FreeNAS-11.2-RC2 + official RancherOS-VM - persistent storage for docker

Status
Not open for further replies.

m3079009

Cadet
Joined
Nov 24, 2018
Messages
2
Hello together,

I installed FreeNAS for the first time and never used it before.
I also installed the official RancherOS-VM to be able to use Docker.
To get persistent storage in the docker containers, I created some datasets, smb-shares, users and groups on FreeNAS.

My System: Tower with Fujitsu serverboard, Pentium G4560, 8GB DDR4 ECC-RAM, 1xNVMe SSD for RancherOS, 2x4TB for storrage, 1xsata SSD for FreeNAS.

My problem is, that the docker-container clients could not get full access to the shares.:confused:
It is confusing, because I am able to create files and folders on the shares, when I am logged in to the docker-containers via shell.
But still the containers have problems when they try to build some special files or make symlinks or other stuff.
Specially the java stuff in Jdownloader and database stuff in OpenVPN container is not working.

Also confusing - I got a let´s encrypt container working quite well. I got my certificates an there are no Problems.

When I don´t add smb-volumes to the containers (no persistent storage) everything works fine.
But if I share volumes the following way, the containers are not working:
FreeNAS ->->-> SMB ->->-> RancherOS (virtual machine) ->->->"[/path/on/host]:[/path/in/container]"->->-> Container

So I think it has something to do with the (?ACL?)permissions. But I don´t have a clue how to fix it.
I´m really a FreeNAS&docker-novice, so please don´t lambast me :D


That was the way I tried to get the stuff working:

I created Datasets on root - like this and created users and groups for each dataset:
Code:
root@freenas[/mnt/Seagate_Ironwolf_2x4TB]# ls -l
total 44
drwxrwxr-x+ 3 tower_ad     users        5 Dec  2 23:44 Dokumente
drwxr-xr-x  3 root         wheel        4 Nov 24 19:30 iocage
drwxrwx---  4 jdownloader  jDownloader  4 Dec 10 01:09 jdownloader_docker
drwxr-xr-x  2 root         wheel        3 Nov 24 18:09 music
drwxrwx---+ 3 openVPN      openVPN      3 Dec 10 00:59 openvpn
drwxrwxr-x+ 4 root         wheel        7 Dec  1 22:58 photo
drwxrwxr-x+ 5 rancher      rancher      6 Dec 10 00:51 rancher_OS
drwxr-xr-x  2 root         wheel        3 Nov 24 18:10 video


ACL Types etc I did like this:
acl.PNG


SMB-Shares were configured like this:
share.PNG

I mounted SMB-shares in the Rancher VM and added them as volumes in the containers:
Code:
mounts:
- - //10.10.10.10/rancher_OS
  - /media/rancher_OS
  - cifs
  - username=rancher,password=*******,iocharset=utf8,_netdev
- - //10.10.10.10/rancher_OS/openVPN
  - /media/openVPN
  - cifs
  - username=openVPN,password=*******,iocharset=utf8,_netdev
- - //10.10.10.10/rancher_OS/jdownloader
  - /media/jdownloader
  - cifs
  - username=jdownloader,password=*******,iocharset=utf8,_netdev


on the RancherOS it looks good:
Code:
rancher@rancher:/$ df -h
Filesystem                 Size  Used Avail Use% Mounted on
overlay                     29G  6.9G   21G  26% /
devtmpfs                   965M     0  965M   0% /dev
tmpfs                      999M     0  999M   0% /sys/fs/cgroup
none                       999M  1.4M  997M   1% /run
/dev/sda1                   29G  6.9G   21G  26% /opt
shm                         64M     0   64M   0% /dev/shm
//10.10.10.10/rancher_OS   3.5T   14G  3.5T   1% /media/rancher_OS
//10.10.10.10/openvpn      3.5T   88K  3.5T   1% /media/openVPN
//10.10.10.10/jdownloader  3.5T   88K  3.5T   1% /media/jdownloader


Within the jdownloader container it looks also good..... :
Code:
root@2eb19a7a6009:/# df -h
Filesystem                 Size  Used Avail Use% Mounted on
overlay                     29G  6.9G   21G  26% /
tmpfs                       64M     0   64M   0% /dev
tmpfs                      999M     0  999M   0% /sys/fs/cgroup
//10.10.10.10/jdownloader  3.5T   88K  3.5T   1% /downloads
/dev/sda1                   29G  6.9G   21G  26% /.r
shm                         64M     0   64M   0% /dev/shm
tmpfs                      999M     0  999M   0% /proc/scsi
tmpfs                      999M     0  999M   0% /sys/firmware

Has anybody an idea how I could fix this stuff? Otherwise I have to switch to normal VM´s or jails because I´m running out of time.
But I really would like to be able to get the docker stuff running.

Thank you in advance.:)
 

Attachments

  • acl.PNG
    acl.PNG
    19.7 KB · Views: 557

sretalla

Powered by Neutrality
Moderator
Joined
Jan 1, 2016
Messages
9,702
You're setting 774 permissions, so when the userID doesn't match, there's no access.

You should be able to sudo chown the directories in the container to the user that is running the services.

(or you could just tick all the boxes ...777)
 
Status
Not open for further replies.
Top