Mount Denied

[ukchucktown]

I have tried for 2 days to get this to work. It constantly reports mount denied when trying to run the d4m-nfs.sh script. I was trying to mount /opt from my host which has group ownership of wheel but my user account is the owner. I finally gave up on that and just tried to mount my user directory but that didn't work either. It's likely in a bad state and I have no idea how to reset it. I tried deleting everything in /tmp, removed the /etc/exports file and tried to rerun the script, same result. Hopefully somebody has some suggestions. I attached all my relevant files.

Thanks,
Grant

d4m-nfs-mounts-etc.txt
d4m-nfs-mounts-tmp.txt
d4m-mount-nfs.sh.txt
exports.txt

[if-kenn]

@ukchucktown please also include the actual error message.

[ukchucktown]

Not much of an error, only mount denied.

ERROR: for applications Cannot start service applications: Mounts denied: r more info.

[if-kenn]

I cannot help without the context surrounding this error.

[if-kenn]

I realize that might be the exact error, but without more information of some sort there is literally nothing I can do.

[ukchucktown]

What more can I provide you? I'm more than willing to debug it.

[if-kenn]

Can you please provide any lines before it or after it? As I said, context.

[ukchucktown]

Here is all the output when I run the script...

C02QC02AG8WL:d4m-nfs grantlewis$ ./d4m-nfs.sh
[d4m-nfs] Copy the Moby VM APK Cache back.
[d4m-nfs] Create the script for Moby VM.
[d4m-nfs] Start and restop nfsd, for some reason restart is not as kind.
The nfsd service is already running.
[d4m-nfs] Wait until NFS is setup.
[d4m-nfs] Wait until D4M is running.
[d4m-nfs] Copy back the APK cache.

d4m-nfs

With the Docker for Mac's (D4M) current implementation of osxfs, depending on how read and write heavy containers are on mounted volumes, performance can be abismal.

d4m-nfs blantently steals from the way that DockerRoot/xhyve used NFS mounts to get around i/o performance issues. With this implementation D4M appears to even outperform DockerRoot/xhyve under a full Drupal stack (mariadb/redis/php-fpm/nginx/varnish/haproxy), including persistent MySQL databases.

The advantage of this over a file sync strategy is simpler, less overhead and not having to duplicate files.

In order to make use of NFS, you will want to run ./d4m-nfs.sh before bringing up your containers, please note this must be run via the bash shell and not the sh shell. You will either need to change your volume paths to use /mnt, or configure the mounts in etc/d4m-nfs-mounts.txt. Look at the example directory for docker or docker-compose simple examples and an example d4m-nfs-mounts.txt.

By default, if the script doesn't find any other volumes bound to /mnt in your etc/d4m-nfs-mounts.txt, it will mount your home directory (eg. /Users/username) on /mnt to be exposed for the container. If you'd like to disable this, you may set the environment variable AUTO_MOUNT_HOME to false.

Alpine Linux NFS packages are now cached so that d4m-nfs can be used when not online. In order for this to work, you must of run it once before while online.

You can now specify what mounts you want in the d4m-nfs-mounts.txt file. Note that if you do this, you need to make sure that it does not conflict with D4M settings, in other words if you want to have /Users be served by NFS instead of osxfs you will need to remove it from the D4M Preferences -> File Sharing. The /tmp share must stay since that is how d4m-nfs exchanges information with the D4M Moby VM.

This is the default file sharing:

Please make sure that /tmp is still shared:

Please note:

• To connect to the D4M moby linux VM use: screen -r d4m
• To disconnect from the D4M moby linux VM tty screen session use Ctrl-a d.
• To run d4m-nfs faster and/or offline, leave the files in d4m-apk-cache and the hello-world image.
• If you switch between D4M stable and beta, you might need to remove files in d4m-apk-cache and the hello-world image.

Opening Github Issues

Please keep in mind that everyone's environment is quite unique and this make helping people much harder. In that spirit when opening an issue, please provide the following:

1. Please ensure you have looked at the "examples" directory in the root of this site.
2. screenshot of Docker for Mac's Preferences -> File Sharing
3. attachment of d4m-nfs/etc/d4m-nfs-mounts.txt
4. attachment of /tmp/d4m-mount-nfs.sh
5. attachment of /tmp/d4m-nfs-mounts.txt
6. attachment of /etc/exports

Common Problem

It appears as though a number of people are blindly copying the mounts from the preference in Docker for Mac to d4m-nfs/etc/d4m-nfs-mounts.txt. In doing this they end up having a /Volumes, /private and /Users mounts. If you are getting an error similar to the following, you might of done this:

ERROR: for applications  Cannot start service applications: Mounts denied: r more info.

In all likelihood this is not what you want. The location /Volumes on a Mac is actually just a symlink to /, and it is never good to export a symlink. On top of that, with NFS, you can not export child directories which are on the same file system, and since both /Users and /private this could cause problems. You probably will need have to clean up your /etc/exports to remove all the lines from # d4m-nfs exports down.

Use Stable Docker for Mac channel

Currently d4m-nfs is known to work on the stable channel of 'Docker for Mac' both versions 1.12 and 1.13, we cannot guarantee how it will work on the beta channel of 'Docker for Mac'. Please use the stable channel of Docker for Mac https://docs.docker.com/docker-for-mac/

Integration with text editors

Sublime Text

If you use Sublime, please checkout the plugin by Yves to help with auto reloads on file changes - https://github.com/yvess/sublime_d4m

Atom

The easiest way to enable auto reloading is to install on-save package and set it up with this config:

[
  {
    "srcDir": ".",
    "files": "**/**",
    "command": "screen -S d4m -p 0 -X stuff \"touch \\\"`pwd`/${srcFile}\\\"\"\r"
  }
]

[if-kenn]

Are you talking the error example from the README?

[if-kenn]

The script appears to of fully run. You can run it with ./d4m-nfs.sh -q if you don't want the output of the README. We have it there since so many people have refused to read it.

[ukchucktown]

I logged into the Moby VM and I didn't see the mount.

[joesteele]

Something to check is, if you don't use ./etc/d4m-nfs-mounts.txt and you leave AUTO_MOUNT_HOME to its default value, the script mounts /Users/${USER} to /mnt, not to /Users/${USER} here.

So, if that's the case and you have .:/srv/myapp in your compose file, it will give you this error.

You can see an example of referencing /mnt in the compose file in the examples

[ukchucktown]

I am using ./etc/d4m-nfs-mounts.txt and trying to mount /Users/${USER} to /mnt, still no luck. I looked at the script and I can see what it's trying to do but not sure why it's failing to mount it. I'm not getting enough information when it errors out.

[ukchucktown]

I may go another route anyway b/c I kind of want a more permanent solution so I don't need to run the script every time. I just wanted to see if this would work. We are running an accumulo/hadoop/ stack for our development and it's a dog with osxfs. We need a faster solution.

[if-kenn]

@ukchucktown do note that this project is a stop gap until Docker for Mac can be improved. you might want to look at file system caching they have been working on:

https://blog.docker.com/2017/05/user-guided-caching-in-docker-for-mac/

[if-kenn]

If you would like me to look at this further please respond about if the error you were talking about was simple just the example error from the README. Also please include the output from going into Moby VM and issuing either mount or df -h.

[ukchucktown]

I was able to finally get it mounted. I hit a small snag. I'm running a docker stack provided by our vendor that includes Hadoop, yarn, elastic search, accumulo, rabbitmq and tomcat. I mounted the /opt folder as /opt:/opt:501:0 (501 is my UID on the host) in the d4m-nfs-mounts.txt file. On startup the infrastructure tries to create a datastore folder under a subdirectory of /opt. Everything starts if the directory structure already exists. If it does not exist I get an error stating the folder is not shared from the Docker File Sharing preferences. I'm wondering if it's some kind of permissions issue.

Output from mount command:
192.168.65.1:/Users/grantlewis on /mnt type nfs (rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.65.1,mountvers=3,mountproto=tcp,local_lock=all,addr=192.168.65.1)
192.168.65.1:/opt on /opt type nfs (rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.65.1,mountvers=3,mountproto=tcp,local_lock=all,addr=192.168.65.1)

Output of ls command:/ # ls -al
total 20
drwxrwxrwt 23 root root 500 May 8 12:19 .
drwxrwxrwt 23 root root 500 May 8 12:19 ..
-rw------- 1 root root 134 May 8 12:53 .ash_history
drwxrwxrwt 9 root root 440 May 8 12:13 Database
drwxr-xr-x 2 root root 1680 Mar 25 02:26 bin
drwxr-xr-x 4 root root 80 Mar 25 02:50 containers
drwxr-xr-x 11 root root 2840 May 8 12:13 dev
drwxrwxr-x 26 dockrema dockrema 1380 May 8 12:19 etc
drwxr-xr-x 3 root root 60 Mar 25 02:26 home
drwxr-xr-x 22 root root 748 May 8 12:13 host_docker_app
-rwxrwxr-x 1 root root 878 Mar 25 02:24 init
drwxr-xr-x 7 dockrema dockrema 760 May 8 12:19 lib
drwxr-xr-x 5 root root 100 Mar 25 02:26 media
drwxr-xr-x 26 501 dialout 884 May 8 12:08 mnt
drwxr-xr-x 3 501 cdrw 102 May 7 20:13 opt
drwxrwxrwx 1 docker docker 0 May 4 2006 port
dr-xr-xr-x 114 root root 0 May 8 12:13 proc
drwx------ 2 root root 40 Dec 26 21:32 root
drwxr-xr-x 10 root root 580 May 8 12:19 run
drwxrwxr-x 2 dockrema dockrema 2180 May 8 12:19 sbin
drwxr-xr-x 2 root root 40 Dec 26 21:32 srv
dr-xr-xr-x 13 root root 0 May 8 12:13 sys
drwxrwxrwt 38 root root 1292 May 8 12:19 tmp
drwxrwxr-x 9 dockrema dockrema 180 Mar 25 02:26 usr
drwxr-xr-x 10 root root 4096 May 7 20:15 var

[if-kenn]

@ukchucktown please keep in mind that since NFS is the underlying glue that is this project, that all rules of NFS must be followed, unlike Docker which creates the directory for you if it doesn't exist, NFS needs it to exist. Since NFS and Docker have no idea of the other, it is up to you to have to bootstrap.

The way in which I often bootstrap is start up a stack normally without using NFS, use docker cp to get what the containers of docker had made, and then use that copied directory to map it via a Docker volume.