XO Remote mount.nfs: access denied by server while mounting
-
@Danp said in XO Remote mount.nfs: access denied by server while mounting:
@daninmanchester said in XO Remote mount.nfs: access denied by server while mounting:
"stderr": "mount.nfs: access denied by server while mounting 192.168.11.60:/Backups",
Would appear to be a rights issue to me.
@tjkreidl verified they can be seen :
Export list for 192.168.11.60:
/export/Backups 192.168.11.0/24
/export/Everyone 192.168.11.0/24
/export 192.168.11.0/24do you need to add "/export" (/export/Backups ) to be able to find the right path?
-
@HeMaN Yes, if I recall correctly, in the /etc/exports file. the full path should be specified and then "exportfs -a" should be issued to refresh the export list.
I just noticed your error message doesn't include the /export directory in front:
mount.nfs: access denied by server while mounting 192.168.11.60:/Backups -
@Danp no, I hadn't seen that. but I think I have now done this without any change to my issue. One thing that wasn't 100% clear is where sudoers should be on docker.
/etc/sudoers?
-
@tjkreidl I have tried various flavors.
-
Well .... I'm totally baffled.
I've tried reapplying permissions.
forcing the server UID/GID
forcing the client UID/GID.
NOACLs
Squashing.One thing I can say, is that it is working on my host so it must be something about my XO setup trying to talk to it. which may well still be permissions.
-
okay, so I further narrowed it down. on the host machine I can mount. it is only within the docker container it is the issue. either at the command line or at XO. This leads me to believe this is a docker related problem not XO.
Sorry to have taken up your time, but thanks very much for your help!
At least i have a clear direction to google now. -
What is the IP address of the host that is running XO?
The docker container will need the SYS_ADMIN capability to do NFS mounts.
-
@daninmanchester I would think Docker is involved, as well. I was going to suggest to create a "standard" test VM ans see if you can connect storage to it. If so, that would put the blame on something specific to the VM that has that Docker container.
-
@mjtbrady That seems right, because the Docker instanceis independent and internal to the VM that otherwise is part of the XCP-ng networking structure and wouldn't have the necessary access permissions on it's own.
-
Could this be due to a missing package (nfs-common)?
-
I setup another VM as someone suggested and the NFS share mounted and worked. So there is something I am not understanding about docker permissions / requirements.
In the end, following a permissions reset and forcing the NFS share to squash and use my user/group ID I think I have progress. I can see it is writing to the NFS share.
Then I got : EEXIST: file already exists, open '/run/xo-server/mounts/6299d107-2aa2-41bf-bfd7-2f487ff5422f/xo-vm-backups/801e2b10-5c7d-b7af-ad5e-fbcc83e47d5b/.20220930T221548Z.xva'
A quick google led me to this being related to nfs 3. I switched to NFS 4 then I got path not found.
Not sure why, but I tried removing "export" from the path and it worked.
It does appear now to be running a backup job .... fingers crossed.
What a mine field!
Thanks for all the pointers.
-
@daninmanchester Yes, a mine field is about right. Super good ou have made so much progress!
-
Now you understand why we sell/distribute XO in a virtual appliance we can test
-
@olivierlambert I think the intricacies of NFS, my seemingly borked NFS permissions were likely the real issue. I rarely have real problems with XO. I tried proxmox but didn't get on with it so switched back.
I'm just a home / homelab user, but always impressed with the community around XCP-NG too and have learnt a huge amount from Lawrence Systems.
Anyway this morning I have a successful backup completed :
Thanks again.
-
Great news! Enjoy
-
@daninmanchester Thanks so much - this is the exact same problem I had, which was further complicated by running XO in Docker running on the OMV host exporting the NFS shares.
So basically you just built a small XO VM instead of running it in Docker? I had originally been thinking of making a small VM to run XO in a container there - just because Docker containers are super easy to keep updated and I could run some other orchestration-y stuff there too, like Rancher - but if you're saying that's a non-starter I'll just bite the bullet and build a tiny VM dedicated to XO and be very grateful to you for having saved me a lot of frustration.