Ubuntu 从外部主机装载停靠的NFS共享_Ubuntu_Docker_Nfs

Ubuntu 从外部主机装载停靠的NFS共享

ubuntu docker

Ubuntu 从外部主机装载停靠的NFS共享,ubuntu,docker,nfs,Ubuntu,Docker,Nfs,我有一个基于Dockerfile和我找到的脚本的停靠nfs内核服务器在我的Ubuntu主机中，我可以使用interfacedocker0的IP地址装载卷 $ sudo mount -v -t nfs 172.17.0.2:/srv/nfs /mnt mount.nfs: timeout set for Mon Feb 20 12:57:14 2017 mount.nfs: trying text-based options 'nfsvers=3,addr=172.17.0.2' mount.

我有一个基于Dockerfile和我找到的脚本的停靠nfs内核服务器

在我的Ubuntu主机中，我可以使用interface

docker0

的IP地址装载卷

$ sudo mount -v -t nfs 172.17.0.2:/srv/nfs /mnt

mount.nfs: timeout set for Mon Feb 20 12:57:14 2017
mount.nfs: trying text-based options 'nfsvers=3,addr=172.17.0.2'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 172.17.0.2 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=17
mount.nfs: trying 172.17.0.2 prog 100005 vers 3 prot UDP port 33602

当我尝试使用我的公共IP进行挂载时（甚至从主机系统），它会说权限被拒绝：

$ sudo mount -v -t nfs 192.168.120.153:/srv/nfs /mnt

mount.nfs: timeout set for Mon Feb 20 12:57:03 2017
mount.nfs: trying text-based options 'vers=4,addr=192.168.120.153,clientaddr=192.168.120.153'
mount.nfs: mount(2): Permission denied
mount.nfs: access denied by server while mounting 192.168.120.153:/srv/nfs

当我尝试使用NFS v3时，我得到以下结果：

$ sudo mount -v -t nfs -o nfsvers=3 192.168.120.153:/srv/nfs /mnt

mount.nfs: timeout set for Mon Feb 20 12:49:48 2017
mount.nfs: trying text-based options 'nfsvers=3,addr=192.168.120.153'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: portmap query retrying: RPC: Program not registered
mount.nfs: prog 100003, trying vers=3, prot=17
mount.nfs: portmap query failed: RPC: Program not registered
mount.nfs: requested NFS version or transport protocol is not supported

由于共享已经可装载，我假设这是一个访问/权限问题，而不是服务问题。这个问题背后的原因可能是什么

---编辑---

以下run命令更改错误消息：

docker run -d --privileged \
--name nfs \
-p 2049:2049/tcp \
-p 2049:2049/udp \
-p 111:111/tcp \
-p 111:111/udp \
-p 1066:1066/tcp \
-p 1067:1067/tcp \
-p 1067:1067/udp \
-v /tmp:/srv/nfs \
cpuguy83/nfs-server /srv/nfs

mount.nfs: mount(2): No such file or directory
mount.nfs: rpc.statd is not running but is required for remote locking.
mount.nfs: Either use '-o nolock' to keep locks local, or start statd.
mount.nfs: an incorrect mount option was specified

现在，尝试使用v3或v4装载会导致相同的错误消息：

docker run -d --privileged \
--name nfs \
-p 2049:2049/tcp \
-p 2049:2049/udp \
-p 111:111/tcp \
-p 111:111/udp \
-p 1066:1066/tcp \
-p 1067:1067/tcp \
-p 1067:1067/udp \
-v /tmp:/srv/nfs \
cpuguy83/nfs-server /srv/nfs

mount.nfs: mount(2): No such file or directory
mount.nfs: rpc.statd is not running but is required for remote locking.
mount.nfs: Either use '-o nolock' to keep locks local, or start statd.
mount.nfs: an incorrect mount option was specified

我没有运行防火墙，并且我已经检查了主机系统上是否正在运行

rpcbind

。当我尝试

-o nolock

选项时，我得到以下结果：

mount.nfs: trying text-based options 'nolock,nfsvers=3,addr=192.168.120.153'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: portmap query retrying: RPC: Unable to receive
mount.nfs: prog 100003, trying vers=3, prot=17
mount.nfs: portmap query failed: RPC: Unable to receive - Connection refused

由于您没有提供所使用的

docker run

命令行，我假设您使用了链接的Github repo中的示例：

docker run -d --name nfs --privileged cpuguy83/nfs-server /path/to/share /path/to/share2 /path/to/shareN

这导致NFS端口不公开，因此只能通过专用docker IP访问。请尝试：

docker run -d --name nfs --privileged -p 111:111/udp -p 2049:2049 cpuguy83/nfs-server /path/to/share /path/to/share2 /path/to/shareN

重要的部分是

-p 111:111/udp-p 2049:2049

在此之后，您应该能够使用公共IP挂载它

请注意，您可能必须先删除旧容器：

docker rm -f nfs

我得到以下错误：

。。。已成功构建7ccbef71a3f5 823a820d7e27b1020afca27bdc8b9f11d6bf97711926015d86e803577ea13744 docker:守护程序的错误响应：驱动程序未能在端点nfs上编程外部连接（ab8c13199983da6a7ef24ac26c087f7a38da6dcfeb7391ffbadf988173c3f14a）：启动userland代理时出错：侦听tcp 0.0.0.0:2049:bind:地址已在使用中。无法运行Docker容器

我认为这是意料之中的，因为Dockerfile中有以下行：

EXPOSE 111/udp 2049/tcp

这意味着您已经有一个容器在公共接口和相同端口上运行侦听，或者更可能的情况是：您的主机系统上已经运行NFS。对于SO来说，这不是主题