[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: NFS mount from Qemu guest?
From: |
Andrew Klaassen |
Subject: |
RE: NFS mount from Qemu guest? |
Date: |
Tue, 9 Jul 2024 17:54:23 +0000 |
Hi Vadim,
I was able to do something similar as a test, where I created an NFS server on
the host (with "insecure" in /etc/exports) that the guest was able to access.
Unfortunately I don't think that will work for us in production since there are
many terabytes of data on the NFS server that I actually want to access, so I
wouldn't be able to sync it all over to the host.
The kernel parameters idea might come in handy for us at some point, though, so
thanks for that.
Andrew
> -----Original Message-----
> From: Vadim Idelchuk <vadim.idelchuk@mail.ru>
> Sent: Tuesday, July 9, 2024 1:41 PM
> To: Andrew Klaassen <andrew.klaassen@boatrocker.com>; qemu-
> discuss@nongnu.org
> Subject: RE: NFS mount from Qemu guest?
>
> [You don't often get email from vadim.idelchuk@mail.ru. Learn why this is
> important at https://aka.ms/LearnAboutSenderIdentification ]
>
> ***** [EXTERNAL EMAIL] Exercise caution with any links herein *****
>
> Hi,
>
> I solved this problem by other way.
>
> 1. I defined on host NFS server with exported folder 2.IP address of the host
> I
> transferred to QEMU guest (Linux) as part IP parameters as gateway IP
> together with guest IP address and subnet mask.
> 3.I created startup service that parsed the kernel IP parameters and mounted
> as NFS client to the exported folder
>
> Best regards
>
> Vadim Idelchuk
>
> vadim.idelchuk@mail.ru
>
> -----Original Message-----
> From: qemu-discuss-bounces+vadim.idelchuk=mail.ru@nongnu.org
> [mailto:qemu-discuss-bounces+vadim.idelchuk=mail.ru@nongnu.org] On
> Behalf Of Andrew Klaassen
> Sent: יום ג 09 יולי 2024 19:55
> To: qemu-discuss@nongnu.org
> Subject: NFS mount from Qemu guest?
>
> I've been trying to get an NFS share mounted on a Qemu guest from an NFS
> server which does not allow connections from unprivileged ports.
>
> I have tried a bunch of different guestfwd options, thinking that they might
> help me get my outgoing connections from the guest back down into the
> privileged port range, but so far no luck.
>
> Here's the basic command I'm running. It's based on the Qemu command
> generated by Packer, which is what I'm ultimately trying to get working:
>
> /usr/local/bin/qemu-system-x86_64 -serial stdio -boot once=d -drive
> file=v001.qcow2,if=virtio,cache=writeback,discard=ignore,format=qcow2 -
> drive file=systemrescue-11.01-amd64.iso,media=cdrom -m 2048M -vnc
> 127.0.0.1:33 -cpu host -smp 1 -name packer-centos7 -device virtio-
> net,netdev=user.0 -machine type=pc,accel=kvm -netdev
> user,id=user.0,hostfwd=tcp::2262-:22,guestfwd=
>
> For the guestfwd= clause, I've tried things like:
>
> guestfwd=tcp:10.0.2.100:111-cmd:netcat 10.31.32.15
> 111,guestfwd=tcp:10.0.2.100:2049-cmd:netcat 10.31.32.15
> 2049,guestfwd=tcp:10.0.2.100:300-cmd:netcat 10.31.32.15 300 ...the
> outgoing connections still come from unprivileged ports
>
> guestfwd=tcp:0.0.0.0:700-tcp:10.0.2.2:700
> ...with "sysctl -w sunrpc.min_resvport=700; sysctl -w
> sunrpc.max_resvport=700" in the guest before trying the NFS mount ...same,
> outgoing connections still come from unprivileged ports
>
> guestfwd=tcp:<nfs server ip>:700-tcp:10.0.2.2:700 ...this one breaks VNC for
> some reason and I can't reach the guest to try anything
>
> There are a bunch of other random things I've tried, too. I obviously don't
> understand what I'm doing. Does anybody have a recipe for making this
> work?
> Is guestfwd even the correct option to use for this?
>
> Thanks.
>
> Andrew
>
>
>
>
>
> --
> Это сообщение было проверено антивирусным ПО Avast на наличие
> вирусов.
> www.avast.com