docker volume nfs权限被拒绝
[英]docker volume nfs permission denied
问题描述
I'm hitting a wall :( 
我撞墙了:(
I try to use a NFS volume in docker for sharing / accessing container state data over a docker swarm. 我尝试在docker中使用NFS卷通过docker swarm共享/访问容器状态数据。 But I allready fail in creating a working volume. 但是我已经无法创建工作量。 I read a lot of SO threads, the docker documentation, etc. 我读了很多SO线程,docker文档等。
As far as I can tell there are at least two ways to get this done. 据我所知,至少有两种方法可以完成此任务。 The built in docker volume and external docker-volume driver. 内置的docker volume和外部docker-volume驱动程序。 I would prefer to use the docker volume 我更喜欢使用docker volume
I use a FreeBSD machine as NFS Server and two ubuntu clients as docker nodes. 我使用FreeBSD机器作为NFS服务器,使用两个ubuntu客户端作为docker节点。 I created the NFS share and mounted it manually on the ubuntu machines: 我创建了NFS共享并将其手动安装在ubuntu机器上:
mount -o v3 -t nfs 10.0.0.108:/usr/srv/docker/registry /mnt
mount | grep nfs
10.0.0.108:/usr/srv/docker on /mnt type nfs (rw,relatime,vers=3,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.0.0.108,mountvers=3,mountport=794,mountproto=udp,local_lock=none,addr=10.0.0.108)
So far so good. 到现在为止还挺好。 Now I try to create a docker volume: 现在,我尝试创建一个docker卷:
docker volume create \
--driver local \
--opt type=nfs \
--opt device=:/usr/srv/docker/registry \
--opt "o=addr=10.0.0.108,vers=3,rw"
registry
Here I tried several versions of "o=...." . 在这里,我尝试了多个版本的"o=...." 。
Docker returns a success in creating the volume... or it simply writes the volume name, without any comment :) Docker成功创建了卷...或者只写了卷名,没有任何注释:)
Next step: Testing the volume: 下一步:测试音量:
docker run --rm -i -v=registry:/tmp/myvolume busybox ls -lA /tmp/myvolume
That's the moment where the errors "pile up". 那是错误“堆积”的时刻。
On the NFS Server: 在NFS服务器上:
Mar 27 17:17:51 $host mountd[1002]: mount request denied from 10.0.0.106 for /usr/srv/docker/registry
On the docker node: 在docker节点上:
docker: Error response from daemon:
error while mounting volume '/var/lib/docker/volumes/registry/_data':
error while mounting volume with options:
type='nfs' device=':/usr/srv/docker/registry' o='addr=10.0.0.108,vers=3,mountaddr=10.0.0.108,mountvers=3':
permission denied.
As far as I understand the documentation the permission denied is an output of the kernel/nfs-client. 据我了解的文档, permission denied的permission denied是kernel / nfs-client的输出。 But I don't understand why this happens. 但是我不明白为什么会这样。
Any suggestions? 有什么建议么?
Thanks! 谢谢!
EDIT: Used Docker version is: 编辑:使用的Docker版本是:
Docker version 17.12.1-ce, build 7390fc6
1 个解决方案
解决方案1
0 2018-03-28 09:47:01
On the FreeBSD server you muss allow the filesystem to be mounted. 在FreeBSD服务器上,您想让文件系统挂载。
check your mountpoint with: 使用以下方法检查安装点:
mount
Then edit or create the /etc/exports file: 然后编辑或创建/ etc / exports文件:
# if /usr/srv/docker/registry is a moutpoint
/usr/srv/docker/registry -network 10.0.0.0 -mask 255.0.0.0
# if /usr/srv/docker/registry is a direcoty under /usr
/usr -alldirs -network 10.0.0.0 -mask 255.0.0.0
If you use ZFS you can also activate the sharing with "zfs", see manpage. 如果使用ZFS,还可以使用“ zfs”激活共享,请参见联机帮助页。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.