Open main menu

OpenVZ Virtuozzo Containers Wiki β

Changes

Bind mounts

1,609 bytes added, 10:36, 28 May 2009
Major facelifting; some contents is moved from Mounting filesystems (thanks to User:Chronos)
Bind mounts can be used to make directories on the hardware node visible to the container.
== Filesystem layout ==
OpenVZ uses two directories. Assuming our container is numbered 777, these directories are:
* <code>VE_PRIVATE</code>: ($VZROOTVZDIR/private/777 * <code>VE_ROOT</code>: $VZROOTVZDIR/root/777
{{Note|<code>$VZROOTVZDIR</code> is usually <code>/vz</code>, on Debian systems however this is <code>/var/lib/vz</code>. In this document this is further referred to as <code>$VZROOT</code> -- substitute it with what you have.}}
The $VZROOT<code>VE_PRIVATE</private directory contains root directory contentscode> is a place for all the container files. This directory <code>VE_ROOT</code> is the mount point to which <code>VE_PRIVATE</code> is mounted during container start (or subdirectory may be symlinked onto a different file system, for example:when you run <code>vzctl mount</code>
$VZROOT{{Warning|If you want to do a bind mount for container, you need to '''use <code>VE_ROOT</private -code> ''' (not <code>VE_PRIVATE</mntcode>!) and '''make sure that container is mounted''' (this can be checked using <code>vzctl status</openvzcode>).}}
== Requirement Manual mount example ==
'''On the HN we have a directory <code>/home</code> which we wish to make available (shared) to all containers.''' You would think that you could bind mount this directory, as in: <code>mount --bind /home $VZROOT/private/777/home</code> but this does not work — the contents of <code>/home</code> cannot be seen within the container. This is where the second directory listed above (<code>$VZROOT/root/777</code>) is used. If a container is not started, this directory is empty. But after starting a container, this directory contains what the container sees as its mounted file systems.
The correct command to issue on the HN is:
mount --bind /home $VZROOTVZDIR/root/777/home
The container must be started (or at least mounted) and the destination directory must exist. The container will see this directory mounted like this:
# df
Filesystem 1K-blocks Used Available Use% Mounted on
simfs 10485760 298728 10187032 3% /
tmpfs 484712 0 484712 0% /lib/init/rw
tmpfs 484712 0 484712 0% /dev/shm
ext3 117662052 104510764 7174408 94% /home
 
During the container stop vzctl unmounts that bind mount, so you have to mount it again when you start the container for the next time. Luckily there is a way to automate it.
 
== Make the mount persistent ==
 
Put a mount script in OpenVZ configuration directory (<code>/etc/vz/conf/</code>) with the name <code>''CTID''.mount</code> (where <code>''CTID''</code> is container ID, like 777). This script will be executed every time you run <code>vzctl mount</code> or <code>vzctl start</code> for a particular container. If you need to to the same for all containers, use the global mount script named <code>vps.mount</code>.
 
From any mount script you can use the following environment variables:
* <code>${VEID}</code> -- container ID (like <code>777</code>).
* <code>${VE_CONFFILE}</code> -- container configuration file (like <code>/etc/vz/conf/777.conf</code>)
 
Now, in order to get the value of <code>VE_ROOT</code> you need to source both the global OpenVZ configuration file, and then the container configuration file, in that particular order. This is the same way vzctl uses to determine <code>VE_ROOT</code>.
 
 
=== Mount script example ===
Here is an example of such a mount script (it can either be <code>/etc/vz/conf/vps.mount</code> or <code>/etc/vz/conf/''CTID''.mount</code>)
#!/bin/bash
source /etc/vz/vz.conf
source ${VE_CONFFILE}
mount --bind /mnt/disk ${VE_ROOT}/mnt/disk
 
 
=== Unmount script example ===
For unmounting a filesystem, <code>/etc/vz/conf/vps.umount</code> or <code>/etc/vz/conf/''CTID''.umount</code> script can be used in the same way:
 
#!/bin/bash
source /etc/vz/vz.conf
source ${VE_CONFFILE}
umount ${VE_ROOT}/mnt/disk
 
{{Note|<code>''CTID''.umount</code> script is not strictly required, since vzctl tries to unmount everything on CT stop. But you'd better have it anyway.}}
== Read-only bind mounts ==
Since Linux kernel 2.6.26, bind mounts can be made read-only. The trick is to first mount as usual, and then do remount (i.e. it read-only:  mount with <code>-o remount-bind /home $VZDIR/root/777/home mount --bind -oremount,ro<$VZDIR/root/777/code> flags).home
== See also ==