=retain
26/04/2018 23:34:12+ '[' '!' -z '' ']'
26/04/2018 23:34:12+ '[' '!' -z '' ']'
26/04/2018 23:34:12+ '[' '!' -z '' ']'
26/04/2018 23:34:12+ mount_nfs 192.168.25.150 nfsdgraph /tmp/gdhhb ,nfsvers=4
26/04/2018 23:34:12+ local host=192.168.25.150
26/04/2018 23:34:12+ local exportDir=nfsdgraph
26/04/2018 23:34:12+ local mountDir=/tmp/gdhhb
26/04/2018 23:34:12+ local opts=,nfsvers=4
26/04/2018 23:34:12+ local error
26/04/2018 23:34:12++ ismounted /tmp/gdhhb
26/04/2018 23:34:12++ local mountPoint=/tmp/gdhhb
26/04/2018 23:34:12+++ findmnt -n /tmp/gdhhb
26/04/2018 23:34:12+++ cut '-d ' -f1
26/04/2018 23:34:12++ local mountP=
26/04/2018 23:34:12++ '[' '' == /tmp/gdhhb ']'
26/04/2018 23:34:12++ echo 0
26/04/2018 23:34:12+ '[' 0 == 0 ']'
26/04/2018 23:34:12+ mkdir -p /tmp/gdhhb
26/04/2018 23:34:12+ local cmd=mount
26/04/2018 23:34:12+ '[' '!' -z ,nfsvers=4 ']'
26/04/2018 23:34:12+ cmd='mount -o ,nfsvers=4'
26/04/2018 23:34:12+ cmd='mount -o ,nfsvers=4 192.168.25.150:nfsdgraph /tmp/gdhhb'
26/04/2018 23:34:12++ mount -o ,nfsvers=4 192.168.25.150:nfsdgraph /tmp/gdhhb
26/04/2018 23:34:51+ error='mount.nfs: Connection timed out'
26/04/2018 23:34:51+ '[' 32 -ne 0 ']'
26/04/2018 23:34:51+ print_error 'Failed mount -o ,nfsvers=4 192.168.25.150:nfsdgraph /tmp/8k9ph'
26/04/2018 23:34:51+ echo -n 'Failed mount -o ,nfsvers=4 192.168.25.150:nfsdgraph /tmp/8k9ph'
26/04/2018 23:34:51+ jq -R -c -s '{"status": "Failure", "message": .}'
26/04/2018 23:34:51+ exit 1
26/04/2018 23:34:51time="2018-04-27T02:34:51Z" level=error msg=create.response error="Failed mount -o ,nfsvers=4 192.168.25.150:nfsdgraph /tmp/8k9ph" message="Failed mount -o ,nfsvers=4 192.168.25.150:nfsdgraph /tmp/8k9ph" name=dataServices status=Failure
26/04/2018 23:34:57time="2018-04-27T02:34:57Z" level=info msg=create.request name=dataServices
26/04/2018 23:34:57++ declare -A OPTS
26/04/2018 23:34:57+ main create '{"name":"dataServices","rancher":"true"}'
26/04/2018 23:34:57+ case $1 in
26/04/2018 23:34:57+ parse '{"name":"dataServices","rancher":"true"}'
26/04/2018 23:34:57+ mapfile -t
26/04/2018 23:34:57++ echo '{"name":"dataServices","rancher":"true"}'
26/04/2018 23:34:57++ jq -r 'to_entries | map([.key, .value]) | .[]'
26/04/2018 23:34:57++ sed 's!^"\(.*\)"$!\1!g'
26/04/2018 23:34:57++ jq '.[]'
26/04/2018 23:34:57+ (( i=0 ))
26/04/2018 23:34:57+ (( i < 4  ))
26/04/2018 23:34:57+ OPTS[${MAPFILE[$i]}]=dataServices
26/04/2018 23:34:57+ (( i+=2 ))
26/04/2018 23:34:57+ (( i < 4  ))
26/04/2018 23:34:57+ OPTS[${MAPFILE[$i]}]=true
26/04/2018 23:34:57+ (( i+=2 ))
26/04/2018 23:34:57+ (( i < 4  ))
26/04/2018 23:34:57+ create '{"name":"dataServices","rancher":"true"}'
26/04/2018 23:34:57+ '[' -z dataServices ']'
26/04/2018 23:34:57+ local host=192.168.25.150
26/04/2018 23:34:57+ local exportDir=nfsdgraph
26/04/2018 23:34:57+ local opts=,nfsvers=4
26/04/2018 23:34:57+ local name=dataServices
26/04/2018 23:34:57++ tmp_dir
26/04/2018 23:34:57+++ cat /dev/urandom
26/04/2018 23:34:57+++ tr -dc a-z0-9
26/04/2018 23:34:57+++ head -n1
26/04/2018 23:34:57+++ fold -w5
26/04/2018 23:34:57++ echo /tmp/v0uh9
26/04/2018 23:34:57+ local mountDir=/tmp/v0uh9
26/04/2018 23:34:57+ local onRemove=retain
26/04/2018 23:34:57+ '[' '!' -z '' ']'
26/04/2018 23:34:57+ '[' '!' -z '' ']'
26/04/2018 23:34:57+ '[' '!' -z '' ']'
26/04/2018 23:34:57+ mount_nfs 192.168.25.150 nfsdgraph /tmp/v0uh9 ,nfsvers=4
26/04/2018 23:34:57+ local host=192.168.25.150
26/04/2018 23:34:57+ local exportDir=nfsdgraph
26/04/2018 23:34:57+ local mountDir=/tmp/v0uh9
26/04/2018 23:34:57+ local opts=,nfsvers=4
26/04/2018 23:34:57+ local error
26/04/2018 23:34:57++ ismounted /tmp/v0uh9
26/04/2018 23:34:57++ local mountPoint=/tmp/v0uh9
26/04/2018 23:34:57+++ findmnt -n /tmp/v0uh9
26/04/2018 23:34:57+++ cut '-d ' -f1
26/04/2018 23:34:57++ local mountP=
26/04/2018 23:34:57++ '[' '' == /tmp/v0uh9 ']'
26/04/2018 23:34:57++ echo 0
26/04/2018 23:34:57+ '[' 0 == 0 ']'
26/04/2018 23:34:57+ mkdir -p /tmp/v0uh9
26/04/2018 23:34:57+ local cmd=mount
26/04/2018 23:34:57+ '[' '!' -z ,nfsvers=4 ']'
26/04/2018 23:34:57+ cmd='mount -o ,nfsvers=4'
26/04/2018 23:34:57+ cmd='mount -o ,nfsvers=4 192.168.25.150:nfsdgraph /tmp/v0uh9'
26/04/2018 23:34:57++ mount -o ,nfsvers=4 192.168.25.150:nfsdgraph /tmp/v0uh9

Enable NFS logging

I do not know a whole lot about NFS, but wanted to see if there is an easy way to enable NFS logging for debug purposes when things are not behaving well. I am struggling to use the rpcdebug -m nfsd all suggested elsewhere on the web since the container does not have syslog running. Further, redirecting output from mountd or nfsd seemed to be ineffective.

Ideally, this logging (when configured) would go to stdout

Access log

I would like to use the nfs sever and log all access to the shared folder and files. Is there a way to enable audit on the file system? I will be happy for such an option or some instructions

Suggestion: Support for ARM docker image.

I tested your dockerfile out on my bananapi Pro running armbian with the following base image : hypriot/rpi-alpine. It works well for me. Wonder if you'd be interested in branching the repository and updating the Dockerfile's first line to FROM hypriot/rpi-alpine to support ARM based docker hosts. I know I'd appreciate the docker image tag from your repo.

Thanks!

connection refused when connecting the nfs server

The problem is the client side can not mount the server. The error message is 'connection refused'

OS: Mac
IP Address: 192.168.1.88

the nfs server running with the following output:

JAYs-MacBook-Air:nfs jay$ docker start -a nfs
The PERMITTED environment variable is missing or null, defaulting to '*'.
Any client can mount.
The READ_ONLY environment variable is missing or null, defaulting to 'rw'
Clients have read/write access.
The SYNC environment variable is missing or null, defaulting to 'async'.
Writes will not be immediately written to disk.
Starting Confd population of files...
confd 0.14.0 (Git SHA: 9fab9634, Go Version: go1.9.1)
2018-10-22T11:42:43Z e9c787ebbd95 /usr/bin/confd[12]: INFO Backend set to env
2018-10-22T11:42:43Z e9c787ebbd95 /usr/bin/confd[12]: INFO Starting confd
2018-10-22T11:42:43Z e9c787ebbd95 /usr/bin/confd[12]: INFO Backend source(s) set to

Displaying /etc/exports contents...
/share *(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)

Starting rpcbind...
Displaying rpcbind status...
program version netid address service owner
100000 4 tcp6 ::.0.111 - superuser
100000 3 tcp6 ::.0.111 - superuser
100000 4 udp6 ::.0.111 - superuser
100000 3 udp6 ::.0.111 - superuser
100000 4 tcp 0.0.0.0.0.111 - superuser
100000 3 tcp 0.0.0.0.0.111 - superuser
100000 2 tcp 0.0.0.0.0.111 - superuser
100000 4 udp 0.0.0.0.0.111 - superuser
100000 3 udp 0.0.0.0.0.111 - superuser
100000 2 udp 0.0.0.0.0.111 - superuser
100000 4 local /var/run/rpcbind.sock - superuser
100000 3 local /var/run/rpcbind.sock - superuser
Starting NFS in the background...
rpc.nfsd: knfsd is currently down
rpc.nfsd: Writing version string to kernel: -2 -3 +4
rpc.nfsd: Created AF_INET TCP socket.
rpc.nfsd: Created AF_INET6 TCP socket.
Exporting File System...
exporting *:/share
/share
Starting Mountd in the background...
Startup successful.

--------------------------------client------------------------------------------
The client side running on same mac machine with the following command:

JAYs-MacBook-Air:nfs jay$ mount -v 192.168.1.88:/share ./abc
mount_nfs: can't mount /share from 192.168.1.88 onto /Users/jay/Desktop/bitbucket/dev/projects/appstore/server/swarm/nfs/abc: Connection refused

Thanks,
Jay

adding support to use custom /etc/exports file

Hello,

Thanks for creating this wonderful project.

We are using docker image from https://github.com/sjiveson/nfs-server-alpine in our project https://github.com/openebs/dynamic-nfs-provisioner. To extend the functionality, We need to provide a custom /etc/export file to nfsd.sh. Can we add support to use export config through env?

As of now, as a workaround, we are creating our docker image with a modified file to pass custom export configuration. Reference PR: openebs-archive/dynamic-nfs-provisioner#22.

We are also planning to add multi-arch support to the Docker file. Wanted to check your interest in accepting the PRs for the same.

Thanks!

exportfs: /nfsshare does not support NFS export

Hello!

I've been trying to run this image, but it seems I can not make it work.

This is the docker-compose.yml

version: "3"

services:
  nfs:
    image: itsthenetwork/nfs-server-alpine
    environment:
      SHARED_DIRECTORY: /nfsshare
    ports:
      - "2049:2049"
    volumes:
      - /nfsdata:/nfsshare
    restart: always
    privileged: true

Everytime I try to run it, I receive this log:

nfs    | Writing SHARED_DIRECTORY to /etc/exports file
nfs    | The PERMITTED environment variable is unset or null, defaulting to '*'.
nfs    | This means any client can mount.
nfs    | The READ_ONLY environment variable is unset or null, defaulting to 'rw'.
nfs    | Clients have read/write access.
nfs    | The SYNC environment variable is unset or null, defaulting to 'async' mode.
nfs    | Writes will not be immediately written to disk.
nfs    | Displaying /etc/exports contents:
nfs    | /nfsshare *(rw,fsid=0,async,no_subtree_check,no_auth_nlm,insecure,no_root_squash)
nfs    | 
nfs    | Starting rpcbind...
nfs    | Displaying rpcbind status...
nfs    |    program version netid     address                service    owner
nfs    |     100000    4    tcp6      ::.0.111               -          superuser
nfs    |     100000    3    tcp6      ::.0.111               -          superuser
nfs    |     100000    4    udp6      ::.0.111               -          superuser
nfs    |     100000    3    udp6      ::.0.111               -          superuser
nfs    |     100000    4    tcp       0.0.0.0.0.111          -          superuser
nfs    |     100000    3    tcp       0.0.0.0.0.111          -          superuser
nfs    |     100000    2    tcp       0.0.0.0.0.111          -          superuser
nfs    |     100000    4    udp       0.0.0.0.0.111          -          superuser
nfs    |     100000    3    udp       0.0.0.0.0.111          -          superuser
nfs    |     100000    2    udp       0.0.0.0.0.111          -          superuser
nfs    |     100000    4    local     /var/run/rpcbind.sock  -          superuser
nfs    |     100000    3    local     /var/run/rpcbind.sock  -          superuser
nfs    | Starting NFS in the background...
nfs    | rpc.nfsd: knfsd is currently down
nfs    | rpc.nfsd: Writing version string to kernel: -2 -3 +4 +4.1 +4.2
nfs    | rpc.nfsd: Created AF_INET TCP socket.
nfs    | rpc.nfsd: Created AF_INET6 TCP socket.
nfs    | Exporting File System...
nfs    | exporting *:/nfsshare
nfs    | exportfs: /nfsshare does not support NFS export
nfs    | Export validation failed, exiting...

Please help me!

`-e READ_ONLY` vs `-e READ_ONLY=true`

The readme says "Adding -e READ_ONLY will cause the exports file to contain ro instead of rw".

Running this with -e READ_ONLY:

docker run -it --rm --name nfs --privileged -v /tmp:/nfsshare -e SHARED_DIRECTORY=/nfsshare -p 2049:2049 -e READ_ONLY -e SYNC=true itsthenetwork/nfs-server-alpine

it says:

The READ_ONLY environment variable is unset or null, defaulting to 'rw'.
Clients have read/write access.

It says rw when it is supposed to be ro.

Nevertheless with -e READ_ONLY=true like this:

docker run -it --rm --name nfs1 --privileged -v /tmp:/nfsshare -e SHARED_DIRECTORY=/nfsshare -p 2049:2049 -e READ_ONLY=true -e SYNC=true itsthenetwork/nfs-server-alpine

it says:

The READ_ONLY environment variable is set.
Clients will have read-only access.

Should the README be updated? Or am I missing something?

NSF2 is removed

I believe NFS2 has been removed, therefore this line /usr/sbin/rpc.nfsd --debug 8 --no-udp --no-nfs-version 2 --no-nfs-version 3 will result in an error: 2: Unsupported version. The line now becomes: /usr/sbin/rpc.nfsd --debug 8 --no-udp --no-nfs-version 3. The error shows when you rebuild the image.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.