CIFS mounting on boot using domain name and credentials file #3061
Description
RancherOS Version: 1.5.8
Where are you running RancherOS? (docker-machine, AWS, GCE, baremetal, etc.)
In a VM on Proxmox VE 7.0
Hello!
I want to keep containers' volumes on a SMB share, so in order to achieve that, I've put the following in my config:
#cloud-config
mounts:
- - "//my_nas_dns_address/share_name"
- "/mnt/mountpoint"
- "cifs"
- "credentials=/root/.cifs,iocharset=utf8,_netdev"
And, of course, the /root/.cifs:
username=XXX
password=YYY
Unfortunately, this doesn't work. The dmesg complains:
[ 15.422067] Unable to determine destination address.
I changed the mount to use an IP address instead of domain, this solved the issue above, but produced another one:
[ 62.978180] CIFS VFS: No username specified
After changing the credentials=/root/.cifs to username=XXX,password=YYY it stared to work. But I don’t like that workaround as it exposes the secrets in configuration.
To solve first issue ( Unable to determine destination address ) I switched to ubuntu console and installed the cifs-utils package. Then I tried adding name resolve order = host lmhosts wins bcast to /etc/samba/smb.conf, as mentioned here, but it sill didn’t accept the host DNS name.
I can live with hardcoded IP address, but I cannot stand the secrets being hardcoded in the config file.
Is there something that I'm missing?
The sudo mount -t cifs "//my_nas_address/share_name" "/mnt/mountpoint" -o credentials=/root/.cifs,iocharset=utf8,_netdev works (but again - only after I switched to ubuntu console and I installed cifs-utils package).
In topics unrelated to RancherOS, according to the internet, those issues should be solved by installing cifs-utils.
If I understand the architecture correctly, the udev container listed in system-docker is the one responsible for mounts. My guess is that the image of this container (rancher/os-base) does not have the cifs-utils. Is this true? If so, can I work around this somehow?