2

I am building a docker image from a dockerfile. However I am doing some installs from files that are currently hosted on a NFS share. In regular Centos I mount the drive with mount.nfs, then run the commands to do the install and point to the NFS share as repository for the install files.

Is there any way to do this with dockers? I read a few posts of docker run -v, but I am not ready to run the docker yet, I first need to create the image.

The alternative is copy the whole repository via zip or tar, then unarchive, do the install and then delete files. However I think this will end up in a huge image.

John Kugelman
  • 349,597
  • 67
  • 533
  • 578
warhansen
  • 704
  • 1
  • 8
  • 22

2 Answers2

2

You'll need experimental software (as of writing) for doing this.

First of all, you have to create a buildx builder instance:

docker buildx create --name insecure --driver docker-container \
   --driver-opt image=moby/buildkit:master \
   --buildkitd-flags '--allow-insecure-entitlement security.insecure \
   --allow-insecure-entitlement network.host'

As of today, the latest release (v0.9.0) of buildkit doesn't have the --insecure support, so you need master. You should issue this command as the user which does the build.

Then you'll need to add these to your Dockerfile:

# syntax = docker/dockerfile:experimental
RUN --security=insecure mkdir /nfs && \
   mount -t nfs -o nolock -o vers=4 $SERVER_IP:/nfs /nfs && \
   ls -la /nfs

Third, you have to do your build with buildx and give the following options (--allow and --builder along with your normal options):

docker buildx build --allow security.insecure,network.host \
   --builder insecure \
   -t image:tag --file=Dockerfile .

You should then have your NFS server mounted at /nfs.

Be aware that this mount will be present only in the same RUN context, because all those steps run in a different container. The next RUN line will see only an empty /nfs directory. So you should do everything which needs data from /nfs from that RUN step!

user582175
  • 954
  • 12
  • 17
-3

When you are building docker image you have full access to host's file system what means that you should easily write in Dockerfile

ADD /nfs-path/file /path-inside-docker-image/file

You don't need any additional action in docker to do that.

Jakub Bujny
  • 4,400
  • 13
  • 27
  • The install isn't just one or 2 files, it consists of directories of a lot of small files – warhansen Sep 03 '18 at 13:17
  • I don't want to copy over all the files. The install often simply reads the files for other information. I am trying to avoid copying over the files into the docker. I also found this post: https://stackoverflow.com/questions/26050899/how-to-mount-host-volumes-into-docker-containers-in-dockerfile-during-build – warhansen Sep 03 '18 at 13:31
  • 2
    You cannot reference arbitrary host paths in the Dockerfile. You must copy whatever content into the ("context") directory containing the Dockerfile before you can COPY or ADD it. – David Maze Sep 03 '18 at 23:58
  • This does not answer the OP's question. There are a number of reasons why you might want to NFS mount during the build process, one being if you had a local yum repo or the like to install RPMs. As others have mentioned, your answer requires copying the files to a local staging directory, which creates duplicates on the host. – stix Feb 22 '21 at 22:36