Difference between revisions of "Bind mounts"

From OpenVZ Virtuozzo Containers Wiki
Jump to: navigation, search
(created (taken from Mounting filesystems)
 
m (Better wording to clarify that the additional script is not a replacement for the one above, but rather needs to be run first.)
 
(40 intermediate revisions by 17 users not shown)
Line 1: Line 1:
Recent Linux kernels support an operation called 'bind mounting' which makes part of a mounted filesystem visible at some other mount point. See 'man bind' for more information.
 
 
 
Bind mounts can be used to make directories on the hardware node visible to the container.
 
Bind mounts can be used to make directories on the hardware node visible to the container.
  
OpenVZ uses two directories. Assuming our container is numbered 777, these directories are:
+
This is how you can make host system's <code>/mnt/disk</code> directory available to a container 777:
 +
<source lang="bash">
 +
CTID=777
  
$VZROOT/private/777
+
echo '#!/bin/bash
$VZROOT/root/777
+
. /etc/vz/vz.conf
 +
. ${VE_CONFFILE}
 +
SRC=/mnt/disk
 +
DST=/mnt/disk
 +
if [ ! -e ${VE_ROOT}${DST} ]; then mkdir -p ${VE_ROOT}${DST}; fi
 +
mount -n -t simfs ${SRC} ${VE_ROOT}${DST} -o ${SRC}
 +
' > /etc/vz/conf/${CTID}.mount
  
{{Note|<code>$VZROOT</code> is usually <code>/vz</code>, on Debian systems however this is <code>/var/lib/vz</code>. In this document this is further referred to as <code>$VZROOT</code> -- substitute it with what you have.}}
+
chmod +x /etc/vz/conf/${CTID}.mount
 +
</source>
  
The $VZROOT/private directory contains root directory contents. This directory or subdirectory may be symlinked onto a different file system, for example:
+
If you want read-only mount, add <code>-r</code> option to mount command.
  
  $VZROOT/private -> /mnt/openvz
+
{{Note|When specifying destination directory, always use /vz/root/ or ${VE_ROOT} env. variable <nowiki>(avoid using /vz/private)</nowiki>}}
 +
{{Note|When binding directories from one container to another, make sure you have proper boot order (See [[Man/vzctl.8|BOOTORDER]] param.)}}
  
Putting container root directories onto a separate file system (not the hardware node root file system) is good storage management practice. It protects the Hardware Node root file system from being filled up by a container; this could cause problems on the Hardware Node.
 
  
== Requirement ==
+
'''Instruction above will not work on OpenVZ 7 until you run the script below to enable Bind mounts:'''
  
'''On the HN we have a directory <code>/home</code> which we wish to make available (shared) to all containers.'''
+
<source lang="bash">
 +
cat <<'EOF' > /etc/vz/conf/vps.mount
 +
#!/bin/bash
 +
. ${VE_CONFFILE}
 +
VE_MOUNT=$(echo ${VE_CONFFILE} | sed 's/\.conf$/.mount/')
 +
[ -x ${VE_MOUNT} ] && . ${VE_MOUNT}
 +
exit 0
 +
EOF
  
You would think that you could bind mount this directory, as in: <code>mount --bind /home $VZROOT/private/777/home</code> but this does not work — the contents of <code>/home</code> cannot be seen within the container.
+
chmod +x /etc/vz/conf/vps.mount
 
+
</source>
This is where the second directory listed above (<code>$VZROOT/root/777</code>) is used. If a container is not started, this directory is empty. But after starting a container, this directory contains what the container sees as its mounted file systems.
 
 
 
The correct command to issue on the HN is:
 
 
 
  mount --bind /home $VZROOT/root/777/home
 
 
 
The container must be started and the destination directory must exist. The container will see this directory mounted like this:
 
 
 
# df
 
Filesystem          1K-blocks      Used Available Use% Mounted on
 
simfs                10485760    298728  10187032  3% /
 
tmpfs                  484712        0    484712  0% /lib/init/rw
 
tmpfs                  484712        0    484712  0% /dev/shm
 
ext3                117662052 104510764  7174408  94% /home
 
 
 
== Read-only bind mounts ==
 
 
 
Since Linux kernel 2.6.26, bind mounts can be made read-only. The trick is to first mount as usual, and then do remount (i.e. mount with <code>-o remount,ro</code> flags).
 
  
 
== See also ==
 
== See also ==
 +
* {{Man|vzctl|8}} (ACTION SCRIPTS section)
 
* [[NFS]]
 
* [[NFS]]
 
* [[FUSE]]
 
* [[FUSE]]
 
* [[Mounting filesystems]]
 
* [[Mounting filesystems]]
 +
 +
[[Category:HOWTO]]

Latest revision as of 13:17, 20 November 2017

Bind mounts can be used to make directories on the hardware node visible to the container.

This is how you can make host system's /mnt/disk directory available to a container 777:

CTID=777

echo '#!/bin/bash
. /etc/vz/vz.conf
. ${VE_CONFFILE}
SRC=/mnt/disk
DST=/mnt/disk
if [ ! -e ${VE_ROOT}${DST} ]; then mkdir -p ${VE_ROOT}${DST}; fi
mount -n -t simfs ${SRC} ${VE_ROOT}${DST} -o ${SRC}
' > /etc/vz/conf/${CTID}.mount

chmod +x /etc/vz/conf/${CTID}.mount

If you want read-only mount, add -r option to mount command.

Yellowpin.svg Note: When specifying destination directory, always use /vz/root/ or ${VE_ROOT} env. variable (avoid using /vz/private)
Yellowpin.svg Note: When binding directories from one container to another, make sure you have proper boot order (See BOOTORDER param.)


Instruction above will not work on OpenVZ 7 until you run the script below to enable Bind mounts:

cat <<'EOF' > /etc/vz/conf/vps.mount
#!/bin/bash
. ${VE_CONFFILE}
VE_MOUNT=$(echo ${VE_CONFFILE} | sed 's/\.conf$/.mount/')
[ -x ${VE_MOUNT} ] && . ${VE_MOUNT}
exit 0
EOF

chmod +x /etc/vz/conf/vps.mount

See also[edit]