[lxc-users] NFS mounts and unprivileged containers

Fajar A. Nugraha list at fajar.net
Fri Dec 4 12:54:02 UTC 2015


On Fri, Dec 4, 2015 at 5:56 PM, Matthew Green <mephi at mephi.co.uk> wrote:

> The host is expected to be the NFS server to start with, but using bind
> mounts (I think this is what you're suggesting) gives me concerns about
> portability and backups.
>
>

(1) Not EVERY use case is suitable for unpriv containers. So don't be
surprised if yours isn't one of them.

(2) IIRC it's NOT recommended to have an nfs client mounting nfs share from
localhost (i.e. loopback nfs mount), At least in old kernels:
https://lwn.net/Articles/595652/ . Not sure about current (e.g. 4+) kernels
though.

(3) What kind of "portability" are you talking about here? Moving between
virt systems (e.g. KVM -> lxc, or whatever)? If its THAT, then you'd always
have to perform some level of adjustment anyway, with or without additional
bind mounts.

If you mean "what happens when the nfs server is on another server", then
the host can import the share on the SAME path as you're currently using,
and bind-mount will continue to work (as long as the path and
owner/permission is the same)

(4) you create a backup strategy that fits your needs.

-- 
Fajar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20151204/7a51f4d3/attachment.html>


More information about the lxc-users mailing list