Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Oneclient docker not exposing NFS #4

Open
valerioformato opened this issue Jul 21, 2017 · 1 comment
Open

Oneclient docker not exposing NFS #4

valerioformato opened this issue Jul 21, 2017 · 1 comment
Labels

Comments

@valerioformato
Copy link

valerioformato commented Jul 21, 2017

After starting a container, passing host and token as env variables, the NFS access point is not exposed to the host system.

$ docker run -it --privileged -e ONECLIENT_PROVIDER_HOST -e ONECLIENT_ACCESS_TOKEN -v ~/.oneclient_local:/root/.local/share/oneclient onedata/oneclient:17.06.0-beta6
Connecting to provider 'oneprovider.cloud.cnaf.infn.it:5555' using session ID: '7800789129593989533'...
Getting configuration...
Oneclient has been successfully mounted in '/mnt/oneclient'.

but logging in the container one can easily see that NFS is not running, and doesn't start

$ docker ps
CONTAINER ID        IMAGE                             COMMAND                  CREATED             STATUS              PORTS               NAMES
40057641ed30        onedata/oneclient:17.06.0-beta6   "/root/run.sh /mnt..."   2 minutes ago       Up 2 minutes                            eloquent_morse
$ docker exec -it 40057641ed30 bash
root@40057641ed30:/tmp# service nfs-kernel-server status\
nfsd not running
root@40057641ed30:/tmp# service nfs-kernel-server start
 * Exporting directories for NFS kernel daemon...                                                              [ OK ]
 * Starting NFS kernel daemon                                                                                  [ OK ]
root@40057641ed30:/tmp# service nfs-kernel-server status
nfsd not running

as confirmed by trying to mount the remote volume on the host

$ docker inspect --format "{{ .NetworkSettings.IPAddress }}" $(docker ps -ql)
172.17.0.2

screen shot 2017-07-21 at 10 48 26
screen shot 2017-07-21 at 10 44 25

Tested on 17.06.0-beta6, OSX version 10.12.5, Docker version 17.06.0-ce-mac19 (18663)

@groundnuty
Copy link
Member

groundnuty commented Jul 23, 2017

oneclient: 17.06.0-beta6
Docker CE Version: 17.06.0-ce-mac19 (18663), Channel: stable, c98c1c25e0
macos10.12.6 (16G29)

@valerioformato yes, unfortunately, you are right. Moreover, it's not even possible to ping a container. The reasons for that are explained here.

The only viable solution proposed by Docker is to expose container ports to host:

  • nfs: -p 111:111 -p 111:111/udp -p 2049:2049 -p 2049:2049/udp
  • smb: -p 137:137/udp -p 138:138/udp -p 139:139 -p 445:445

The full command is as follows:

docker run -it -p 137:138/udp -p 137:138/udp -p 139:139 -p 445:445 -p 111:111 -p 111:111/udp -p 2049:2049 -p 2049:2049/udp --privileged -e ONECLIENT_PROVIDER_HOST -e ONECLIENT_ACCESS_TOKEN=-v /tmp/o:/root/.local/share/oneclient onedata/oneclient:17.06.0-beta6

Unfortunately, that command refused to work with 137:138/udp -p 137:138/udp:

docker: Error response from daemon: driver failed programming external connectivity on endpoint stupefied_mayer (c6c3530b390fb0aac6abefb43fac9c6d7c339cbc0fb130a62ce1fc0bd8edbb1b): Error starting userland proxy: Bind for 0.0.0.0:137: unexpected error (Failure EADDRINUSE).

without those ports command works as expected.

I performed few tests from the command line:

SMB

smbutil view -g //localhost
Share                                           Type    Comments
-------------------------------
onedata                                         Disk
IPC$                                            Pipe    IPC Service (Samba 4.3.11-Ubuntu)
mount_smbfs //Guest@localhost/onedata /tmp/onedata

One can list the content of the mounted directory but its quite slow, much slower than from within the container.

NFS

The command used to list shares, shows nothing:

showmount -e localhost

From within the container we can see that nfs is working:

root@7eb5eced30b4:/tmp# showmount -e 172.17.0.2
Export list for 172.17.0.2:
/mnt/oneclient *

We will continue to investigate, but atm. I'm out of ideas. This feature was developed before native docker for macos was released. With docker running on virtualbox it works well.

@bkryza @luman75 please be aware of this issue.

@groundnuty groundnuty added the bug label Jul 23, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants