Automount / NFS Problems with Rancher Network

We have an application that we are attempting to port over to docker with rancher being our preferred deployment and management tool. Thus far, we are loving it and were able to get up and going with basic web and backend services with persistent volumes where required in a little over an hour.

The last piece we have is part of our application requires automount access to already existing company servers (45000 mounts exists). We were able to get a container in our development environment using the docker bridge to work fine (shown below) but with rancher managing the container we are having some issues (most likely the overlay network forwarding). We are running both in privledged mode. The issue stems in that the nfs servers are receiving ports > 1024 http://www.nathanfriend.co.uk/nfs-refused-mount-illegal-port/. We will be unable to set insecure settings on existing infrastructure to fix this issue. Any ideas around this?

  • Discovering nsqd server address from nslookupd
  • Docker nginx and Go (Golang) separate containers. Nginx configuration
  • Can't connect to container from docker host
  • How is a data-only container in Docker getting data?
  • How to prevent a Docker Container to turn on while another Container in the same Service is trying to?
  • Docker log without new line
  • RANCHER MANAGED CONTAINER WITH OVERLAY NETWORK:

    #MOUNT NFS
    [root@bed7d61d5641 /]# mount rancher-nfs.cisco.com:/test_nfs /tmp/corona/
    mount.nfs: access denied by server while mounting rancher-nfs.cisco.com:/test_nfs
    
    #NFS SERVER LOGS
    Jan 22 21:02:57 rancher-nfs rpc.mountd[11925]: nfsd_export: inbuf '* /'
    Jan 22 21:02:57 rancher-nfs rpc.mountd[11925]: nfsd_export: found 0x7fe2a245cf30 path /
    Jan 22 21:02:57 rancher-nfs rpc.mountd[11925]: check_default: access by 10.122.82.78 ALLOWED (cached)
    Jan 22 21:02:57 rancher-nfs rpc.mountd[11925]: Received NULL request from 10.122.82.78
    Jan 22 21:02:57 rancher-nfs rpc.mountd[11925]: check_default: access by 10.122.82.78 ALLOWED (cached)
    Jan 22 21:02:57 rancher-nfs rpc.mountd[11925]: Received NULL request from 10.122.82.78
    Jan 22 21:02:57 rancher-nfs rpc.mountd[11925]: check_default: access by 10.122.82.78 ALLOWED (cached)
    Jan 22 21:02:57 rancher-nfs rpc.mountd[11925]: Received MNT3(/test_nfs) request from 10.122.82.78
    Jan 22 21:02:57 rancher-nfs rpc.mountd[11925]: refused mount request from 10.122.82.78 for /test_nfs (/test_nfs): illegal port 1040
    
    #AUTO FS
    [root@bed7d61d5641 /]# cd /auto/sto-corona
    bash: cd: /auto/sto-corona: No such file or directory
    
    #NETWORK
    [root@bed7d61d5641 /]# ip link
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    3: eth0@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT
        link/ether aa:41:95:9a:7d:58 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    [root@bed7d61d5641 /]# ip address
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host
           valid_lft forever preferred_lft forever
    3: eth0@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
        link/ether aa:41:95:9a:7d:58 brd ff:ff:ff:ff:ff:ff link-netnsid 0
        inet 10.42.45.182/16 scope global eth0
           valid_lft forever preferred_lft forever
        inet6 fe80::a841:95ff:fe9a:7d58/64 scope link tentative dadfailed
           valid_lft forever preferred_lft forever
    

    RANCHER CONTAINER BROUGHT UP DIRECTLY ON HOST WITH DOCKER0 BRIDGE

    #MOUNT WORKS FINE
    [root@0e1b24d32101 /]# mount rancher-nfs.cisco.com:/test_nfs /tmp/corona/
    [root@0e1b24d32101 /]# ls -al /tmp/corona/
    total 4
    drwxrwxrwx. 2 root root    6 Jan 22 19:40 .
    drwxrwxrwt. 1 root root 4096 Jan 23 01:00 ..
    [root@0e1b24d32101 /]# cd /tmp/corona/
    [root@0e1b24d32101 corona]# df -h .
    Filesystem                       Size  Used Avail Use% Mounted on
    rancher-nfs.cisco.com:/test_nfs  155G  2.7G  152G   2% /tmp/corona
    
    
    #AUTOFS WORKS FINE
    [root@0e1b24d32101 corona]#
    [root@0e1b24d32101 corona]#
    [root@0e1b24d32101 corona]# cd /auto/sto-corona
    [root@0e1b24d32101 sto-corona]#
    
    
    #NETWORK DEBUG
    [root@0e1b24d32101 sto-corona]# ip link
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    22: eth0@if23: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT
        link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    [root@0e1b24d32101 sto-corona]# ip address
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host
           valid_lft forever preferred_lft forever
    22: eth0@if23: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
        link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
        inet 172.17.0.4/16 scope global eth0
           valid_lft forever preferred_lft forever
        inet6 fe80::42:acff:fe11:4/64 scope link
           valid_lft forever preferred_lft forever
    

  • How do I configure which DNS server docker uses in Docker for Mac?
  • kubernetes : Containers not starting using private registry
  • Modify nginx.conf to support n number of wildfly instances
  • File name too long on docker
  • Docker not mapping port using gunicorn
  • Is there any way to create a link between file inside container docker and host?
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.