Difference between revisions of "NFS server inside container"
m (NFS server inside VE moved to NFS server inside container: VE->container) |
Botinki Kira (talk | contribs) m (Robot: Automated text replacement (-VE +container)) |
||
| Line 2: | Line 2: | ||
use a user-space NFS server daemon or use an in-kernel implementation | use a user-space NFS server daemon or use an in-kernel implementation | ||
of NFS server. Some peculiarities appear if you intend to run NFS server | of NFS server. Some peculiarities appear if you intend to run NFS server | ||
| − | in [[ | + | in [[container]]. |
| − | {{Note|for information about NFS client inside | + | {{Note|for information about NFS client inside container, see [[NFS]].}} |
== Kernel NFS server == | == Kernel NFS server == | ||
| Line 12: | Line 12: | ||
to use NFS server on [[HN]]. | to use NFS server on [[HN]]. | ||
In-kernel NFS server runs kernel threads to service requests of clients. | In-kernel NFS server runs kernel threads to service requests of clients. | ||
| − | But for security reasons kernel threads are prohibited in [[ | + | But for security reasons kernel threads are prohibited in [[container]]s! So you won't |
| − | be able to run NFS server inside [[ | + | be able to run NFS server inside [[container]] without patching the kernel. |
== User-space NFS server == | == User-space NFS server == | ||
| Line 31: | Line 31: | ||
The reason is that these daemons check the major number of the device where the directory to export resides. | The reason is that these daemons check the major number of the device where the directory to export resides. | ||
If major equals 0 then daemons assume that it is NFS and don't want to re-export it. Symptoms are | If major equals 0 then daemons assume that it is NFS and don't want to re-export it. Symptoms are | ||
| − | that clients will always get a "permission denied" error. Simfs (the file system on which | + | that clients will always get a "permission denied" error. Simfs (the file system on which container is located) |
is associated with so called unnamed device, in which major equals 0. So, to prevent daemons from checking for | is associated with so called unnamed device, in which major equals 0. So, to prevent daemons from checking for | ||
re-exporting — just use this <code>-r</code> option. | re-exporting — just use this <code>-r</code> option. | ||
Revision as of 12:08, 11 March 2008
There are two ways to setup NFS server on common HN: use a user-space NFS server daemon or use an in-kernel implementation of NFS server. Some peculiarities appear if you intend to run NFS server in container.
|
Note: for information about NFS client inside container, see NFS. |
Kernel NFS server
Binary RPMs that are provided by OpenVZ community contain kernels compiled
without NFS server support. Thus you have to
recompile the kernel with CONFIG_NFSD=m. After booting in this kernel you'll be able
to use NFS server on HN.
In-kernel NFS server runs kernel threads to service requests of clients.
But for security reasons kernel threads are prohibited in containers! So you won't
be able to run NFS server inside container without patching the kernel.
User-space NFS server
Advantage of user-space NFS server is that it does not require kernel support. Also if it crashes — there is no crash of the system: just one process dies, not the kernel! The disadvantage of user-space NFS server is its productivity: no one can be faster than in-kernel implementation.
One well-known implementation of NFS server is "The LINUX User-Space NFS Server" by Olaf Kirch.
Some Linux distributions contain this package: Debian Sarge (nfs-user-server), OpenSUSE 10.0 (nfs-server).
For other distributions you can download sources (for example from Debian repository) and compile it.
There is a small trick you have to know about running mountd and nfsd (these two daemons and portmap constitute a user-space server). You should run them with the -r option:
# portmap # rpc.mountd -r # rpc.nfsd -r
The reason is that these daemons check the major number of the device where the directory to export resides.
If major equals 0 then daemons assume that it is NFS and don't want to re-export it. Symptoms are
that clients will always get a "permission denied" error. Simfs (the file system on which container is located)
is associated with so called unnamed device, in which major equals 0. So, to prevent daemons from checking for
re-exporting — just use this -r option.
“The LINUX User-Space NFS Server” by Olaf Kirch implements NFSv2. It means that only files with sizes less than 2GB are processed. If you intend to use such big files then you should use another user-space NFS server implementation: unfs3. It implements v3 of NFS protocol standard.
Please note that the user-space NFS server does not provide locking, or at least I couldn't get locking to work - Elronxenu 19:49, 15 November 2007 (EST)
