XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    NFS backup

    Scheduled Pinned Locked Moved Backup
    2 Posts 2 Posters 717 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      momofhlp
      last edited by

      Hello,

      I'm new to Zen Orchestra backup. I have setup NFS share on my Asustor NAS.
      When I tried to setp remote settings, I'm get this error below

      ommand failed with exit code 32: mount -o -t nfs x.x.x.x:7005:/zen vm backup /run/xo-server/mounts/7d3e7540-fca4-4bd5-aa90-5eaae93fd1a4
      mount.nfs: access denied by server while mounting x.x.x.x:7005:/zen vm backup.
      I gave zen orchestra user access to the NFS share.

      Any help would be appreciated

      R 1 Reply Last reply Reply Quote 0
      • R Offline
        ricky222 @momofhlp
        last edited by

        @momofhlp I suspect it is a UID/GID mapping or permissions problem.
        Mount the share manually no-root-squash. run a backup on that share. see what UID/GID xo expects you to use. Then set up an nfsshare for only that matching UID/GID and all should be good.
        it is easiest to set it up wrong security wise with NFSv3 but easiest to make it work. Once it works, go back and switch to nfs4.1. read and weep. https://www.truenas.com/community/threads/nfs-sys-security-option.86501/

        old nfs (v3) has little or no security. nfs4,1 has SYS for slightly better security. NFS4.2 + kerb5 has best security but a learning curve like:
        |
        |
        |
        |

        only much much steeper. a better nfs security solution is nfs via stunnel
        see:

        • https://www.linuxjournal.com/content/encrypting-nfsv4-stunnel-tls
        • https://bobcares.com/blog/nfsv4-encryption-with-stunnel-tls/
        • historical: https://www.stunnel.org/mailman3/hyperkitty/list/stunnel-users@stunnel.org/thread/7FVHLCPSDHL2S6KQ7DBN24HLPSX4SHWV/
        • other implementation details https://github.com/chadgeary/tls_nfs/tree/master/playbook
        • another imp. https://forge.puppet.com/modules/simp/nfs/readme

        I should turn this info into a package for xcp-ng.

        1 Reply Last reply Reply Quote 1

        Hello! It looks like you're interested in this conversation, but you don't have an account yet.

        Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

        With your input, this post could be even better 💗

        Register Login
        • First post
          Last post