ehough · macpijan · Jan 31, 2019 · Jan 31, 2019 · Jan 31, 2019 · Jan 31, 2019
diff --git a/README.md b/README.md
@@ -39,7 +39,7 @@ This is the only containerized NFS server that offers **all** of the following f
    - `nfs`
    - `nfsd`
    - `rpcsec_gss_krb5` (*only if Kerberos is used*)
- 
+
    Usually you can enable these modules with: `modprobe {nfs,nfsd,rpcsec_gss_krb5}`
 1. The container will need to run with `CAP_SYS_ADMIN` (or `--privileged`). This is necessary as the server needs to mount several filesystems *inside* the container to support its operation, and performing mounts from inside a container is impossible without these capabilities.
 1. The container will need local access to the files you'd like to serve via NFS. You can use Docker volumes, bind mounts, files baked into a custom image, or virtually any other means of supplying files to a Docker container.
@@ -56,13 +56,13 @@ Starting the `erichough/nfs-server` image will launch an NFS server. You'll need
       --cap-add SYS_ADMIN                                 \
       -p 2049:2049                                        \
       erichough/nfs-server
-      
+
 Let's break that command down into its individual pieces to see what's required for a successful server startup.
 
 1. **Provide the files to be shared over NFS**
 
    As noted in the [requirements](#requirements), the container will need local access to the files you'd like to share over NFS. Some ideas for supplying these files:
-   
+
       * [bind mounts](https://docs.docker.com/storage/bind-mounts/) (`-v /host/path/to/shared/files:/some/container/path`)
       * [volumes](https://docs.docker.com/storage/volumes/) (`-v some_volume:/some/container/path`)
       * files [baked into](https://docs.docker.com/engine/reference/builder/#copy) custom image (e.g. in a `Dockerfile`: `COPY /host/files /some/container/path`)
@@ -79,7 +79,7 @@ Let's break that command down into its individual pieces to see what's required
             -v /host/path/to/exports.txt:/etc/exports:ro  \
             ...                                           \
             erichough/nfs-server
-         
+
    1. provide each line of `/etc/exports` as an environment variable
 
        The container will look for environment variables that start with `NFS_EXPORT_` and end with an integer. e.g. `NFS_EXPORT_0`, `NFS_EXPORT_1`, etc.
@@ -102,35 +102,36 @@ Let's break that command down into its individual pieces to see what's required
 1. **Use `--cap-add SYS_ADMIN` or `--privileged`**
 
    As noted in the [requirements](#requirements), the container will need additional privileges. So your `run` command will need *either*:
-   
+
        docker run --cap-add SYS_ADMIN ... erichough/nfs-server
-       
+
     or
-    
+
        docker run --privileged ... erichough/nfs-server
-       
+
     Not sure which to use? Go for `--cap-add SYS_ADMIN` as it's the lesser of two evils.
 
 1. **Expose the server ports**
 
+
    You'll need to open up at least one server port for your client connections. The ports listed in the examples below are the defaults used by this image and most can be [customized](doc/ports.md).
 
    * If your clients connect via **NFSv4 only**, you can get by with just TCP port `2049`:
-     
+
          docker run -p 2049:2049 ... erichough/nfs-server
-           
+
    * If you'd like to support **NFSv3**, you'll need to expose a lot more ports:
-   
+
          docker run                          \
            -p 2049:2049   -p 2049:2049/udp   \
            -p 111:111     -p 111:111/udp     \
            -p 32765:32765 -p 32765:32765/udp \
            -p 32767:32767 -p 32767:32767/udp \
            ...                               \
            erichough/nfs-server
-      
+
 If you pay close attention to each of the items in this section, the server should start quickly and be ready to accept your NFS clients.
-      
+
 ### Mounting filesystems from a client
 
     # mount <container-IP>:/some/export /some/local/path
@@ -140,13 +141,17 @@ If you pay close attention to each of the items in this section, the server shou
   * [Kerberos security](doc/feature/kerberos.md)
   * [NFSv4 user ID mapping](doc/feature/nfs4-user-id-mapping.md)
   * [AppArmor integration](doc/feature/apparmor.md)
-  
+
 ## Advanced
 
   * [customizing which ports are used](doc/advanced/ports.md)
   * [customizing NFS versions offered](doc/advanced/nfs-versions.md)
   * [performance tuning](doc/advanced/performance-tuning.md)
 
+## Examples
+
+  * [docker-compose](doc/examples/docker-compose.md)
+
 ## Help!
 
 Please [open an issue](https://github.com/ehough/docker-nfs-server/issues) if you have any questions, constructive criticism, or can't get something to work.

diff --git a/doc/examples/docker-compose.md b/doc/examples/docker-compose.md
@@ -0,0 +1,88 @@
+# docker-compose example
+
+## Introduction
+
+The example provided [docker-compose file](docker-compose.yml) allows for:
+* building the container,
+* running the container in `NFS v4` mode only (`NFS v3` is disabled) - see more
+  in the
+  [customize NFS versions](../advanced/nfs-versions.md#customize-nfs-versions-offered)
+
+Following stuff gets mounted into the container:
+
+* `nfs-export` directory:
+
+```
+nfs-export
+└── debian
+    ├── a
+    ├── b
+    ├── c
+    └── d
+```
+
+* `exports.txt` file:
+
+```
+/export         *(rw,fsid=0,no_subtree_check,sync)
+/export/debian  *(rw,nohide,insecure,no_subtree_check,sync)
+```
+
+## Build
+
+In order to build the container:
+
+```
+docker-compose build
+```
+
+## Run
+
+In order to run the container:
+
+```
+docker-compose up
+```
+
+## Test
+
+Check if we can mount the directory:
+
+```
+sudo mount LOCAL_IP:/ /mnt -v
+```
+
+In the command output we can inspect which `NFS` version was used:
+
+```
+mount.nfs: timeout set for Thu Jan 31 16:16:20 2019
+mount.nfs: trying text-based options 'vers=4.2,addr=LOCAL_IP,clientaddr=LOCAL_IP'
+```
+
+Inspect mounted directory content:
+
+```
+/mnt
+└── debian
+    ├── a
+    ├── b
+    ├── c
+    └── d
+```
+
+## Possible issues
+
+In case of the:
+
+```
+nfs-server    | ==================================================================
+nfs-server    |       STARTING SERVICES ...
+nfs-server    | ==================================================================
+nfs-server    | ----> mounting rpc_pipefs filesystem onto /var/lib/nfs/rpc_pipefs
+nfs-server    | mount: mounting rpc_pipefs on /var/lib/nfs/rpc_pipefs failed: Permission denied
+nfs-server    | ---->
+nfs-server    | ----> ERROR: unable to mount rpc_pipefs filesystem onto /var/lib/nfs/rpc_pipefs
+nfs-server    | ---->
+```
+
+Please refer to the [apparmor document](../feature/apparmor.md#apparmor).
diff --git a/doc/examples/docker-compose.yml b/doc/examples/docker-compose.yml
@@ -0,0 +1,19 @@
+version: '3'
+
+services:
+  nfs-server:
+    build:
+      context: ../../
+      dockerfile: Dockerfile
+    image: "erichough/nfs-server"
+    container_name: "nfs-server"
+    cap_add:
+      - SYS_ADMIN
+    ports:
+    - "2049:2049"
+    volumes:
+      - "$PWD/exports.txt:/etc/exports:ro"
+      - "$PWD/nfs-export:/export"
+    environment:
+      NFS_VERSION: 4.2
+      NFS_DISABLE_VERSION_3: 1