Does not work on ubuntu server 20.04

[tadly]

While the container starts up properly without any errors, I'm unable to connect from any client.
While using the hosts nfs-server.service everything works as expected.

I sadly have no idea how to debug any of this but will gladly help any way I can.
Not sure if this is connected to #41 maybe?

Infos

Apparmor I disabled and I ultimately outright purged it (don't need it)

Edit Friend just told me that it's part of the kernel. I did test with apparmor=0 though which
didn't work either

docker-compose

version: '3'

services:
  nfs:
    container_name: nfs
    image: erichough/nfs-server:latest
    network_mode: 'host'
    privileged: true
    volumes:
      # Config
      - '/docker/data/nfs/exports:/etc/exports:ro'
      # Shares
      - '/mnt/Backups:/Backups'
      - '/mnt/Documents:/Documents'
      - '/mnt/Multimedia:/Multimedia'
    restart: unless-stopped

Startup-log

==================================================================
      SETTING UP ...
==================================================================
----> log level set to DEBUG
----> will use 4 rpc.nfsd server thread(s) (1 thread per CPU)
----> /etc/exports is bind-mounted
----> kernel module nfs is loaded
----> kernel module nfsd is loaded
----> setup complete

==================================================================
      STARTING SERVICES ...
==================================================================
----> mounting rpc_pipefs filesystem onto /var/lib/nfs/rpc_pipefs
mount: mount('rpc_pipefs','/var/lib/nfs/rpc_pipefs','rpc_pipefs',0x00008000,'(null)'):0
----> mounting nfsd filesystem onto /proc/fs/nfsd
mount: mount('nfsd','/proc/fs/nfsd','nfsd',0x00008000,'(null)'):0
----> starting rpcbind
----> starting exportfs
exporting *:/Multimedia
exporting *:/Documents
exporting *:/Backups
----> starting rpc.mountd on port 32767
----> starting rpc.statd on port 32765 (outgoing from port 32766)
----> starting rpc.nfsd on port 2049 with 4 server thread(s)
rpc.nfsd: knfsd is currently down
rpc.nfsd: Writing version string to kernel: -2 +3 +4 +4.1 +4.2
rpc.nfsd: Created AF_INET TCP socket.
rpc.nfsd: Created AF_INET UDP socket.
rpc.nfsd: Created AF_INET6 TCP socket.
rpc.nfsd: Created AF_INET6 UDP socket.
rpc.statd: Version 2.3.4 starting
rpc.statd: Flags: No-Daemon Log-STDERR TI-RPC 
rpc.statd: Local NSM state number: 3
rpc.statd: Running as root.  chown /var/lib/nfs to choose different user
rpc.statd: Waiting for client connections
----> all services started normally

==================================================================
      SERVER STARTUP COMPLETE
==================================================================
----> list of enabled NFS protocol versions: 4.2, 4.1, 4, 3
----> list of container exports:
---->   /Multimedia	*(rw,sync,wdelay,hide,crossmnt,insecure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,root_squash,no_all_squash)
---->   /Documents	*(rw,sync,wdelay,hide,crossmnt,insecure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,root_squash,no_all_squash)
---->   /Backups	*(rw,sync,wdelay,hide,crossmnt,insecure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,root_squash,no_all_squash)
----> list of container ports that should be exposed:
---->   111 (TCP and UDP)
---->   2049 (TCP and UDP)
---->   32765 (TCP and UDP)
---->   32767 (TCP and UDP)

==================================================================
      READY AND WAITING FOR NFS CLIENT CONNECTIONS
==================================================================

[ehough]

Hello and my apologies for the super-long delay in responding.

A quick look at your docker-compose.yml indicates that you perhaps forgot to expose the container ports. i.e. it should look something like this:

version: '3'

services:
  nfs:
    container_name: nfs
    image: erichough/nfs-server:latest
    network_mode: 'host'
    privileged: true
    volumes:
      # Config
      - '/docker/data/nfs/exports:/etc/exports:ro'
      # Shares
      - '/mnt/Backups:/Backups'
      - '/mnt/Documents:/Documents'
      - '/mnt/Multimedia:/Multimedia'
    restart: unless-stopped

    # THESE LINES ARE MISSING ...
    # vvvvvvvvvvvvvvvvvvvvvvvvvvvvv
    ports:
      - 2049:2049
      - 2049:2049/udp
      - 111:111
      - 111:111/udp
      - 32765:32765
      - 32765:32765/udp
      - 32767:32767
      - 32767:32767/udp

Give that a try?

[tadly]

No worries and thanks for getting back to me.

I am using network_mode: 'host' though so I really shouldn't need that.
I tested anyways (removing host mode) and as expected I have the exact same issue.

Edit:
I just figured out the issue. It's rpcbind which runs on port uses port 111.
If I start the container in host mode, nothing ever complains but silently fails to bind to that port.

When testing earlier using port-mapping I used non-existing nfs-paths as I restructured some stuff some time ago.

[tadly]

Okay, one more update.

I wasn't aware that rpcbind is basically part of nfs.
On ubuntu systems, nfs-common seems to be pre-installed which also installes and enables rpcbind.

As such docker-nfs silently fails in host-mode or complains when trying to bind to 111.

Solution: Either remove nfs-common if you don't need it or systemctl mask rpcbind

[flebel]

Solution: Either remove nfs-common if you don't need it or systemctl mask rpcbind

On top of systemctl mask rpcbind, I also had to:

systemctl stop rpcbind.socket
systemctl disable rpcbind.socket