-fun-
Contributor
- Joined
- Oct 27, 2015
- Messages
- 171
Ok, so this finally worked. For my calibre-server container I did the following (a running Rancher VM as a prerequisite).
I have a dataset /mnt/flospool/jaildata/calibre/ with share type UNIX. As I want to expose two directories ´books` and ´config` to the container I added two directories ´books` and ´config` in the dataset. (One major pitfall was to try to create datasets ´books` and ´config`. This just didn't work! It would have allowed to separately snapshot config and books.)
In FreeNAS I created user/group rancher/rancher with UID=1100 and GID=1100. These IDs match the IDs of the rancher user in the RancherOS VM. This user and group is not specific to the calibre server.
Then I changed user and group ownership in the dataset recursively to rancher/rancher. Also I granted read/write/execute to user/group/other (777).
I setup the NFS sharing service with ´Enable NFSv4` and ´NFSv3 ownership model for NFSv4` checked.
For the dataset I defined an NFS share with ´All Directories´ checked and no Mapall or Maproot entries. ´All Directories` allows to map the subdirectories ´books´ and ´config` to be shared separately. Maproot and Mapall entries are not required because the container will access the share with correct UID and GID.
In Rancher I added the Rancher NFS infrastructure stack. (I use the default environment in Rancher.) I configured a MOUNT_DIR of /mnt/flospool/jaildata/, an NFS_SERVER of 172.27.2.16 (IP address of my FreeNAS box and thus the NFS server host) as well as the ON_REMOVE=retain option. Neither of these settings are used later on however, see below.
Next I defined two storage volumes ´calibre-books` and ´calibre-config`. Here driverOpts must be used. calibre-books is defined as follows:
After this I added the container. I'm using the technosoft2000/calibre-web container (https://hub.docker.com/r/technosoft2000/calibre-web/).
Definitions include:
Now I started the container. In the browser the new calibre server is available with the IP address of the Rancher VM and the port exposed in the container, in my case: http://172.27.2.35:8083.
Some notes:
As a disclaimer: This is my first working solution. There will be more and probably better solutions for this setup.
I have a dataset /mnt/flospool/jaildata/calibre/ with share type UNIX. As I want to expose two directories ´books` and ´config` to the container I added two directories ´books` and ´config` in the dataset. (One major pitfall was to try to create datasets ´books` and ´config`. This just didn't work! It would have allowed to separately snapshot config and books.)
In FreeNAS I created user/group rancher/rancher with UID=1100 and GID=1100. These IDs match the IDs of the rancher user in the RancherOS VM. This user and group is not specific to the calibre server.
Then I changed user and group ownership in the dataset recursively to rancher/rancher. Also I granted read/write/execute to user/group/other (777).
I setup the NFS sharing service with ´Enable NFSv4` and ´NFSv3 ownership model for NFSv4` checked.
For the dataset I defined an NFS share with ´All Directories´ checked and no Mapall or Maproot entries. ´All Directories` allows to map the subdirectories ´books´ and ´config` to be shared separately. Maproot and Mapall entries are not required because the container will access the share with correct UID and GID.
In Rancher I added the Rancher NFS infrastructure stack. (I use the default environment in Rancher.) I configured a MOUNT_DIR of /mnt/flospool/jaildata/, an NFS_SERVER of 172.27.2.16 (IP address of my FreeNAS box and thus the NFS server host) as well as the ON_REMOVE=retain option. Neither of these settings are used later on however, see below.
Next I defined two storage volumes ´calibre-books` and ´calibre-config`. Here driverOpts must be used. calibre-books is defined as follows:
- export=/mnt/flospool/jaildata/calibre/books (note the full path including the ´books` directory defined earlier)
- host=172.27.2.16 (Important: The ´export` driveOpt just does not work without ´host´ defined! ´host` is not inherited from the NFS_SERVER as one would expect. This took me hours ...)
- onRemove=retain (I prefer to keep the data in the directory should the container be removed.)
After this I added the container. I'm using the technosoft2000/calibre-web container (https://hub.docker.com/r/technosoft2000/calibre-web/).
Definitions include:
- Volumes calibre-books:/books and calibre-config:/calibre-web/config
- Environment variables USE_CONFIG_DIR=true, PGID=1100, PUID=1100
- Port mapping 8083=8083
Now I started the container. In the browser the new calibre server is available with the IP address of the Rancher VM and the port exposed in the container, in my case: http://172.27.2.35:8083.
Some notes:
- After first launch the container had created some files in the ´books` directory with the right group but an unknown user ID. This is probably due to a problem in the container. I corrected this (set permissions recursively to rancher/rancher ...) and the calibre server works fine since then.
- A mapping of UID and GID in the container should not be required if read/write/execute is granted to ´other` anyway. Or permissions read/write/execute would not have to be granted to ´other` if UID and GID are mapped to the rancher user and group anyway. Depending on security requirements the second might be the better choice but not all containers allow mapping of UID and GID.
- I'm not entirely happy with Rancher: It seems errors in any configuration just cannot be corrected. Throw away and start from scratch.
As a disclaimer: This is my first working solution. There will be more and probably better solutions for this setup.