Outils pour utilisateurs

Outils du site


NFS & LXC

Problème résolu, cette page sert juste à référencer la galère, les codes d'erreur, etc. Voir la page «NFS» pour des solutions.


~OBSOLETE~

https://wiki.debian.org/NFSServerSetup : ça a l'air un peu vieux, le paquet “portmap” n'existe plus. On s'en passe.

Problèmes variés signalés par SystemD lors du démarrage du serveur NFS.

Aug 31 22:47:05 mplnfs systemd[1]: nfs-idmapd.service: Job nfs-idmapd.service/start failed with result 'dependency'.
Aug 31 22:47:05 mplnfs systemd[1]: run-rpc_pipefs.mount: Unit entered failed state.
Aug 31 22:47:05 mplnfs systemd[1]: proc-fs-nfsd.mount: Mount process exited, code=exited status=32
Aug 31 22:47:05 mplnfs systemd[1]: Failed to mount NFSD configuration filesystem.
-- Subject: Unit proc-fs-nfsd.mount has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit proc-fs-nfsd.mount has failed.
-- 
-- The result is failed.

Ben ouais, ce serait trop facile si on pouvait tout faire tourner dans LXC…

Le conteneur a été créé en mode “non privilégié” (donc sécurisé).

Essai de cette solution (profil AppArmor) : https://forum.proxmox.com/threads/is-it-possible-to-run-a-nfs-server-within-a-lxc.24403/#post-150149

… ça n'aide pas.

D'autres mauvaises expériences de NFS au sein de conteneurs LXC : https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1575757

# mount -t nfsd nfsd /proc/fs/nfsd
mount: permission denied

Pas mieux avec la politique LXC “uncontained”.

Pas mieux en passant le conteneur à l'arrache en mode “privilégié” (ça le fout en l'air car il demande un mot de passe lors de la connexion SSH, or je m'identifie avec clé pub).

Je retiens donc que NFS au sein de LXC est buggé chez Debian, mais faudrait retester la recette du forum Proxmox sur un conteneur privilégié.

Sur un conteneur customisé

Sans utiliser le template Proxmox, mais en créant à partir de lxc-create.

Installer nfs-kernel-server produit :

Setting up libevent-2.0-5:amd64 (2.0.21-stable-3) ...
Setting up rpcbind (0.2.3-0.6) ...
Created symlink /etc/systemd/system/multi-user.target.wants/rpcbind.service → /lib/systemd/system/rpcbind.service.
Created symlink /etc/systemd/system/sockets.target.wants/rpcbind.socket → /lib/systemd/system/rpcbind.socket.
Setting up nfs-common (1:1.3.4-2.1) ...

Creating config file /etc/idmapd.conf with new version
Adding system user `statd' (UID 106) ...
Adding new user `statd' (UID 106) with group `nogroup' ...
Not creating home directory `/var/lib/nfs'.
Created symlink /etc/systemd/system/multi-user.target.wants/nfs-client.target → /lib/systemd/system/nfs-client.target.
Created symlink /etc/systemd/system/remote-fs.target.wants/nfs-client.target → /lib/systemd/system/nfs-client.target.
nfs-utils.service is a disabled or a static unit, not starting it.
Setting up nfs-kernel-server (1:1.3.4-2.1) ...
Created symlink /etc/systemd/system/multi-user.target.wants/nfs-server.service → /lib/systemd/system/nfs-server.service.
A dependency job for nfs-server.service failed. See 'journalctl -xe' for details.
nfs-server.service couldn't start.

Creating config file /etc/exports with new version

Creating config file /etc/default/nfs-kernel-server with new version
A dependency job for nfs-server.service failed. See 'journalctl -xe' for details.
invoke-rc.d: initscript nfs-kernel-server, action "start" failed.
● nfs-server.service - NFS server and services
   Loaded: loaded (/lib/systemd/system/nfs-server.service; enabled; vendor preset: enabled)
   Active: inactive (dead)
   
Sep 13 14:44:07 mplnfsc systemd[1]: Dependency failed for NFS server and services.
Sep 13 14:44:07 mplnfsc systemd[1]: nfs-server.service: Job nfs-server.service/start failed with result 'dependency'.
Sep 13 14:44:09 mplnfsc systemd[1]: Dependency failed for NFS server and services.
Sep 13 14:44:09 mplnfsc systemd[1]: nfs-server.service: Job nfs-server.service/start failed with result 'dependency'.
Failed to start nfs-kernel-server, ignoring.
Processing triggers for libc-bin (2.24-11+deb9u1) ...
Processing triggers for systemd (232-25+deb9u1) ...
Press Return to continue, 'q' followed by Return to quit.

Détails :

-- The start-up result is done.
Sep 13 15:09:35 mplnfsc agetty[136]: /dev/tty3: cannot open as standard input: No such file or directory
Sep 13 15:09:35 mplnfsc agetty[137]: /dev/tty4: cannot open as standard input: No such file or directory
Sep 13 15:09:41 mplnfsc systemd[1]: run-rpc_pipefs.mount: Failed to reset devices.list: Operation not permitted
Sep 13 15:09:41 mplnfsc systemd[1]: run-rpc_pipefs.mount: Failed to set invocation ID on control group /system.slice/run-rpc_pipefs.mount, ignoring: Operation not permitted
Sep 13 15:09:41 mplnfsc systemd[1]: Mounting RPC Pipe File System...
-- Subject: Unit run-rpc_pipefs.mount has begun start-up
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit run-rpc_pipefs.mount has begun starting up.
Sep 13 15:09:41 mplnfsc systemd[1]: nfs-config.service: Failed to reset devices.list: Operation not permitted
Sep 13 15:09:41 mplnfsc systemd[1]: nfs-config.service: Failed to set invocation ID on control group /system.slice/nfs-config.service, ignoring: Operation not permitted
Sep 13 15:09:41 mplnfsc systemd[1]: Starting Preprocess NFS configuration...
-- Subject: Unit nfs-config.service has begun start-up
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit nfs-config.service has begun starting up.
Sep 13 15:09:41 mplnfsc systemd[1]: proc-fs-nfsd.mount: Failed to reset devices.list: Operation not permitted
Sep 13 15:09:41 mplnfsc systemd[1]: proc-fs-nfsd.mount: Failed to set invocation ID on control group /system.slice/proc-fs-nfsd.mount, ignoring: Operation not permitted
Sep 13 15:09:41 mplnfsc systemd[1]: Mounting NFSD configuration filesystem...
-- Subject: Unit proc-fs-nfsd.mount has begun start-up
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit proc-fs-nfsd.mount has begun starting up.
Sep 13 15:09:41 mplnfsc systemd[1]: proc-fs-nfsd.mount: Mount process exited, code=exited status=32
Sep 13 15:09:41 mplnfsc systemd[1]: Failed to mount NFSD configuration filesystem.
-- Subject: Unit proc-fs-nfsd.mount has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit proc-fs-nfsd.mount has failed.
-- 
-- The result is failed.
Sep 13 15:09:41 mplnfsc systemd[1]: Dependency failed for NFS Mount Daemon.
-- Subject: Unit nfs-mountd.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit nfs-mountd.service has failed.
-- 
-- The result is dependency.
Sep 13 15:09:41 mplnfsc systemd[1]: Dependency failed for NFS server and services.
-- Subject: Unit nfs-server.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit nfs-server.service has failed.
-- 
-- The result is dependency.
Sep 13 15:09:41 mplnfsc systemd[1]: Dependency failed for NFSv4 ID-name mapping service.
-- Subject: Unit nfs-idmapd.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit nfs-idmapd.service has failed.
-- 
-- The result is dependency.
Sep 13 15:09:41 mplnfsc systemd[1]: nfs-idmapd.service: Job nfs-idmapd.service/start failed with result 'dependency'.
Sep 13 15:09:41 mplnfsc systemd[1]: nfs-server.service: Job nfs-server.service/start failed with result 'dependency'.
Sep 13 15:09:41 mplnfsc systemd[1]: nfs-mountd.service: Job nfs-mountd.service/start failed with result 'dependency'.
Sep 13 15:09:41 mplnfsc systemd[1]: proc-fs-nfsd.mount: Unit entered failed state.
Sep 13 15:09:41 mplnfsc systemd[1]: run-rpc_pipefs.mount: Mount process exited, code=exited status=32
Sep 13 15:09:41 mplnfsc systemd[1]: Failed to mount RPC Pipe File System.
-- Subject: Unit run-rpc_pipefs.mount has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit run-rpc_pipefs.mount has failed.
-- 
-- The result is failed.
Sep 13 15:09:41 mplnfsc systemd[1]: Dependency failed for RPC security service for NFS client and server.
-- Subject: Unit rpc-gssd.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit rpc-gssd.service has failed.
-- 
-- The result is dependency.
Sep 13 15:09:41 mplnfsc systemd[1]: rpc-gssd.service: Job rpc-gssd.service/start failed with result 'dependency'.
Sep 13 15:09:41 mplnfsc systemd[1]: Dependency failed for RPC security service for NFS server.
-- Subject: Unit rpc-svcgssd.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit rpc-svcgssd.service has failed.
-- 
-- The result is dependency.
Sep 13 15:09:41 mplnfsc systemd[1]: rpc-svcgssd.service: Job rpc-svcgssd.service/start failed with result 'dependency'.
Sep 13 15:09:41 mplnfsc systemd[1]: run-rpc_pipefs.mount: Unit entered failed state.
Sep 13 15:09:41 mplnfsc systemd[1]: Started Preprocess NFS configuration.
-- Subject: Unit nfs-config.service has finished start-up
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit nfs-config.service has finished starting up.
-- 
-- The start-up result is done.

Revoir les profils AppArmor :

https://lists.ubuntu.com/archives/juju/2016-June/007471.html

https://github.com/lxc/lxd/issues/2703

Conteneur LXC template Proxmox : mise à jour vers Buster

Et bien, ça ne semble pas aller mieux.

Bon fuck, il fallait un conteneur privilégié

Comme lu dans le rapport de bug Ubuntu je crois. Il faut ça, ainsi que le profil AppArmor approprié pour faire les bons “mount”.

Le service est actif, est-il fonctionnel ?

article/linux/mplx/nfs/anciennes_notes.txt · Dernière modification: 2017/09/13 20:11 par bicarbonate