-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement sshfs volumes for podman machine #12584
Conversation
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: afbjorklund The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
33179ac
to
cfd479b
Compare
cfd479b
to
76060c8
Compare
The dependency on an internal https://github.com/lima-vm/sshocker/blob/master/cmd/sshocker/run.go But the ssh config file is still needed, for populating "ssh.SSHConfig" struct |
This comment has been minimized.
This comment has been minimized.
How is it relevant to this PR? |
Sorry, my bad. Confused the "sshfs" and the "reverse-sshfs" again, after the renaming. I think it was relevant for |
Allow using the built-in 9pfs feature of qemu, mounting host directories into vm mountpoints. The volumes are generic, the mounts are specific. Wait for the machine to be "running", otherwise the SSH function might throw an error instead. Increase the default msize from 8 KiB to 128 KiB [NO NEW TESTS NEEDED] Signed-off-by: Anders F Björklund <[email protected]>
There are other mount types available, such as NFS or SMB, or one could use reverse sshfs for better compatibility. It could either be a global option, or it could perhaps be overridden for each volume (like the container volumes). Refactor the creation of the options string or array. Allow specifying the volume as read-only, if desired. [NO NEW TESTS NEEDED] Signed-off-by: Anders F Björklund <[email protected]>
76060c8
to
e2c06ae
Compare
Use the same type of mounts for all the machine volumes. The default could change in the future, depending on OS. [NO NEW TESTS NEEDED] Signed-off-by: Anders F Björklund <[email protected]>
This uses sshocker and reverse sshfs fusemount. [NO NEW TESTS NEEDED] Signed-off-by: Anders F Björklund <[email protected]>
Prepare for moving into a more central place. [NO NEW TESTS NEEDED] Signed-off-by: Anders F Björklund <[email protected]>
e2c06ae
to
fb469cd
Compare
Apparently this does not work out-of-the-box with Fedora CoreOS, since it only allows user: [root@localhost ~]# more /etc/fuse.conf
# mount_max = 1000
# user_allow_other
[root@localhost ~]# ls -l /mnt/
ls: cannot access '/mnt/podman': Permission denied
total 0
d????????? ? ? ? ? ? podman Also have to special-case For lima, this FUSE configuration is handled with cloud-init: # Modify /etc/fuse.conf to allow "-o allow_root"
if [ "${LIMA_CIDATA_MOUNTS}" -gt 0 ]; then
if ! grep -q "^user_allow_other" /etc/fuse.conf; then
echo "user_allow_other" >>/etc/fuse.conf
fi
fi |
Avoids having to install an extra helper bin. [NO NEW TESTS NEEDED] Signed-off-by: Anders F Björklund <[email protected]>
The library only handles the absolute paths. [NO NEW TESTS NEEDED] Signed-off-by: Anders F Björklund <[email protected]>
Apparently the library only supports
https://github.com/lima-vm/sshocker/blob/master/pkg/sshocker/sshocker.go EDIT: Needs more support, like keeping track of the sleeping ssh connection and so on. In lima, there are "agents" running on the host and in the guest that keeps track of this. |
Will revisit next year, once the basic volume support is in. Too much hassle handle multiple long-lived branches. The sshocker call is pretty basic, the main issue is that the ssh config is hidden behind the podman "connection". ssh -F ~/.config/containers/podman/machine/qemu/podman-machine-default.config \
podman-machine-default
sshocker -F ~/.config/containers/podman/machine/qemu/podman-machine-default.config \
-v /tmp/podman:/var/mnt/podman podman-machine-default Currently "host:port" is required, rather than "name": |
Opened bugs on sshocker for the outstanding issues, you can use lima for podman meanwhile.
|
What this PR does / why we need it:
This adds sshfs volume support through
sshocker
, for platforms without virtfs.https://github.com/lima-vm/sshocker
It also works for remote servers, beyond those created by
podman machine
For #8016
How to verify it
No tests for
podman machine
yet. Test manually using --volume-driver=sshfsWhich issue(s) this PR fixes:
None
Special notes for your reviewer:
Continuation of PR #11454 which should go first, but has been waiting for a while.