Does anyone know how to mount nfs share inside docker container with centos base image? I've tried this command: <pre class="prettyprint"><code>mount server:/dir /mount/point </code></pre> and got the next error: <code>mount.nfs: rpc.statd is not running but is required for remote locking.</code> <code>mount.nfs: Either use '-o nolock' to keep locks local, or start statd.</code> <code>mount.nfs: an incorrect mount option was specified</code> when I try to use it with -o nolock option, the error is: <pre class="prettyprint"><code>mount.nfs: Operation not permitted </code></pre>

Starting from docker 17.06, you can mount NFS shares to the container directly when you run it, without the need of extra capabilities <pre class="prettyprint"><code>export NFS_VOL_NAME=mynfs export NFS_LOCAL_MNT=/mnt/mynfs export NFS_SERVER=my.nfs.server.com export NFS_SHARE=/my/server/path export NFS_OPTS=vers=4,soft docker run --mount \ "src=$NFS_VOL_NAME,dst=$NFS_LOCAL_MNT,volume-opt=device=:$NFS_SHARE,\"volume-opt=o=addr=$NFS_SERVER,$NFS_OPTS\",type=volume,volume-driver=local,volume-opt=type=nfs" \ busybox ls $NFS_LOCAL_MNT </code></pre> Alternatively, you can create the volume before the container: <pre class="prettyprint"><code>docker volume create \ --driver local \ --opt type=nfs \ --opt o=addr=$NFS_SERVER,$NFS_OPTS \ --opt device=:$NFS_SHARE \ $NFS_VOL_NAME docker run --rm -v $NFS_VOL_NAME:$NFS_LOCAL_MNT busybox ls $NFS_LOCAL_MNT </code></pre> <ul> <li>Got the hint from https://github.com/moby/moby/issues/28809 </li> <li>official docs from docker: https://docs.docker.com/storage/volumes/#create-a-service-which-creates-an-nfs-volume </li> </ul>

For using <code>mount</code>, you'll need the <code>CAP_SYS_ADMIN</code> capability, which is dropped by Docker when creating the container. There are several solutions for this: <ol> <li>Start the container with the <code>--cap-add sys_admin</code> flag. This causes Docker to retain the <code>CAP_SYS_ADMIN</code> capability, which should allow you to mount a NFS share from within the container. This might be a security issue; do not do this in untrusted containers. [A previous version of this answer suggested using the <code>--privileged=true</code> to retain all capabilities, thanks to @earcam for the suggestion to use <code>--cap-add</code> instead].</li> <li> Mount the NFS share on the host and pass it into the container as a host volume: <pre class="prettyprint"><code>you@host > mount server:/dir /path/to/mount/point you@host > docker run -v /path/to/mount/point:/path/to/mount/point </code></pre> </li> <li> Use a Docker volume plugin (like the Netshare plugin) to directly mount the NFS share as a container volume: <pre class="prettyprint"><code>you@host > docker run \ --volume-driver=nfs \ -v server/dir:/path/to/mount/point \ centos </code></pre> </li> </ol>

Mounting nfs shares inside docker container

Tags:

docker

mount

centos

nfs

Does anyone know how to mount nfs share inside docker container with centos base image? I've tried this command:

mount server:/dir /mount/point

and got the next error:

mount.nfs: rpc.statd is not running but is required for remote locking.
mount.nfs: Either use '-o nolock' to keep locks local, or start statd.
mount.nfs: an incorrect mount option was specified

when I try to use it with -o nolock option, the error is:

mount.nfs: Operation not permitted

203

asked Oct 07 '16 16:10

Anatoli

2 Answers

Starting from docker 17.06, you can mount NFS shares to the container directly when you run it, without the need of extra capabilities

export NFS_VOL_NAME=mynfs export NFS_LOCAL_MNT=/mnt/mynfs export NFS_SERVER=my.nfs.server.com export NFS_SHARE=/my/server/path export NFS_OPTS=vers=4,soft  docker run --mount \   "src=$NFS_VOL_NAME,dst=$NFS_LOCAL_MNT,volume-opt=device=:$NFS_SHARE,\"volume-opt=o=addr=$NFS_SERVER,$NFS_OPTS\",type=volume,volume-driver=local,volume-opt=type=nfs" \   busybox ls $NFS_LOCAL_MNT

Alternatively, you can create the volume before the container:

docker volume create \   --driver local \   --opt type=nfs \   --opt o=addr=$NFS_SERVER,$NFS_OPTS \   --opt device=:$NFS_SHARE \   $NFS_VOL_NAME  docker run --rm -v $NFS_VOL_NAME:$NFS_LOCAL_MNT busybox ls $NFS_LOCAL_MNT

Got the hint from https://github.com/moby/moby/issues/28809
official docs from docker: https://docs.docker.com/storage/volumes/#create-a-service-which-creates-an-nfs-volume

179

answered Sep 18 '22 20:09

ThiagoAlves

For using mount, you'll need the CAP_SYS_ADMIN capability, which is dropped by Docker when creating the container.

There are several solutions for this:

Start the container with the --cap-add sys_admin flag. This causes Docker to retain the CAP_SYS_ADMIN capability, which should allow you to mount a NFS share from within the container. This might be a security issue; do not do this in untrusted containers. [A previous version of this answer suggested using the --privileged=true to retain all capabilities, thanks to @earcam for the suggestion to use --cap-add instead].

Mount the NFS share on the host and pass it into the container as a host volume:

you@host > mount server:/dir /path/to/mount/point you@host > docker run -v /path/to/mount/point:/path/to/mount/point

Use a Docker volume plugin (like the Netshare plugin) to directly mount the NFS share as a container volume:
```
you@host > docker run \   --volume-driver=nfs \   -v server/dir:/path/to/mount/point \   centos 
```

answered Sep 19 '22 20:09

helmbert

Related questions
                            
                                How to directly mount NFS share/volume in container using docker compose v3
                            
                                Docker-compose up : Error while fetching server API version: ('Connection aborted.', ConnectionRefusedError(61, 'Connection refused'))
                            
                                Docker service start failed
                            
                                Does Jenkins Pipeline Plug-in support Docker Compose?
                            
                                ECS/ECR: is common practice to have one repository per image (and associated versions)?
                            
                                How to remove intermediate images from a build after the build?
                            
                                Can I mount docker host directory as copy on write/overlay?
                            
                                Docker-compose - volumes driver local meaning
                            
                                Docker-compose volume mount before run
                            
                                MySQL scripts in docker-entrypoint-initdb are not executed
                            
                                gdb in docker container returns "ptrace: Operation not permitted."
                            
                                Remove an image tag from Docker Hub?
                            
                                Adding files to standard images using docker-compose
                            
                                How to flatten a Docker image?
                            
                                Why am I getting an RTNETLINK Operation Not Permitted when using Pipework with Docker containers?
                            
                                Wordpress Docker won't increase upload limit
                            
                                "docker images" shows image, "docker rmi" says "no such image" or "reference does not exist"
                            
                                docker restart container failed: "already in use", but there's no more docker image
                            
                                Running composer install within a Dockerfile
                            
                                Define size for /dev/shm on container engine

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With