when build and turn up the image, i receive this error:
Network formazionephp7_default Created 0.7s
Volume “formazionephp7_neonfs” Created 0.0s
Container formazionephp7-web-1 Created 0.2s
Attaching to formazionephp7-web-1
Error response from daemon: error while mounting volume ‘/var/lib/docker/volumes/formazionephp7_neonfs/_data’: failed to mount local volume: mount :/space/home/cverond/varwwwhtml:/var/lib/docker/volumes/formazionephp7_neonfs/_data, data: addr=172.26.209.22: permission denied
For test i have try to run docker container and try to mount manually the nfs shared disk but the error is the same:
# mount -v -t nfs -o ro 172.26.209.22:/space/home/cverond/varwwwhtml /var/data
mount.nfs: timeout set for Tue Dec 6 11:53:49 2022
mount.nfs: trying text-based options 'vers=4.2,addr=172.26.209.22,clientaddr=172.28.0.2'
mount.nfs: mount(2): Operation not permitted
mount.nfs: trying text-based options 'addr=172.26.209.22'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 172.26.209.22 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=17
mount.nfs: trying 172.26.209.22 prog 100005 vers 3 prot UDP port 892
mount.nfs: Protocol not supported
#
The NFS volume is not a volume that is mounted inside the container directly. It will be mounted on the host and from the host it will be mounted into the container. The container has no mount capability (CAP_SYS_ADMIN if I am right) so you get “Operation not permitted”. When you get “permission denied” using the NFS volume, it means the server does not allow the client to mount the shared folder. For example if you have 172.26.209.22 as the server and your client is 172.26.202.23, you need an export file on the server like this
Is 172.26.209.22 a Docker container or host machine?
Instead of trying to find the right settings with containers, I recommend you to try to mount an NFS share to the host without Docker. If that works and you know how to configure the NFS server, then try it with Docker.
Like @rimelek already pointed out: the docker engine mounts the nfs share on the docker host, as such the docker host must be allowed in the client list of the nfs export.
Though, it is unclear what os the docker engine is running on and which version is running.
Only after you tried @meyay’s suggestion, I would also try to run a simple HTTP server on the NFS server and send a request from a docker container to see what IP address the NFS server can see as sender. Or maybe the NFS server log contains some information about failed requests. I remember one case when the routing was wrong and the request was sent on an other network.
Finally, after a long time, I figured it out.
The fault was not the container or docker but the NFS server which, for some reason, had the rpcbind daemon not running.
it was enough to launch this command, and everything started, as if by magic: