nfs share from lxc

ilia987

Active Member
Sep 9, 2019
275
13
38
37
under latest proxmox (6.1)
i have some issues to run nfs server

Code:
Feb 11 11:36:32 nfs-intenral systemd[1]: proc-fs-nfsd.mount: Failed to reset devices.list: Operation not permitted
Feb 11 11:36:32 nfs-intenral systemd[1]: Mounting NFSD configuration filesystem...
-- Subject: Unit proc-fs-nfsd.mount has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit proc-fs-nfsd.mount has begun starting up.
Feb 11 11:36:32 nfs-intenral systemd[1]: run-rpc_pipefs.mount: Failed to reset devices.list: Operation not permitted
Feb 11 11:36:32 nfs-intenral systemd[1]: Mounting RPC Pipe File System...
-- Subject: Unit run-rpc_pipefs.mount has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit run-rpc_pipefs.mount has begun starting up.
Feb 11 11:36:32 nfs-intenral mount[367]: mount: only root can use "--types" option (effective UID is 100000)
Feb 11 11:36:32 nfs-intenral systemd[1]: nfs-config.service: Failed to reset devices.list: Operation not permitted
Feb 11 11:36:32 nfs-intenral mount[368]: mount: only root can use "--types" option (effective UID is 100000)
Feb 11 11:36:32 nfs-intenral systemd[1]: Starting Preprocess NFS configuration...
-- Subject: Unit nfs-config.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
...
...
...

lxc.conf file
Code:
arch: amd64
cores: 4
hostname: nfs-intenral
memory: 4096
mp4: /mnt/pve/cephfs-data/data,mp=/mnt/ftd,backup=0,shared=1,replicate=0
net0: name=eth0,bridge=vmbr0,firewall=1 <<deleted >>
ostype: ubuntu
rootfs: ceph-lxc:vm-139-disk-0,size=8G
swap: 0
unprivileged: 0
lxc.apparmor.profile: unconfined
 
Are you trying to mount an NFS share in a container or export one? The latter is not supported, and for the former you have to add the 'NFS' feature to your container (only available as privileged).

Also, setting your container to be unprivileged but removing all apparmor restrictions seriously hurts security, and I'd recommend against it.
 
I know this is a somewhat old ticket, but it was possible to export and NFS share in Proxmox 4.4. Has this been dropped intentionally, or it is just not implimented in the newer version?

Also, NFS provides a simple way to mount a backup location, which then can be used to backup a vm of lxc from another remote proxmox cluster and restore it one the cluster that hosts the NFS guest. There doesn't seem to be an easy way to achieve with without NFS, is there?
 
eventually , we managed to make it work: we set some lxc.apparmor settings
I have added the apparmour settings, but it doesn't help.

Code:
# service nfs-server status
* nfs-server.service - NFS server and services
   Loaded: loaded (/lib/systemd/system/nfs-server.service; enabled; vendor preset: enabled)
   Active: inactive (dead)
root@backup:~# service nfs-server start
A dependency job for nfs-server.service failed. See 'journalctl -xe' for details.
root@backup:~# journalctl -xe
-- Subject: Unit nfs-idmapd.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit nfs-idmapd.service has failed.
--
-- The result is RESULT.
Apr 22 09:43:02 backup systemd[1]: nfs-idmapd.service: Job nfs-idmapd.service/start failed with result 'dependency'.
Apr 22 09:43:02 backup systemd[1]: nfs-server.service: Job nfs-server.service/start failed with result 'dependency'.
Apr 22 09:43:02 backup systemd[1]: nfs-mountd.service: Job nfs-mountd.service/start failed with result 'dependency'.
Apr 22 09:43:02 backup mount[416]: mount: /run/rpc_pipefs: permission denied.
Apr 22 09:43:02 backup systemd[1]: run-rpc_pipefs.mount: Mount process exited, code=exited status=32
Apr 22 09:43:02 backup systemd[1]: run-rpc_pipefs.mount: Failed with result 'exit-code'.
Apr 22 09:43:02 backup systemd[1]: Failed to mount RPC Pipe File System.

The config file has:

Code:
# cat /etc/pve/lxc/152.conf
features: fuse=1,nesting=1
arch: amd64
cores: 2
hostname: backup
memory: 2048
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.131.254,hwaddr=7E:96:52:8B:01:D6,ip=192.168.131.193/24,type=veth
ostype: ubuntu
rootfs: standard:vm-152-disk-0,mountoptions=noatime,replicate=0,size=500G
swap: 4096
unprivileged: 1
lxc.apparmor.profile: unconfined

Any ideas on what may be wrong?
 
Last edited:
Are you trying to mount an NFS share in a container or export one? The latter is not supported, and for the former you have to add the 'NFS' feature to your container (only available as privileged).

Also, setting your container to be unprivileged but removing all apparmor restrictions seriously hurts security, and I'd recommend against it.

Is exporting a NFS share in a container supported in 7.1-12?
If not, how do you suggest to share storage btw a container running a Ubuntu20.04 and a VM running Ubuntu Desktop?
 
I am also very interested in running NFS Ganesha within a container.

Anyone here has experience with this route? Can you please briefly share what you wish to know when you started?
 
I have this same problem, but from this CT template.

Screenshot from 2022-09-30 21-22-10.png
Why is Turnkey providing a CT template that supposedly includes NFS if NFS in a container is not supported?
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!