On Fri, Aug 21, 2020 at 02:41:34PM +0800, Yu Chuan wrote:
--- a/container/os-nfs/root/etc/exports +++ b/container/os-nfs/root/etc/exports @@ -1,6 +1,6 @@ /exports *(ro,async,fsid=0,crossmnt,no_subtree_check,no_root_squash) /exports/os *(ro,async,no_subtree_check,no_root_squash) -/exports/os-rw *(rw,async,no_subtree_check,no_root_squash) +/exports/os-rw *(rw,async,no_subtree_check,insecure,all_squash)
The patch only adds 'insecure' option. Why it'll make a difference?
I suppose it's good to add 'insecure'. How about adding to /exports/os too?
In first, i think this problem is caused by 'no_root_squash' and 'all_squash', but i've test these params this noon, they're all failed. It looks like even though we're mounting 'os-rw', but we're actually mounting 'os'
This is interesting. So the bind mount trick won't work for NFS?
Perhaps won't be a problem for CIFS. Let's use the latter when updating the OS?
Thanks, Fengguang
Here's the output:
[root@pxeserver yuchuan]# mount |grep rw- [root@pxeserver yuchuan]# mount -t nfs 172.168.131.2:/os-rw ./os-rw-mount-tmp/ [root@pxeserver yuchuan]# mount |grep rw- 172.168.131.2:/os on /root/yuchuan/os-rw-mount-tmp type nfs4 (rw,relatime,vers=4.2,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=172.168.131.5,local_lock=none,addr=172.168.131.2)So i doubt whether this way is feasible.
host docker nfs client ====== ============== =================== ------ /exports/os(ro) mount os for nfsroot / /srv/os -- \ ------ /exports/os-rw(rw) mount os-rw for write sth.
Thanks Yu Chuan