Docker NFS volume: "Permission denied" on 'docker run' as root

General Discussions
1

Hello there. I’m really hoping to get some insights from the community since I’m currently at a loss for any ideas.

Im using Docker version 19.03.1, build 74b1e89 and want to mount some NFS shares into a Gitlab-CE container to connect it to an external storage device for data persistence. I verified that the target NFS share is accessible by manually mounting it to the host and pushing a few files back and forth.

The docker host itself is a QM virtual machine on a Proxmox 5.4 server.

I found How to mount nfs drive in container: simplest way as well as Is NFS volume type supported ? If not improve documentation please. #1700 and created a new volume using

docker volume create --name mynfs --opt type=nfs --opt device=:/volume1/gitlab-logs --opt o=addr=192.168.xxx.xxx

… which resulted in the following volume, which seems fine to me.

[
    {
        "CreatedAt": "2019-07-29T12:36:28Z",
        "Driver": "local",
        "Labels": {},
        "Mountpoint": "/var/lib/docker/volumes/mynfs/_data",
        "Name": "mynfs",
        "Options": {
            "device": ":/volume1/gitlab-logs",
            "o": "addr=192.168.161.20",
            "type": "nfs"
        },
        "Scope": "local"
    }
]

My next step was to test the volume by running

docker run -ti --volume mynfs:/opt/test alpine sh

…like in the second link. This resulted in the following error message:

docker: Error response from daemon: error while mounting volume '/var/lib/docker/volumes/mynfs/_data': failed to mount local volume: mount :/volume1/gitlab-logs:/var/lib/docker/volumes/mynfs/_data, data: addr=192.168.xxx.xxx: permission denied.

During my research I’ve found multiple posts across many forums where people have had issues with this, as well as a number of people solving it in various ways. However, I can’t seem to find a way to get my snippets working. It seems pretty straigh-forward to me.

So far I’ve tested this on the Proxmox VM and my local computer. As far as I can tell this doesn’t seem to be an issue with nested virtualization. The logfiles of the NFS servers show no entries and I’m running the commands as root, which should rule out any permission-based error…

Is anyone able to give me some hints on where to search for further clues?