Editing Bind mounts

Jump to: navigation, search

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision Your text
Line 1: Line 1:
 +
Recent Linux kernels support an operation called 'bind mounting' which makes part of a mounted filesystem visible at some other mount point. See 'man mount' for more information.
 +
 
Bind mounts can be used to make directories on the hardware node visible to the container.
 
Bind mounts can be used to make directories on the hardware node visible to the container.
  
This is how you can make host system's <code>/mnt/disk</code> directory available to a container 777:
+
== Filesystem layout ==
<source lang="bash">
+
OpenVZ uses two directories. Assuming our container is numbered 777, these directories are:
CTID=777
+
 
 +
* <code>VE_PRIVATE</code>: $VZDIR/private/777
 +
* <code>VE_ROOT</code>: $VZDIR/root/777
 +
 
 +
{{Note|<code>$VZDIR</code> is usually <code>/vz</code>, on Debian systems however this is <code>/var/lib/vz</code>. In this document this is further referred to as <code>$VZDIR</code> -- substitute it with what you have.}}
 +
 
 +
<code>VE_PRIVATE</code> is a place for all the container files. <code>VE_ROOT</code> is the mount point to which <code>VE_PRIVATE</code> is mounted during container start (or when you run <code>vzctl mount</code>
 +
 
 +
{{Warning|If you want to do a bind mount for container, you need to '''use <code>VE_ROOT</code>''' (not <code>VE_PRIVATE</code>!) and '''make sure that container is mounted''' (this can be checked using <code>vzctl status</code>).}}
 +
 
 +
== Manual mount example ==
 +
 
 +
On the HN we have a directory <code>/home</code> which we wish to make available (shared) to container 777.
 +
 
 +
The correct command to issue on the HN is:
 +
 
 +
  mount --bind /home $VZDIR/root/777/home
 +
 
 +
The container must be started (or at least mounted) and the destination directory must exist. The container will see this directory mounted like this:
 +
 
 +
# df
 +
Filesystem          1K-blocks      Used Available Use% Mounted on
 +
simfs                10485760    298728  10187032  3% /
 +
ext3                117662052 104510764  7174408  94% /home
 +
 
 +
During the container stop vzctl unmounts that bind mount, so you have to mount it again when you start the container for the next time. Luckily there is a way to automate it.
 +
 
 +
== Make the mount persistent ==
 +
 
 +
Put a mount script in OpenVZ configuration directory (<code>/etc/vz/conf/</code>) with the name <code>''CTID''.mount</code> (where <code>''CTID''</code> is container ID, like 777). This script will be executed every time you run <code>vzctl mount</code> or <code>vzctl start</code> for a particular container. If you need to the same for all containers, use the global mount script named <code>vps.mount</code>.
 +
 
 +
From any mount script you can use the following environment variables:
 +
* <code>${VEID}</code> -- container ID (like <code>777</code>).
 +
* <code>${VE_CONFFILE}</code> -- container configuration file (like <code>/etc/vz/conf/777.conf</code>)
 +
 
 +
Now, in order to get the value of <code>VE_ROOT</code> you need to source both the global OpenVZ configuration file, and then the container configuration file, in that particular order. This is the same way vzctl uses to determine <code>VE_ROOT</code>.
 +
 
 +
 
 +
=== Mount script example ===
 +
Here is an example of such a mount script (it can either be <code>/etc/vz/conf/vps.mount</code> or <code>/etc/vz/conf/''CTID''.mount</code>)
 +
#!/bin/bash
 +
source /etc/vz/vz.conf
 +
source ${VE_CONFFILE}
 +
mount -n --bind /mnt/disk ${VE_ROOT}/mnt/disk
 +
 
 +
After creating script please make it executable by issuing "chmod +x CTID.mount" at command line otherwise vm fails to start
 +
 
 +
=== Unmount script example ===
 +
For unmounting a filesystem, <code>/etc/vz/conf/vps.umount</code> or <code>/etc/vz/conf/''CTID''.umount</code> script can be used in the same way:
 +
 
 +
#!/bin/bash
 +
source /etc/vz/vz.conf
 +
source ${VE_CONFFILE}
 +
umount ${VE_ROOT}/mnt/disk
 +
 
 +
{{Note|<code>''CTID''.umount</code> script is not strictly required, since vzctl tries to unmount everything on CT stop. But you'd better have it anyway.}}
  
echo '#!/bin/bash
+
umount scripts could cause trouble and errors on VM start and might not be required if using the -n option on mount. [http://forum.openvz.org/index.php?t=msg&goto=37800&&srch=using+-n+and+no+umount+script#msg_37800 read forum post]
. /etc/vz/vz.conf
 
. ${VE_CONFFILE}
 
SRC=/mnt/disk
 
DST=/mnt/disk
 
if [ ! -e ${VE_ROOT}${DST} ]; then mkdir -p ${VE_ROOT}${DST}; fi
 
mount -n -t simfs ${SRC} ${VE_ROOT}${DST} -o ${SRC}
 
' > /etc/vz/conf/${CTID}.mount
 
  
chmod +x /etc/vz/conf/${CTID}.mount
+
== Read-only bind mounts ==
</source>
 
  
If you want read-only mount, add <code>-r</code> option to mount command.
+
Since Linux kernel 2.6.26, bind mounts can be made read-only. The trick is to first mount as usual, and then remount it read-only:
  
{{Note|When specifying destination directory, always use /vz/root/ or ${VE_ROOT} env. variable <nowiki>(avoid using /vz/private)</nowiki>}}
+
mount -n --bind /home $VZDIR/root/777/home
{{Note|When binding directories from one container to another, make sure you have proper boot order (See [[Man/vzctl.8|BOOTORDER]] param.)}}
+
mount -n --bind -oremount,ro $VZDIR/root/777/home
  
 +
With some kernels you need to add the sourcedirectory also: mount -n --bind -oremount,ro '''/home''' $VZDIR/root/777/home
  
'''Instruction above will not work on OpenVZ 7 until you run the script below to enable Bind mounts:'''
+
Sometimes it is usefull to have a folder read-only mounted in a VPS, but also be able to put files in that directory. If you want that, just create an other directory and simlink the read only files into that folder:
  
<source lang="bash">
+
vzctl exec2 777 "mkdir /addfileshere && ln -s /home/* /addfileshere/"
cat <<'EOF' > /etc/vz/conf/vps.mount
 
#!/bin/bash
 
. ${VE_CONFFILE}
 
VE_MOUNT=$(echo ${VE_CONFFILE} | sed 's/\.conf$/.mount/')
 
[ -x ${VE_MOUNT} ] && . ${VE_MOUNT}
 
exit 0
 
EOF
 
  
chmod +x /etc/vz/conf/vps.mount
+
Now the /addfileshere folder is fully writable and it even feels like it is possible to delete files (but that are only the simlinks).
</source>
 
  
 
== See also ==
 
== See also ==
* {{Man|vzctl|8}} (ACTION SCRIPTS section)
 
 
* [[NFS]]
 
* [[NFS]]
 
* [[FUSE]]
 
* [[FUSE]]

Please note that all contributions to OpenVZ Virtuozzo Containers Wiki may be edited, altered, or removed by other contributors. If you don't want your writing to be edited mercilessly, then don't submit it here.
 If you are going to add external links to an article, read the External links policy first!

To edit this page, please answer the question that appears below (more info):

Cancel Editing help (opens in new window)

Templates used on this page:

Retrieved from "https://wiki.openvz.org/Bind_mounts"