Persistent storage in Docker containers using Rancher-NFS

Written by Pim on Monday April 17, 2017 - Comment - Permalink
Categories: docker, rancher, devops, howto - Tags: nfs, rancher-nfs, centos7

Rancher-NFS is a docker container which integrates with the Rancher platform and leverages the NFS protocol to mount volumes into your docker container. Because NFS is a network protocol, it doesn't matter on which node you docker container is running, as long as it is on the same network as the NFS server. With Rancher-NFS you can have persistent storage in your Docker containers without sacrificing high availability and best practices.

Rancher-NFS is only a service managing the NFS shares and server. It will create the NFS paths if they don't exist, mount the paths into the docker containers, and remove them when the Docker container is also removed. Rancher-NFS can be installed from the Rancher Catalog, but before we are going to boot up the Rancher-NFS container, we have to install an NFS server.

Rancher-NFS only supports NFSv4 (Read here about the differences between NFSv3 and NFSv4 on Quora), so we have to install an NFSv4 server. I have a single node setup running on CentOS 7 and I will use the YUM packet manager to install the NFS server.

$ yum -y install nfs-utils nfs4-acl-tools

Enable the NFS server service and start it.

$ systemctl enable nfs-server.service
$ systemctl start nfs-server.service

The NFS server is running with its default configuration, without any shares. To start using the NFS server we have to create a share.

$ mkdir -p /var/nfs/exports

Add the path to the exports configuration.

$ vi /etc/exports
/var/nfs *(fsid=0,rw,sync,no_root_squash,no_subtree_check)

It is important that you don't export /var/nfs/exports but /var/nfs, otherwise this configuration won't work. Then export the directory.

$ exportfs -a

Configure the firewall of your CentOS 7 machine. I've created a new zone called "rancher-pool" and added localhost and the primary IP address of the machine to this new pool. Add the NFS service to the pool to allow the machines to connect to the NFS server.

$ firewall-cmd --new-zone=rancher-pool
$ firewall-cmd --permanent --new-zone=rancher-pool
$ firewall-cmd --permanent --zone=rancher-pool --add-source=<primary IP>/32
$ firewall-cmd --permanent --zone=rancher-pool --add-source=127.0.0.1/32
$ firewall-cmd --permanent --zone=rancher-pool --add-service=nfs
$ firewall-cmd --reload

The NFS server is up and running and it is time to configure the Rancher NFS service. Go to the Rancher web interface and go to the catalog. Search for the "Rancher NFS" service and install it. Provide the NFS server IP address (primary IP of the node) and mount directory (/exports), then launch the Rancher NFS container!

Go to "Infrastructure" -> "Storage" to check if the rancher-nfs is storage driver is available. Add a new volume and check the logs of the Rancher-NFS container. If everything is working as expected, you have a new directory in your /var/nfs/exports and the log is showing you the "created" events. If something is going wrong, it is mostly due to a misconfiguration in your /etc/exports file.

If you found this post useful, or if you have any questions, leave a comment!