Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "Orion/Terminal Administration Guide/Shared Filesystem"
(Created page with "= Shared Filesystem = The <tt>orion.ini</tt> file in the Orion distribution specifies a value <tt>-data</tt> which determines that value of the server workspace. If you unzip...") |
(Fix my bad category sort key) |
||
| (4 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| + | This guide contains information on managing the filesystem shared between the Orion server and Docker server. | ||
| + | |||
= Shared Filesystem = | = Shared Filesystem = | ||
The <tt>orion.ini</tt> file in the Orion distribution specifies a value <tt>-data</tt> which determines that value of the server workspace. If you unzip Orion into <tt>/opt/orion</tt>, by default this folder will be <tt>/opt/orion/eclipse/serverworkspace</tt>. | The <tt>orion.ini</tt> file in the Orion distribution specifies a value <tt>-data</tt> which determines that value of the server workspace. If you unzip Orion into <tt>/opt/orion</tt>, by default this folder will be <tt>/opt/orion/eclipse/serverworkspace</tt>. | ||
| + | |||
| + | = Shared Folder User Access = | ||
| + | |||
| + | It is expected that the Orion server process is not running as root. Usually a non root user, such as <tt>orionuser</tt> in <tt>oriongroup</tt> is used to run the Orion server. | ||
The server workspace is where each users projects and files are located. This folder must be accessible by both the Orion server and Docker server at the same location. So if the Orion server is reading and writing to <tt>/serverworkspace</tt> as specified on it's <tt>orion.ini</tt>, then the docker server also needs to be able to read and write the same folder at <tt>/serverworkspace</tt>. | The server workspace is where each users projects and files are located. This folder must be accessible by both the Orion server and Docker server at the same location. So if the Orion server is reading and writing to <tt>/serverworkspace</tt> as specified on it's <tt>orion.ini</tt>, then the docker server also needs to be able to read and write the same folder at <tt>/serverworkspace</tt>. | ||
| − | + | In addition, the files would be be created and owned by the same <tt>orionuser</tt> (uid 1000) and group <tt>oriongroup</tt> (gid 1000) on both servers. | |
| + | |||
| + | = NFS Considerations = | ||
It should be noted that since the Docker daemon runs as root, the <tt>/serverworkspace</tt> will need to be accessable and readable by root on the Docker server. | It should be noted that since the Docker daemon runs as root, the <tt>/serverworkspace</tt> will need to be accessable and readable by root on the Docker server. | ||
| Line 12: | Line 20: | ||
A way to specify in <tt>/etc/exports</tt> would be as follows: | A way to specify in <tt>/etc/exports</tt> would be as follows: | ||
| − | + | /serverworkspace 192.128.121.22(rw,sync,no_subtree_check,all_squash,anonuid=1000,anongid=1000) | |
| + | |||
| + | In the case above, we specify <tt>anonuid</tt> and <tt>anongid</tt> so that all access is via the same Orion <tt>orionuser</tt> (uid 1000) and group <tt>oriongroup</tt> (gid 1000). To make sure that the Docker daemon can read and write within the Orion serverworkspace, a simple test if to make sure <tt>touch /serverworkspace/newfile.txt</tt> runs successfully as root on the Docker server and the resulting file is visible as an update on the Orion server and is owned by the userid 1000. | ||
| − | + | [[Category:Orion]] | |
Latest revision as of 10:27, 14 February 2014
This guide contains information on managing the filesystem shared between the Orion server and Docker server.
The orion.ini file in the Orion distribution specifies a value -data which determines that value of the server workspace. If you unzip Orion into /opt/orion, by default this folder will be /opt/orion/eclipse/serverworkspace.
It is expected that the Orion server process is not running as root. Usually a non root user, such as orionuser in oriongroup is used to run the Orion server.
The server workspace is where each users projects and files are located. This folder must be accessible by both the Orion server and Docker server at the same location. So if the Orion server is reading and writing to /serverworkspace as specified on it's orion.ini, then the docker server also needs to be able to read and write the same folder at /serverworkspace.
In addition, the files would be be created and owned by the same orionuser (uid 1000) and group oriongroup (gid 1000) on both servers.
NFS Considerations
It should be noted that since the Docker daemon runs as root, the /serverworkspace will need to be accessable and readable by root on the Docker server.
Normally we do not want root to be able to read and write via NFS. We limit this access by having Docker server access /serverworkspace with a special configuration.
A way to specify in /etc/exports would be as follows:
/serverworkspace 192.128.121.22(rw,sync,no_subtree_check,all_squash,anonuid=1000,anongid=1000)
In the case above, we specify anonuid and anongid so that all access is via the same Orion orionuser (uid 1000) and group oriongroup (gid 1000). To make sure that the Docker daemon can read and write within the Orion serverworkspace, a simple test if to make sure touch /serverworkspace/newfile.txt runs successfully as root on the Docker server and the resulting file is visible as an update on the Orion server and is owned by the userid 1000.