Are overlay mounts supposed to work?

[Ron Braunstein]

I have an overlay mount in config.json that works for "runc", but not for "runsc"

$ grep -B2 -A7 overlay config.json

{

"destination": "/ov",

"type": "overlay",

"options": [

"lowerdir=/tmp/lower",

"upperdir=/tmp/upper",

"workdir=/tmp/work"

]

}

I'm expecting to have an "/ov" mount in the container that uses the host /tmp/lower and /tmp/upper directories.

=== Run the container with runsc ===

(base) ron@gamer:~/runsc/bundle$ sudo runsc run demo

bash: /root/.bashrc: Permission denied

root@runsc:/# mount

none on / type overlayfs (rw)

none on /dev/pts type devpts (rw)

none on /proc type proc (rw)

none on /dev type overlayfs (rw)

none on /sys type sysfs (ro,noexec)

none on /tmp type tmpfs (rw)

root@runsc:/# df -H /ov

Filesystem      Size  Used Avail Use% Mounted on

-               206G  198G  7.5G  97% /ov

root@runsc:/# touch /ov/hi

touch: cannot touch '/ov/hi': Permission denied

root@runsc:/# exit

exit

==== on the host ===

(base) ron@gamer:~/runsc/bundle$ ls -ltr /tmp/lower /tmp/upper /tmp/work

/tmp/upper:

total 0

/tmp/lower:

total 4

-rw-rw-r-- 1 ron ron 3 Nov  5 20:46 file2

/tmp/work:

total 4

d--------- 2 root root 4096 Nov  5 21:14 work

[Fabricio Voznika]

Overlay mount type is not yet supported by runsc and gets ignored. I don't see any reason why it couldn't be supported. I created https://github.com/google/gvisor/issues/4768 to track it. As a workaround, runsc has an option to add an overlay on top of all mounts in the container with the --overlay flag (see here how to set flags). Does this work for you?

--
You received this message because you are subscribed to the Google Groups "gVisor Users [Public]" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gvisor-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gvisor-users/cb6e8609-c806-4e40-a895-fbd315954cddn%40googlegroups.com.