Cluster expose NFS Share to UnPriv LXC - 2 Methods

[TitanSerenity]

Read a bunch of posts about this, tested it, both work to the point that the data in the share is exposed to the Unpriv LXC in both cases. Wondering what the delta in functionality / risk is?

Proxmox 9.1.4, 3-host cluster (identical hosts)

Method 1: Host Mount + Bind Mount (recommended in multiple forum posts)

1. Mount NFS Share to Proxmox hosts as normal (fstab and /mnt/<whatever>)
2. Important to do identically on all cluster hosts for LXC migration/failover scenarios
3. Create target folder in LXC
4. Modify host /etc/pve/lxc/<ID>.conf to add mountpoint pointing from host mount (/mnt/<whatever>) to lxc mount

Method 2: Datacenter Storage + Bind Mount

1. Proxmox GUI, Datacenter> Storage > add Storage > NFS > Content = Snippets
2. Create target folder in LXC
3. Modify host /etc/pve/lxc/<ID>/conf to add mountpoint pointing from host mount (/mnt/pve/<whatever>) to lxc mount

Method 2 has a con in that Proxmox will create the "Snippets" folder in the share location. But its an empty folder. Meh. As long as you don't alreday have a folder named "snippets", non-issue imo.

Method 2 pros include centralizing management of exposing that NFS share, as opposed to manually modifying OS files (fstab) on each host. The Bind Mount lives in the LXC config, so will move with the LXC. Using a Datacenter Storage mount ensures consistency in location of the host target directory, and keeps management in the GUI (if that's a thing you care about).

Otherwise, the Method 1 con is that you have this NFS share connected that's not easily visible unless you know what you did. Its common (many guides), and simple enough, but I could see how you could come back to that in 3 years after having not touched it and going, 'What did I do?"

Is there any techncial reason why it matters?
(Crossposted from https://www.reddit.com/r/Proxmox/comments/1r7s445/cluster_expose_nfs_share_to_unpriv_lxc_2_methods/)