docker-nfs-server icon indicating copy to clipboard operation
docker-nfs-server copied to clipboard

Published 20 hours ago verified publisher icon ehough

feature: Docker for Mac support

Open renepardon opened this issue 4 years ago • 16 comments

Hello, I try to run this docker conainer with the following docker-compose.yml file:

version: '3'

services:
  nfs-server:
    image: erichough/nfs-server
    volumes:
      - nfs:/filesystem
      - ./nfs/exports.txt:/etc/exports:ro
    ports:
      - 20490:2049
    #    privileged: true
    cap_add:
      - CAP_SYS_ADMIN

volumes:
  nfs:

My OS: macOS Mojave (10.14.5 (18F132)) docker-compose version 1.24.0, build 0aa59064 docker-py version: 3.7.2 CPython version: 3.6.8 OpenSSL version: OpenSSL 1.1.0j 20 Nov 2018

Client: Docker Engine - Community Version: 19.03.0-rc2 API version: 1.40 Go version: go1.12.5

I receive the following error:

Attaching to dev-setup_nfs-server_1
nfs-server_1  | 
nfs-server_1  | ==================================================================
nfs-server_1  |       SETTING UP ...
nfs-server_1  | ==================================================================
nfs-server_1  | ----> kernel module nfs is missing
nfs-server_1  | ----> 
nfs-server_1  | ----> ERROR: nfs module is not loaded in the Docker host's kernel (try: modprobe nfs)
nfs-server_1  | ----> 
dev-setup_nfs-server_1 exited with code 1

How can I get this to work? :)

renepardon avatar Jul 18 '19 12:07 renepardon

I have the same issue Docker 18.09.02

HumbleSpirit avatar Jul 20 '19 16:07 HumbleSpirit

I think I found a solution. It's a bit hacky due to the nature of Docker for Mac's architecture, and I haven't tested this since don't have immediate access to macOS 10.12 or higher. I should be able to test this on a friend's machine (with macOS Mojave) this week.

In the meantime, here's what I would try:

  1. $ hdiutil attach /Applications/Docker.app/Contents/Resources/linuxkit/docker-for-mac.iso

    This will mount a disk image at /Volumes/ISOIMAGE

  2. $ cp -r /Volumes/ISOIMAGE/lib/modules /any/path/on/your/machine

    You may unmount the disk image after this copy is done, if you'd like.

  3. Follow these instructions to allow the container to automatically load the required kernel modules. However instead of bind-mounting /lib/modules, you'll want to bind-mount whatever destination path you used in step 2. e.g.

    docker run -v /some/host/path/modules:/lib/modules:ro --cap-add SYS_MODULE ...

I'll report back once I am able to test this first-hand, but please feel free to give it a try and let us know how it goes.

ehough avatar Jul 22 '19 06:07 ehough

Update - I was able to test this procedure on mac OS Mojave. It fixes the ERROR: nfs module is not loaded error, but now exportfs is complaining:

exportfs: Warning: /... does not support NFS export.

I'll continue to test as I'm able and will continue to report back.

ehough avatar Jul 23 '19 18:07 ehough

After sharing folder in Docker preferences - Снимок экрана 2019-07-23 в 22 59 27 and starting container I've got also exportfs error

Status: Downloaded newer image for erichough/nfs-server:latest

==================================================================
      SETTING UP ...
==================================================================
----> kernel module nfs is missing
----> attempting to load kernel module nfs
----> kernel module nfsd is missing
----> attempting to load kernel module nfsd
----> setup complete

==================================================================
      STARTING SERVICES ...
==================================================================
----> starting rpcbind
exportfs: Failed to stat /Users/admin/Downloads/pxe_docker/nfsroot/client1: No such file or directory
----> starting exportfs
----> 
----> ERROR: /usr/sbin/exportfs failed
----> 

==================================================================
      TERMINATING ...
==================================================================
----> terminating nfsd
----> rpc.statd was not running
----> rpc.mountd was not running
----> un-exporting filesystem(s)
----> terminating rpcbind

==================================================================
      TERMINATED
==================================================================`

Shared folder, of course, present in-place

HumbleSpirit avatar Jul 23 '19 20:07 HumbleSpirit

Another update: I was able to make further progress by

  1. Ensuring that any bind-mounted directories where present in the "File Sharing" preferences area.
  2. Adding the fsid parameter to my export. e.g. /nfs/share1 *(ro,fsid=999)

The the container starts successfully, however I'm not yet able to establish any network connections. Still working on it and will report back once I have made more progress.

ehough avatar Jul 30 '19 17:07 ehough

@HumbleSpirit could you pass along your full docker run command (or docker-compose.yml, etc.)? Your invocation should not have raised hat error.

ehough avatar Jul 30 '19 17:07 ehough

@HumbleSpirit could you pass along your full docker run command (or docker-compose.yml, etc.)? Your invocation should not have raised hat error.


docker run  \
--net=host \
--privileged \
--cap-add SYS_ADMIN  \
--cap-add SYS_MODULE \
-e SHARED_DIRECTORY=/nfs \
-v "$(pwd)/modules/modules":/lib/modules:ro \
-v "$(pwd)/nfsroot/client1":/nfs \
-v "$(pwd)/exports.txt":/etc/exports:ro \
erichough/nfs-server

HumbleSpirit avatar Jul 30 '19 18:07 HumbleSpirit

@HumbleSpirit thank you. I'm assuming that $(pwd) is /Users/admin/Downloads/pxe_docker. In that case,

-v "$(pwd)/nfsroot/client1":/nfs

means that /Users/admin/Downloads/pxe_docker/nfsroot/client1 will be available inside the container at /nfs/nfsroot/client1. So you simply need to make sure that exports.txt refers to /nfs/... and not /Users/admin/Downloads/pxe_docker/....

Does that make sense?

ehough avatar Jul 30 '19 20:07 ehough

Thanks. I bit helped. I changed paths in my exports, fixed spaces so /etc/exports looks like /nfs/ *(ro,no_subtree_check,fsid=999) Now i'm running

==================================================================
      SETTING UP ...
==================================================================
----> kernel module nfs is missing
----> attempting to load kernel module nfs
----> kernel module nfsd is missing
----> attempting to load kernel module nfsd
----> setup complete

==================================================================
      STARTING SERVICES ...
==================================================================
----> starting rpcbind
----> starting exportfs
----> starting rpc.mountd on port 32767
----> starting rpc.statd on port 32765 (outgoing from port 32766)
Statd service already running!
----> 
----> ERROR: /sbin/rpc.statd failed
----> 

==================================================================
      TERMINATING ...
==================================================================
----> terminating nfsd
----> rpc.statd was not running
----> terminating rpc.mountd
----> un-exporting filesystem(s)
----> terminating rpcbind

==================================================================
      TERMINATED
==================================================================`

Also in updated Docker Docker version 19.03.1, build 74b1e89 no docker-for-mac.iso in linuxkit. They are changed filename to docker-desktop.iso

HumbleSpirit avatar Aug 05 '19 10:08 HumbleSpirit

I get a completely different issue on macOS with the latest versions of Docker for Mac, Docker and macOS:

$ mount -v -t nfs -o vers=4 127.0.0.1:/data ./mnt
mount_nfs: can't mount /data from 127.0.0.1 onto /Users/james/Repos/aom/docker_ghorg/base.nfs-server/mnt: No such file or directory
mount: /Users/james/Repos/aom/docker_ghorg/base.nfs-server/mnt failed with 2

The hack for copying the Kernel modules from the ISO is no longer required as they are there now by default.

prologic avatar Jan 04 '21 22:01 prologic

I am trying to export docker volume to local computer only. I was also not able to mount share when serving from 127.0.0.1 with the same error as in previous post. I tried to use host only networking of docker. With that the container fails to start altogether as shown below:

$ docker run -v ~/mnt/initrd/lib/modules:/lib/modules -v myvolume:/workdir \
-e NFS_EXPORT_0='/workdir/ *(rw,no_subtree_check)' \
--cap-add SYS_ADMIN --cap-add SYS_MODULE -e SHARED_DIRECTORY=/workdir --privileged \
--network host erichough/nfs-server

==================================================================
      SETTING UP ...
==================================================================
----> building /etc/exports from environment variables
----> collected 1 valid export(s) from NFS_EXPORT_* environment variables
----> setup complete

==================================================================
      STARTING SERVICES ...
==================================================================
----> starting rpcbind
----> starting exportfs
----> starting rpc.mountd on port 32767
----> starting rpc.statd on port 32765 (outgoing from port 32766)
Statd service already running!
----> 
----> ERROR: /sbin/rpc.statd failed
----> 

==================================================================
      TERMINATING ...
==================================================================
----> terminating nfsd
----> rpc.statd was not running
----> terminating rpc.mountd
----> un-exporting filesystem(s)
----> terminating rpcbind

==================================================================
      TERMINATED
==================================================================

vldmrrr avatar Mar 19 '21 15:03 vldmrrr 

ls -l /Applications/Docker.app/Contents/Resources/linuxkit/
total 1215712
-rw-r--r--  1 brandonros  admin        111 Jan 13 07:02 cmdline
-rw-r--r--  1 brandonros  admin  345293312 Mar 22 12:03 docker.tar
-rw-r--r--  1 brandonros  admin  109999418 Mar 22 12:03 initrd.img
-rw-r--r-x  1 brandonros  admin   23570944 Mar 17 12:37 kernel
-rw-r--r--  1 brandonros  admin  143567360 Mar 22 12:03 services.tar

That ISO is gone. Not quite sure how to modprobe nfs in Docker for Mac "Linux kernel"?

brandonros avatar Apr 07 '22 02:04 brandonros

I was playing around with docker-nfs-server (in Kubernetes on Docker Desktop), and got it working. I'm not sure what happened in the meantime, but after some days it wouldn't start, and I would get the error reported here:

ERROR: nfs module is not loaded in the Docker host's kernel (try: modprobe nfs)

I found this SO answer from 2017 that allowed me to run the needed modprobe commands:

docker run --rm -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
 # in the container:
modprobe nfs
modprobe nfsd

After that, the NFS server started fine.

A bit confused of what's happened since I first got docker-nfs-server to work, until today. Maybe the VM had been configured with modprobe (when I was doing some testing), and a Docker Desktop upgrade caused that to be reset. 🤷

kbakk avatar Jul 22 '22 15:07 kbakk

@kbakk very helpful, thank you. So to be clear, you aren't using this Docker image at all: https://hub.docker.com/r/erichough/nfs-server/

but instead just debian? Do you think in the context of this repo you could get this erichough/nfs-server image to work without much effort?

brandonros avatar Jul 22 '22 17:07 brandonros

I run the NFS server in erichough/nfs-server, the only the modprobe command was run in the Debian image.

kbakk avatar Jul 22 '22 17:07 kbakk

I run the NFS server in erichough/nfs-server, the only the modprobe command was run in the Debian image.

gotcha, thanks. I misunderstood what the nsenter command does

nsenter \
  -t 1 \ # target PID
  -m \ # mount namespace
  -u \ # uts namespace
  -n \ # net namespace
  -i \ # ipc namespace
  sh

I guess running the privileged instance of sh entered in these special namespace privileges is enough to get modprobe to work, nice find!

https://man7.org/linux/man-pages/man1/nsenter.1.html

brandonros avatar Jul 22 '22 17:07 brandonros