[Lxc-users] Shared file access inside a container (was: Converting existing CentOS 6.x to container within Ubuntu 12.04 - can that be simple?)

[Jäkel, Guido]

>(1) I'm not sure you can do nfs-mount inside an lxc container

Yes, you can for the simplest solution.

But also, you can mount it on the host and propagate it (or any subtree, e.g. for a concrete container) via an bind-mount to the container. If you have a lot of containers, this will reduce the number of NFS-mounts to one per host. And if the containers will use the same set of files, there will use local locking and share the same fs-cache. 

Also, as the network traffic caused by NFS operations will be handled by the host and there is no "traffic" caused by file access inside the containers, the container don't need to have network access to the NFS server used. With other words, the NFS server don't need to be exposed to the network domain of the containers but just to that of the host.


A entry in an lxc fstab file (referred by lxc.mount=) like

	/mnt/ext_nfs/container_foo  mnt/my_nfs_part   none bind 0 0

will propagate (a former at host at  /mnt/ext_nfs  mounted) external NFS source (with a tree container_foo) to the mount point  /mnt/my_nfs_part  of the container foo.


This paradigm will also serve the principle "Separation of Concerns", because the container don't have to know about the source of the shared file space. It might be shifted, splitted or reconfigured otherwise in case of external needs and it even don't need to be served by NFS.


Guido