Problem with external NFS on OpenMediaVault



  • Hello everyone,

    I’m trying FOG for my lab and I have it installed it on a VM in a proxmox cluster (so kvm virtualization), in the same cluster I already have an openmediavault server (10.21.100.29) and I was trying to use its NFS share as an alternative storage for FOG.

    The problem is that when I try to upload an image of an host associated to that storage group it gave me this error:

    mount: mounting 10.21.100.29:/images/dev/ on /images failed: Permission denied
    

    On the OMV server log I get this:

    openmediavault rpc.mountd[28433]: refused mount request from 10.21.100.12 for /images/dev/ (/): not exported
    

    10.21.100.12 is the IP of the host I’m trying to imaging

    what it boggles me is the fact that I’m able to mount that share without problem from both other linux clients and the FOG server itself

    mount -t nfs 10.21.100.29:/images/ /mnt/images/
    

    and

    mount -t nfs 10.21.100.29:/images/dev /mnt/images/
    

    both work well.

    this is the output of ll -Ra /mnt/images/ in the FOG server after I mount the share (images)

    /mnt/images/:
    total 0
    drwxrwxrwx  3 nobody nobody 32 30 lug 17.10 .
    drwxr-xr-x. 3 root   root   19 30 lug 17.06 ..
    drwxrwxrwx  2 nobody nobody 22 30 lug 17.10 dev
    -rwxrwxrwx  1 nobody nobody  0 30 lug 17.10 .mntcheck
    
    /mnt/images/dev:
    total 0
    drwxrwxrwx 2 nobody nobody 22 30 lug 17.10 .
    drwxrwxrwx 3 nobody nobody 32 30 lug 17.10 ..
    -rwxrwxrwx 1 nobody nobody  0 30 lug 17.10 .mntcheck
    

    I already succesfully upload an image to a local storage.

    Am I missing something?

    Thanks


  • Moderator

    @giolnl said:

    I made some tests with a “forced” configuration (meaning I actually bypassed the GUI of OMV) and everything worked

    Not forced, simply a manual configuration. :-)

    The OS doesn’t care what the GUI says. The OS is going to read the /etc/exports file for exports, that’s how it works. :-)



  • I got it working so for me it could be marked as solved, thanks!


  • Developer

    Should we mark this solved or is it still an issue for you?



  • @Uncle-Frank
    yes, I already noticed that during the previous tests I’ve made, I was always able to mount /export/images/dev like if it was an export even if it wasn’t configured as one in the OMV server. I guessed it somehow inherited the possibility to be exported by its parents directories, but as I said I’m far from being an expert about NFS.


  • Developer

    With /export/images/dev missing in /etc/exports is it working now??



  • Guess I was wrong about the ACL, in the end what made the difference was the fact that during the “forced” tests I used “/export/images” as image path in the storage configuration instead of “/images” (because of the missing “/export” lines in /etc/exports)

    Here some screenshots with the working configuration I’m actually using:

    OMV Shared folder configuration
    OMV_shared_folder.png
    OMV Shared folder ACL configuration
    OMV_shared_folder_ACL.png
    OMV NFS shares
    OMV_NFS_share.png
    FOG Storage configuration
    FOG_storage_configuration.png

    The actual /etc/exports file on OMV:

    # /etc/exports: the access control list for filesystems which may be exported
    #               to NFS clients.  See exports(5).
    /export/images (rw,subtree_check,secure)
    /export/backup (rw,subtree_check,secure)
    
    # NFSv4 - pseudo filesystem root
    /export (ro,fsid=0,root_squash,no_subtree_check,hide)
    

    Could be that NSFv4 pseudo fs to cause the problem? Maybe by giving FOG the full path I somehow bypass it, just a random guess tho, I don’t know how NFS works apart from the basics.



  • @Uncle-Frank
    The fact is that OMV doesn’t le me export “directly” a subdirectory, it let me create a shared folder which point to /export/images/dev/ but then it exports it as /export/dev/ which is linked somehow to /export/images/dev/ (I don’t know how to be honest),
    Anyway I made some tests with a “forced” configuration (meaning I actually bypassed the GUI of OMV) and everything worked, so the problem is in the OMV configuration, I’m still doing some tests but i think the problem is related to some ACL you can set on those shared folders and theirs subdirectories.

    I’ll be back when I’ll be sure to have a working “minimal” configuraton for both FOG and OMV.

    Thanks anyone for pointing me to the right direction!


  • Moderator

    # /export/backup 10.21.0.0/16(rw,subtree_check,secure)
    #Commented out the above line just for troubleshooting purposes.
    /export/images *(ro,sync,no_wdelay,no_subtree_check,insecure_locks,no_root_squash,insecure,fsid=0)
    /export/images/dev *(rw,async,no_wdelay,no_subtree_check,no_root_squash,insecure,fsid=1)
    

  • Developer

    /export/images/dev not /export/dev I reckon



  • @Uncle-Frank
    I’ve just tested it with no success

    EDIT: I noticed a new thing, all the other tests I’ve done I’ve always set the task from the web GUI and then start the client with PXE, this time I just started the client without any task pending and then tried to do a quick image and now I can see this error in the Image list in the GUI under “image size: ON SERVER”, don’t know if it can be usefull or not:

    FOGFTP: Failed to connect. Host: 10.21.100.29, Error: Undefined property: FOGFTP::$link
    

    END EDIT

    /etc/exports on OMV:

    # /etc/exports: the access control list for filesystems which may be exported
    #               to NFS clients.  See exports(5).
    /export/backup 10.21.0.0/16(rw,subtree_check,secure)
    /export/images (rw,subtree_check,secure)
    /export/dev (rw,subtree_check,secure)
    
    # NFSv4 - pseudo filesystem root
    /export 10.21.0.0/16(ro,fsid=0,root_squash,no_subtree_check,hide)
    /export (ro,fsid=0,root_squash,no_subtree_check,hide)
    

    Same errors:

    Sep 30 05:48:43 omv rpc.mountd[18040]: refused mount request from 10.21.1.20 for /images/ (/): not exported
    

    and permission denied on the client

    root@omv:~# ll -aR /export/images/
    /export/images/:
    total 12
    drwxrwxrwx+ 3 root   users   32 Jul 30 17:10 .
    drwxr-xr-x  5 root   root  4096 Sep 30 08:35 ..
    -rwxrwxrwx+ 1 nobody users    0 Jul 30 17:10 .mntcheck
    drwxrwsrwx+ 2 nobody users   22 Jul 30 17:10 dev
    
    /export/images/dev:
    total 8
    drwxrwsrwx+ 2 nobody users 22 Jul 30 17:10 .
    drwxrwxrwx+ 3 root   users 32 Jul 30 17:10 ..
    -rwxrwxrwx+ 1 nobody users  0 Jul 30 17:10 .mntcheck
    

  • Moderator

    @Uncle-Frank I’d highly recommend that.


  • Developer

    @giolnl I guess your /etc/exports on OMV should look like this:

    /export/backup 10.21.0.0/16(rw,subtree_check,secure)
    /export/images (rw,subtree_check,secure)
    /export/images/dev (rw,subtree_check,secure)
    
    # NFSv4 - pseudo filesystem root
    /export 10.21.0.0/16(ro,fsid=0,root_squash,no_subtree_check,hide)
    /export (ro,fsid=0,root_squash,no_subtree_check,hide)
    
    

    Maybe even add the NFS parameters originally used by FOG (see ch3i’s post).


  • Moderator

    @giolnl said:

    the FOG server looks like yours, some things I already tried:

    You need an NFS Export for both the /images directory and the /images/dev directories - wherever those may be. For troubleshooting purposes, set world-writable permissions (777) on the /images directory just to see it get going without unnecessary complications.



  • @ch3i
    my export file on the FOG server looks like yours, some things I already tried:

    • set the same options i found in the FOG server’s export to the OMV’s export and change/mess a bit with them
    • use two separate exports for images and images/dev (always in OMV) with the exact options found in FOG (so something almost identical to the setup of the FOG server)

    The storage configuration is the same i posted before: screenshot, where 10.21.100.29 is the OMV server


  • Moderator

    @giolnl

    Mine :

    /fogimages *(ro,sync,no_wdelay,no_subtree_check,insecure_locks,no_root_squash,insecure,fsid=0)
    /fogimages/dev *(rw,async,no_wdelay,no_subtree_check,no_root_squash,insecure,fsid=1)
    

    Can you provide the storage configuration (a screenshot of webui) ?



  • @ch3i
    Hi! this is the content of the export file in the OMV server:

    # /etc/exports: the access control list for filesystems which may be exported
    #               to NFS clients.  See exports(5).
    /export/backup 10.21.0.0/16(rw,subtree_check,secure)
    /export/images (rw,subtree_check,secure)
    
    # NFSv4 - pseudo filesystem root
    /export 10.21.0.0/16(ro,fsid=0,root_squash,no_subtree_check,hide)
    /export (ro,fsid=0,root_squash,no_subtree_check,hide)
    

    the first two exports are the ones configured by me using the web gui, the “pseudo filesystem root” part is hidden to the user and I never modified it during my tests


  • Moderator

    @giolnl Hi, can you post the content of your exports file ?



  • @Wayne-Workman
    FOG Server:

    • FOG Version 1.2.0
    • Distro: CentOS 7
    • Kernel: 3.10.0-123.el7.x86_64
    • nfs packages:
    libnfsidmap.x86_64                      0.25-11.el7                    @base    
    nfs-utils.x86_64                        1:1.3.0-0.8.el7                @base    
    

    OpenMediaVault Server:

    • OMV Version: 2.1.15 (last available)
    • Distro: Debian 7.8
    • Kernel: 3.2.68-1+deb7u2
    • nfs packages:
    ii  libnfsidmap2:amd64                 0.25-4                        amd64        NFS idmapping library
    ii  nfs-common                         1:1.2.6-4                     amd64        NFS support files common to client and server
    ii  nfs-kernel-server                  1:1.2.6-4                     amd64        support for NFS kernel server
    

  • Moderator

    @giolnl What version of FOG are you using?


Log in to reply
 

374
Online

39.3k
Users

11.0k
Topics

104.6k
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.