Hi, new user, trying to create bind mounts inside a container pointing to zfs datasets.
I create my zpool, and datasets, e.g.
zfs create ssdpool/test
zfs set mountpoint=/mnt/bind/test ssdpool/test
I use a Ubuntu Server 20.04 LTS container, and I add:
pct set 100 -mp1 /mnt/bind/test,mp=/test
I can see that changes I make on the host can be seen in the container, e.g.
pieter@server-2:~$ touch /mnt/bind/test/foo.txt
...
root@ubuntutest:~# ls -la /test
-rw-r--r-- 1 nobody nogroup 0 May 23 01:28 foo.txt
But, the user permissions inside the container do not match those outside the container.
If I try to change permissions from inside the container, I get an error:
root@ubuntutest:~# chmod -R a+rw /test
chmod: changing permissions of '/test': Operation not permitted
chmod: changing permissions of '/test/foo.txt': Operation not permitted
I understand that the user and group identifiers may not match between the host and the container or between containers.
I have some experience with Unraid where I can set the docker container user and group identifier to match those of the host, or I set permissions and ownership to nobody/users.
1) How can I set the permissions such that any user and any group can get r+w access, or how to I sync the user and group identifiers?
My ultimate goal is to move my docker containers and storage from Unraid to ZFS on Proxmox.
I could either install Docker on the proxmox host, or install Docker inside Ubuntu Server running in a container, and manage using docker, docker-compose, and portainer.
If I install on the host I can just map my volumes directly to zfs datasets.
If I install in a lxc container I need to use bind mounts to go from zfs datasets to the lxc container to the docker container.
2) If my primary needs are docker with volumes mapped to zfs datasets, why should I not just install docker directly on the host?
I create my zpool, and datasets, e.g.
zfs create ssdpool/test
zfs set mountpoint=/mnt/bind/test ssdpool/test
I use a Ubuntu Server 20.04 LTS container, and I add:
pct set 100 -mp1 /mnt/bind/test,mp=/test
I can see that changes I make on the host can be seen in the container, e.g.
pieter@server-2:~$ touch /mnt/bind/test/foo.txt
...
root@ubuntutest:~# ls -la /test
-rw-r--r-- 1 nobody nogroup 0 May 23 01:28 foo.txt
But, the user permissions inside the container do not match those outside the container.
If I try to change permissions from inside the container, I get an error:
root@ubuntutest:~# chmod -R a+rw /test
chmod: changing permissions of '/test': Operation not permitted
chmod: changing permissions of '/test/foo.txt': Operation not permitted
I understand that the user and group identifiers may not match between the host and the container or between containers.
I have some experience with Unraid where I can set the docker container user and group identifier to match those of the host, or I set permissions and ownership to nobody/users.
1) How can I set the permissions such that any user and any group can get r+w access, or how to I sync the user and group identifiers?
My ultimate goal is to move my docker containers and storage from Unraid to ZFS on Proxmox.
I could either install Docker on the proxmox host, or install Docker inside Ubuntu Server running in a container, and manage using docker, docker-compose, and portainer.
If I install on the host I can just map my volumes directly to zfs datasets.
If I install in a lxc container I need to use bind mounts to go from zfs datasets to the lxc container to the docker container.
2) If my primary needs are docker with volumes mapped to zfs datasets, why should I not just install docker directly on the host?
