-
-
Save seanhandley/7dad300420e5f8f02e7243b7651c6657 to your computer and use it in GitHub Desktop.
version: '2' | |
services: | |
api: | |
volumes: | |
- "nfsmount:${CONTAINER_DIR}" | |
volumes: | |
nfsmount: | |
driver: local | |
driver_opts: | |
type: nfs | |
o: addr=host.docker.internal,rw,nolock,hard,nointr,nfsvers=3 | |
device: ":${SOURCE_DIR}" |
export CONTAINER_DIR=/myapp | |
export SOURCE_DIR=/Users/me/myapp |
#!/usr/bin/env bash | |
OS=`uname -s` | |
if [ $OS != "Darwin" ]; then | |
echo "This script is OSX-only. Please do not run it on any other Unix." | |
exit 1 | |
fi | |
if [[ $EUID -eq 0 ]]; then | |
echo "This script must NOT be run with sudo/root. Please re-run without sudo." 1>&2 | |
exit 1 | |
fi | |
echo "" | |
echo " +-----------------------------+" | |
echo " | Setup native NFS for Docker |" | |
echo " +-----------------------------+" | |
echo "" | |
echo "WARNING: This script will shut down running containers and prune docker volumes." | |
echo "" | |
echo -n "Do you wish to proceed? [y]: " | |
read decision | |
if [ "$decision" != "y" ]; then | |
echo "Exiting. No changes made." | |
exit 1 | |
fi | |
echo "" | |
if ! docker ps > /dev/null 2>&1 ; then | |
echo "== Waiting for docker to start..." | |
fi | |
open -a Docker | |
while ! docker ps > /dev/null 2>&1 ; do sleep 2; done | |
echo "== Stopping running docker containers..." | |
docker-compose down > /dev/null 2>&1 | |
docker volume prune -f > /dev/null | |
osascript -e 'quit app "Docker"' | |
echo "== Resetting folder permissions..." | |
U=`id -u` | |
G=`id -g` | |
sudo chown -R "$U":"$G" . | |
echo "== Setting up nfs..." | |
LINE="/Users -alldirs -mapall=$U:$G localhost" | |
FILE=/etc/exports | |
sudo cp /dev/null $FILE | |
grep -qF -- "$LINE" "$FILE" || sudo echo "$LINE" | sudo tee -a $FILE > /dev/null | |
LINE="nfs.server.mount.require_resv_port = 0" | |
FILE=/etc/nfs.conf | |
grep -qF -- "$LINE" "$FILE" || sudo echo "$LINE" | sudo tee -a $FILE > /dev/null | |
echo "== Restarting nfsd..." | |
sudo nfsd restart | |
echo "== Restarting docker..." | |
open -a Docker | |
while ! docker ps > /dev/null 2>&1 ; do sleep 2; done | |
echo "" | |
echo "SUCCESS! Now go run your containers 🐳" |
there's no need for sudo
in sudo echo "$LINE"
:)
Thanks, super useful!
Any chance you remember how you managed to get it working with nfsv4?
I get this error: “protocol not supported” when using ‘nfsvers=4’, ‘nfsvers=4.1’ and ‘vers=4’
Also, what seemed more stable with nfsv3? I’m actually trying to move to v4 to see if it improves performance, mainly around deleting many files and also how nfsv3 implements the “silly rename” (causing “”Device or resource busy” errors on random .nfsXXXXX’ files)
Just wondering why on line 50 you do sudo chown -R "$U":"$G" .
?
It will change the permission of the current directory and subdirectories where this script is called if I'm right. So the script should probably be executed at the root of you app/shared folder, maybe a small comment could help : )
heads up: OSX Mojave has some new security restrictions. The script as is runs, but does not actually create the /etc/exports due to an unsurfaced permissions error.
Quick fix here:
https://www.cubewebsites.com/blog/software/quick-fix-macos-mojave-vagrant-error-tee-etc-exports-operation-not-permitted/
You can quickly fix this issue by following the following steps:
Open “System Preferences”
Go to “Security & Privacy”
Then Privacy Tab
Click the “padlock” icon in the bottom-left corner where it says “Click the lock to make changes” – enter your password when prompted
On the list of permissions on the left, select “Full Disk Access”
Now, on the right-hand side, click the little “+” icon
This will open a browse window, use this to select your preferred Terminal e.g. “Applications > iTerm” or “Applications > Utilities > Terminal”
If the selected Terminal is already open, you’ll be asked to Quit it – quit the application and restart it
When you restart the selected application, you may prompted if you’d like to allow the app to make changes to your computer – accept and enter your password if required
Try mounting your vagrant machine and now the above error should no longer appear!
@wss-chadical The blog post in your comment above is protected with basic auth.
in my case the file /etc/nfs.conf already existed with other options on my system and it seems the script added the nfs.server.mount.require_resv_port = 0 at the end of the file but without a new line. Took me a while to notice.
With macOS Catalina you have to use the following settings:
setup_native_nfs_docker_osx.sh
LINE="/Users -alldirs -mapall=$U:$G localhost" -> LINE="/System/Volumes/Data/Users -alldirs -mapall=$U:$G localhost"
env_vars.sh
export SOURCE_DIR=/System/Volumes/Data/Users/me/myapp
Thanks for sharing @egobude !
Thanks @egobude!
Thank you @egobude! You saved me!
Thanks @egobude :)
thanks @egobude
Bro are you serious?
https://gist.github.com/seanhandley/7dad300420e5f8f02e7243b7651c6657#file-setup_native_nfs_docker_osx-sh-L43
docker volume prune -f
??
Seriously, get rid of that, someone is going to fuck their shit up with that.
what would be the commands for HighSierra version ?
Bro are you serious?
https://gist.github.com/seanhandley/7dad300420e5f8f02e7243b7651c6657#file-setup_native_nfs_docker_osx-sh-L43
docker volume prune -f
??Seriously, get rid of that, someone is going to fuck their shit up with that.
@theorician I wrote this script to help set up our dev env at work. Works fine for us, but YMMV.
- Feel free to fork it.
- Configuring Docker is definitely not my area of expertise. If you want to suggest a safer command to recreate volumes, please let me know and I'll update the script.
- Please consider refining your approach in future when commenting on code people have shared freely. You can save your "bro" and your "fuck shit up" for arguing with minors in online games - keep your language civil and your feedback constructive and help make the world a more pleasant place in which to collaborate ❤️
Bro are you serious?
seanhandley/7dad300420e5f8f02e7243b7651c6657#file-setup_native_nfs_docker_osx-sh-L43
docker volume prune -f
??Seriously, get rid of that, someone is going to fuck their shit up with that.
Indeed the pruning is not really expected. It can be easily missed when read. I missed it :p. Maybe a prompt to do it or not would prevent people from loosing their data while testing the script. It would be a nice addition to this (awesome) gist.
I've updated the warning to:
WARNING: This script will shut down running containers and prune docker volumes.
I'm open to suggestions for how to handle recreating volumes in a more targeted way 👍
I also encourage D4M users to try this new edge feature - maybe it removes the need to workaround performance issues via NFS as done in this gist https://docs.docker.com/docker-for-mac/mutagen-caching/
What about the embedded kubernetes with docker-for-mac ( or docker-for-desktop). it has already strogeclass "hostpath" as default.
Can we leverage this solution for dynamic PV provisioning with NFS (RWX) mount using Docker for Desktop ?
How would you do this on Linux, I don't have a host.docker.internal
on my network. Is this the docker gateway address?
I test my NFS configuration ans it's so slow
Composer install test on Magento :
no bind, no NFS, directly docker environment : 1m25
no bind, NFS Volume: 10m45 AND the permissions are not the goods ones
Maybe my config is not optimal but for me now on ma, the best performance is the following methods :
- mount bind delegated custom code directory
- not bind log, var, cache, vendor directory (keep only on docker environment)
I keep trying to follow this guide and no matter how much I try to adjust permissions, it still continues to display an error and state: "Operation Not Supported"
I've allowed full disk access for iterm, console, nfsd.
My root cause it probably because my projects dont live in my home directory. They are on a separate volume, which I have still listed in my /etc/exports folder:
/System/Volumes/Data/Users -alldirs -mapall=501:20 localhost
/Volumes/Data/Docker -alldirs -mapall=501:20 localhost
/Volumes/Media -alldirs -mapall=501:20 localhost
Seems to be broken for docker desktop > 3.2.2
Firstly thanks for this script @seanhandley, you've helped so many of us! 🙇
Seems to be broken for docker desktop > 3.2.2
Running Docker Desktop (for mac) v3.5.1 and working fine here 🙆.
I'm open to suggestions for how to handle recreating volumes in a more targeted way 👍
If we're talking about only removing volumes for the current docker project, docker down -v
may be a nicer solution 😸. Removes only named volumes from the compose file (See docker-compose down documentation)
@jamsinclair yeah now it's working with v3.5.1, but thanks to the new docker volumes management (mutagen). No need for NFS volumes anymore (you can also remove your old :cached and :delegated flags)
@dev-danim appreciate the update! Do you have any links around that? I don't see much mention of volume performance improvements in any of the docker blog and github material I'm browsing.
Edit: From what I can gather Docker went with "gRPC FUSE" instead of mutagen that has improved performance and made :delegated
, :cached
and :ro
flags redundant. Still trying to track down which version this moved from experimental to stable. Seems to have flown under the radar.
tldr; as @dev-danim pointed out just update to the latest Docker Desktop build 😸. You may not need NFS mounts anymore.
Relevant Links:
Is there any special requirement for M1 macs? I am struggling to start containers on it.
Stuck here -> data: addr=192.168.65.2,nolock,hard,nointr,nfsvers=3: invalid argument
Thank you very effective !