|
|
| (14 intermediate revisions by 5 users not shown) |
| Line 1: |
Line 1: |
| − | Recent Linux kernels support an operation called 'bind mounting' which makes part of a mounted filesystem visible at some other mount point. See 'man mount' for more information.
| |
| − |
| |
| | Bind mounts can be used to make directories on the hardware node visible to the container. | | Bind mounts can be used to make directories on the hardware node visible to the container. |
| | | | |
| − | == Filesystem layout ==
| + | This is how you can make host system's <code>/mnt/disk</code> directory available to a container 777: |
| − | OpenVZ uses two directories. Assuming our container is numbered 777, these directories are:
| + | <source lang="bash"> |
| − | | + | CTID=777 |
| − | * <code>VE_PRIVATE</code>: $VZDIR/private/777
| |
| − | * <code>VE_ROOT</code>: $VZDIR/root/777
| |
| − | | |
| − | {{Note|<code>$VZDIR</code> is usually <code>/vz</code>, on Debian systems however this is <code>/var/lib/vz</code>. In this document this is further referred to as <code>$VZDIR</code> -- substitute it with what you have.}}
| |
| − | | |
| − | <code>VE_PRIVATE</code> is a place for all the container files. <code>VE_ROOT</code> is the mount point to which <code>VE_PRIVATE</code> is mounted during container start (or when you run <code>vzctl mount</code>
| |
| − | | |
| − | {{Warning|If you want to do a bind mount for container, you need to '''use <code>VE_ROOT</code>''' (not <code>VE_PRIVATE</code>!) and '''make sure that container is mounted''' (this can be checked using <code>vzctl status</code>).}}
| |
| − | | |
| − | == Manual mount example ==
| |
| − | | |
| − | On the HN we have a directory <code>/home</code> which we wish to make available (shared) to container 777.
| |
| − | | |
| − | The correct command to issue on the HN is:
| |
| − | | |
| − | mount --bind /home $VZDIR/root/777/home
| |
| − | | |
| − | The container must be started (or at least mounted) and the destination directory must exist. The container will see this directory mounted like this:
| |
| − | | |
| − | # df
| |
| − | Filesystem 1K-blocks Used Available Use% Mounted on
| |
| − | simfs 10485760 298728 10187032 3% /
| |
| − | ext3 117662052 104510764 7174408 94% /home
| |
| − | | |
| − | During the container stop vzctl unmounts that bind mount, so you have to mount it again when you start the container for the next time. Luckily there is a way to automate it.
| |
| − | | |
| − | == Make the mount persistent ==
| |
| − | | |
| − | Put a mount script in OpenVZ configuration directory (<code>/etc/vz/conf/</code>) with the name <code>''CTID''.mount</code> (where <code>''CTID''</code> is container ID, like 777). This script will be executed every time you run <code>vzctl mount</code> or <code>vzctl start</code> for a particular container. If you need to the same for all containers, use the global mount script named <code>vps.mount</code>.
| |
| − | | |
| − | From any mount script you can use the following environment variables:
| |
| − | * <code>${VEID}</code> -- container ID (like <code>777</code>).
| |
| − | * <code>${VE_CONFFILE}</code> -- container configuration file (like <code>/etc/vz/conf/777.conf</code>)
| |
| − | | |
| − | Now, in order to get the value of <code>VE_ROOT</code> you need to source both the global OpenVZ configuration file, and then the container configuration file, in that particular order. This is the same way vzctl uses to determine <code>VE_ROOT</code>.
| |
| − | | |
| − | | |
| − | === Mount script example === | |
| − | Here is an example of such a mount script (it can either be <code>/etc/vz/conf/vps.mount</code> or <code>/etc/vz/conf/''CTID''.mount</code>)
| |
| − | #!/bin/bash
| |
| − | source /etc/vz/vz.conf
| |
| − | source ${VE_CONFFILE}
| |
| − | mount -n --bind /mnt/disk ${VE_ROOT}/mnt/disk
| |
| − | | |
| − | After creating script please make it executable by issuing "chmod +x CTID.mount" at command line otherwise vm fails to start
| |
| − | | |
| − | === Unmount script example ===
| |
| − | For unmounting a filesystem, <code>/etc/vz/conf/vps.umount</code> or <code>/etc/vz/conf/''CTID''.umount</code> script can be used in the same way:
| |
| − | | |
| − | #!/bin/bash
| |
| − | source /etc/vz/vz.conf
| |
| − | source ${VE_CONFFILE}
| |
| − | umount ${VE_ROOT}/mnt/disk
| |
| − | | |
| − | {{Note|<code>''CTID''.umount</code> script is not strictly required, since vzctl tries to unmount everything on CT stop. But you'd better have it anyway.}}
| |
| − | | |
| − | umount scripts could cause trouble and errors on VM start and might not be required if using the -n option on mount. [http://forum.openvz.org/index.php?t=msg&goto=37800&&srch=using+-n+and+no+umount+script#msg_37800 read forum post]
| |
| − | | |
| − | When mounting whitout <code>-n</code> option, <code>umount</code> script become required, but display errors,
| |
| − | because of recursivity of umount procedure initiated before by libvzctl.
| |
| | | | |
| − | Even if no option <code>-n</code> was specified at mount, and no <code>umount</code> script was run,
| + | echo '#!/bin/bash |
| − | system file <code>/etc/mtab</code> could become wrong in the HN, causing trouble to commands like df.
| + | . /etc/vz/vz.conf |
| | + | . ${VE_CONFFILE} |
| | + | SRC=/mnt/disk |
| | + | DST=/mnt/disk |
| | + | if [ ! -e ${VE_ROOT}${DST} ]; then mkdir -p ${VE_ROOT}${DST}; fi |
| | + | mount -n -t simfs ${SRC} ${VE_ROOT}${DST} -o ${SRC} |
| | + | ' > /etc/vz/conf/${CTID}.mount |
| | | | |
| − | == Read-only bind mounts ==
| + | chmod +x /etc/vz/conf/${CTID}.mount |
| | + | </source> |
| | | | |
| − | Since Linux kernel 2.6.26, bind mounts can be made read-only. The trick is to first mount as usual, and then remount it read-only:
| + | If you want read-only mount, add <code>-r</code> option to mount command. |
| | | | |
| − | mount -n --bind /home $VZDIR/root/777/home
| + | {{Note|When specifying destination directory, always use /vz/root/ or ${VE_ROOT} env. variable <nowiki>(avoid using /vz/private)</nowiki>}} |
| − | mount -n --bind -oremount,ro $VZDIR/root/777/home
| + | {{Note|When binding directories from one container to another, make sure you have proper boot order (See [[Man/vzctl.8|BOOTORDER]] param.)}} |
| | | | |
| − | With some kernels you need to add the sourcedirectory also: mount -n --bind -oremount,ro '''/home''' $VZDIR/root/777/home
| |
| | | | |
| − | Sometimes it is usefull to have a folder read-only mounted in a VPS, but also be able to put files in that directory. If you want that, just create an other directory and simlink the read only files into that folder:
| + | '''Instruction above will not work on OpenVZ 7 until you run the script below to enable Bind mounts:''' |
| | | | |
| − | vzctl exec2 777 "mkdir /addfileshere && ln -s /home/* /addfileshere/"
| + | <source lang="bash"> |
| | + | cat <<'EOF' > /etc/vz/conf/vps.mount |
| | + | #!/bin/bash |
| | + | . ${VE_CONFFILE} |
| | + | VE_MOUNT=$(echo ${VE_CONFFILE} | sed 's/\.conf$/.mount/') |
| | + | [ -x ${VE_MOUNT} ] && . ${VE_MOUNT} |
| | + | exit 0 |
| | + | EOF |
| | | | |
| − | Now the /addfileshere folder is fully writable and it even feels like it is possible to delete files (but that are only the simlinks).
| + | chmod +x /etc/vz/conf/vps.mount |
| | + | </source> |
| | | | |
| | == See also == | | == See also == |
| | + | * {{Man|vzctl|8}} (ACTION SCRIPTS section) |
| | * [[NFS]] | | * [[NFS]] |
| | * [[FUSE]] | | * [[FUSE]] |
