Issues Mounting NFS Remote for Backups



  • I am having issues mounting an NFS Remote store for backups using XO. I'm on XCP-NG 8.1 with xo-server 5.66.0 and xo-web 5.69.0.

    The error I receive is as follows:

    Command failed with exit code 32: mount -o vers=3 -t nfs 172.23.1.20:/VM /run/xo-server/mounts/7f13127e-3167-4cc1-921a-6dd955984899 mount.nfs: access denied by server while mounting 172.23.1.20:/VM
    

    I am able to manually mount from shell (including the ability to write) using

    sudo mount -t nfs -o vers=3 172.23.1.20:/VM /mnt/nfs-test/
    

    I also am able to successfully mount this as a standard nfs SR without issue in XO. This device is a QNAP so I've done some digging into the issues surrounding that such as:
    https://github.com/xapi-project/sm/issues/511

    But it seems as though this may not be the issue since showmount shows both columns (unless I missed something).

    showmount -e 172.23.1.20
    Export list for 172.23.1.20:
    /Public *
    /VM     172.23.1.17,172.23.1.16
    

    I've also tried using vers=4 (which version 4 also works when mounting in XO as a standard nfs SR). What's weird with that is it seems to leave vers=3 in there and just appends ,vers=4 and I get a protocol error:

    Command failed with exit code 32: mount -o vers=3,vers=4 -t nfs 172.23.1.20:/VM /run/xo-server/mounts/7f13127e-3167-4cc1-921a-6dd955984899 mount.nfs: Protocol not supported
    

    Lastly, I've also created a folder at the root of the nfs share and tried to mount that but receive the same error:

    Command failed with exit code 32: mount -o vers=3 -t nfs 172.23.1.20:/VM/backups /run/xo-server/mounts/7f13127e-3167-4cc1-921a-6dd955984899 mount.nfs: access denied by server while mounting 172.23.1.20:/VM/backups
    

    I can't seem to figure out what I'm doing wrong here. This is my first experience with Xen and everything else seemed to go well...even passing through disks to FreeNAS. This seems pretty straightforward but I just can seem to get it working. Any help would be appreciated. TIA



  • @stevezemlicka are you using XO from sources? It looks like permission issue when creating local mount point, have you granted access to the user?



  • I'm sorry for the delay, life happens huh.

    Anyway, I don't see it here but i seem to recall someone asking what if I try to mount it at the same location as the backup is. I get an error that the location doesn't exist. The path that the most recent backup I setup is trying to mount to is:

    /run/xo-server/mounts/7f13127e-3167-4cc1-921a-6dd955984899
    

    However that path does not exist. I do not have /run/xo-server. My run directory looks like this:

    atd.pid         mdadm               rpc.statd.pid  tapback.36
    blktap-control  message-switch      samba          tapback.4
    boottime.stamp  mount               screen         tapback.5
    chrony          mpathalert.pid      sepermit       tapback.6
    chronyd.pid     mpathcount.sock     setrans        tapback.8
    console         multipathd          sm             tapback.master
    crond.pid       netreport           sm-notify.pid  tapback.pid
    cron.reboot     net-snmp            sr-mount       tmpfiles.d
    dbus            nonpersistent       sr-ref         udev
    faillock        openvswitch         sshd.pid       usb-scan.sock
    gssproxy.pid    openvswitch.booted  sudo           user
    gssproxy.sock   perfmon.pid         sysconfig      utmp
    initramfs       plymouth            syslogd.pid    xapi_init_complete.cookie
    iscsid.pid      portreserve         systemd        xapi.pid
    lldpad.pid      portreserve.pid     tapback.1      xapissl.pid
    lock            reboot-required.d   tapback.10     xapi_startup.cookie
    log             rpcbind             tapback.15     xen
    lvm             rpcbind.lock        tapback.18     xenstored
    mcelog-client   rpcbind.sock        tapback.2      xenstored.pid
    mcelog.pid      rpc.statd.lock      tapback.35     xtables.lock
    

    And yes, I built this from sources. The process went smooth with no anomalies. What's weird is I can mount this NFS as a normal datastore and create virtual disks on there without issue. I suspect this would address the permissions question. Does the Orchestra Backup feature use a different "user" than the rest of Orchestra? Did I maybe miss something in the build process?


  • XCP-ng Team

    Mounting might require some extra permissions, depending on your system configuration. So it's tricky to answer because this is your own system/environment.



  • I manually created the directory structure that the backup\remote store was trying to use and manually mounted the nfs to that. I verified that all the settings for the remote datastore matched. I can, in terminal, see the test data in the mountpoint. Running the backup with the NFS already mounted produces the same error.

    Command failed with exit code 32: mount -o vers=3 -t nfs 172.23.1.20:/VM /run/xo-server/mounts/7f13127e-3167-4cc1-921a-6dd955984899 mount.nfs: access denied by server while mounting 172.23.1.20:/VM
    

    Now I suspect if it needs to mount the store itself, it will fail if I already have it mounted to the location it wants to use. But what I don't get is, from a terminal, I can sucessfully run:

    sudo mount -t nfs -o vers=3 172.23.1.20:/VM /run/xo-server/mounts/7f13127e-3167-4cc1-921a-6dd955984899
    

    but it seems to me, this is what the backup is trying to run unsuccessfully. What am I missing here?



  • Is it the fact that I am running that with sudo in a terminal? Do I need to change something so Orchestra can do that without sudo?


  • XCP-ng Team



  • I'm stupid. I forget that Orchestra is not running on the xcp-ng server (which I wish it did btw). I think I need to add the Orchestra server to the NAS allow list. Ugh, i can't believe how much time I spent on this for such an obvious oversight.



  • Before I head down that path, does that make sense? Is it the case that when you mount an nfs storage pool, Orchestra triggers xcp-ng to mount that which is why I could mount and create virtual disks. Whereas the Backup Remote is mounted by the Orchestra server rather than directly from xcp-ng? Or is that not the case...or do i just need to RTFM here?



  • Just tested, that was it. It was a 10 second fix to something I spent hours on. Well if anyone comes across this and is able to mount NFS storage pools successfully but cannot mount Backup Remotes, check that the Orchestra server itself (not the xcp-ng server) is on your NFS host ACL.

    Thanks to everyone who took the time to read this and especially to those that responded.


Log in to reply
 

XCP-ng Pro Support

XCP-ng Pro Support