[lxc-users] file sharing with unprivileged containers

[Josh Ford]

Wow -- I'm actually embarrassed how easy this actually was after I, (ahem) read the ... well, you know.   

For those of us rookies out there, here it is:

As mentioned below, I was really just looking for a way to share common data across containers -- and I don't really care whether it is run on the host or in a container.  Thus, a simple shared folder on the host works just fine for me.  

The following worked for me:

1 - sudo mkdir /shared_data (on the host)
2 - sudo chmod 777 /shared_data (just to test and make sure the mount works -- will firm up permissions later)
3 - lxc-start -n p1
4 - sudo mkdir /shared_data (in p1) && sudo chmod 777 /shared_data 
5 - logout of the container and shut it down
6 - edit the container's config to add the following:

lxc.mount.entry = /shared_data shared_data none bind.ro 0.0

7 - restart the container and ssh in.  You should now be able to read and write to the /shared_data directory in your container.
8 - do a victory dance. 

Cheers,

Josh

On Thu 02-19-15 07:51, Josh Ford wrote:
>Kick me if this is what lxcfs is all about:
>
>I recently came across the following article and was wondering if the same could somehow be done using unprivileged containers:
>
>http://www.flockport.com/build-distributed-storage-nodes-with-lxc-and-gluster/
>
>I've tried adding the following to my container configs:
>
>#fuse
>lxc.cgroup.devices.allow = c 10:229 rwm
>
>But I get the following when I go to mknod in the container:
>
>jimmy at p1:~$ sudo mknod /dev/fuse c 10 229
>mknod: ‘/dev/fuse’: Permission denied
>
>At the end of the day, I'm just trying to figure out the easiest way to share 'centralized' files (e.g., an 'uploads' folder) among my various containers.  They will all need access in the same manner nfs would be used with physical servers.
>
>Apologies in advance if the answer is obvious, but I greatly appreciate any guidance any of you can provide.
>
>Cheers,
>
>Josh
>
>
>
>