NFS problem with Mac OS and CentOS box

[Agusti Tomas]

Hello,

I am having a problem when trying to mount nfs folders on a CentOS guest box.

As you may know the latest CentOS box disabled VirtualBox Guest additions and the default mode for mounting folders is now rsync (to know more: https://seven.centos.org/2016/08/updated-centos-vagrant-images-available-v1607-01/), however I prefer NFS since rsync is giving me a problem with the ".vagrant" folder, I openend a separate thread for this, see: (TBD).

So my environment is as follows:

OS X Yoseminge 10.10.5 (encrypted disk)
Vagrant 1.8.5
Latest centos/7 box: https://atlas.hashicorp.com/centos/boxes/7/versions/1607.01

I also followed intructions by amontalban in this thread and opened the firewall for a series of nfs related executables: https://github.com/mitchellh/vagrant/issues/1093

For anyone having issues with OSX + NFS you can execute this in your OSX host:

sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add "/usr/sbin/rpcbind"
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --unblockapp "/usr/sbin/rpcbind"
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add "/sbin/nfsd"
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --unblockapp "/sbin/nfsd"
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add "/usr/sbin/rpc.statd"
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --unblockapp "/usr/sbin/rpc.statd"
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add "/usr/sbin/rpc.lockd"
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --unblockapp "/usr/sbin/rpc.lockd"
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add "/usr/libexec/rpc.rquotad"
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --unblockapp "/usr/libexec/rpc.rquotad"
sudo nfsd restart

That should allow all related daemons in firewall and restart NFS service to allow incoming connections from VM.

Based on @wgabka and @dkubb info.

Hope it helps someone!

Vagrantfile:

# -*- mode: ruby -*-
# vi: set ft=ruby :

#Problem with getting SSH keys into guest machine in vagrant 1.8.5
# => See comment by scottsb in:
# =>    https://github.com/mitchellh/vagrant/issues/7610#event-729670376

Vagrant.configure(2) do |config|
    #Why (nfs: true)? https://github.com/mitchellh/vagrant/issues/6769
    #     https://seven.centos.org/2016/08/updated-centos-vagrant-images-available-v1607-01/
    if ENV["USE_RSYNC"]
        config.vm.synced_folder ".", "/vagrant", type: "rsync",
        rsync__args: ["--verbose"]
    else
        config.vm.synced_folder ".", "/vagrant", type: "nfs"
    end
   
    config.vm.box = "centos/7"
 
    config.vm.provider "virtualbox" do |vb|
        vb.memory = "1024"
    end
 
    exsIps = ['50', '54']
    exsInternalIps = ['10', '20']
    (1..1).each do |i|
        config.vm.define "exs#{i}" do |d|
            d.vm.hostname = "exs#{i}"
            d.vm.network "private_network", ip: "192.168.20.#{exsIps.at(i-1)}"
            d.vm.network "private_network", ip: "192.168.10.#{exsInternalIps.at(i-1)}",
                virtualbox__intnet: "exposure-internal"
            d.vm.provision :shell, path: "scripts/workarounds/restartNetwork.sh"
            d.vm.provider "virtualbox" do |v|
                v.name = "exs#{i}"
            end
        end
    end

    # config.vm.define :simulators do |d|
#         d.vm.hostname = "simulators"
#         d.vm.network "private_network", ip: "192.168.20.100", netmask: "255.255.255.128"
#         d.vm.provision :shell, path: "scripts/workarounds/restartNetwork.sh"
#         d.vm.provider "virtualbox" do |v|
#             v.name = "simulators"
#         end
#     end
   
    config.vm.define "buildmaster" do |d|
       d.vm.hostname = "buildmaster"
       d.vm.network "private_network", ip: "192.168.20.200"
       d.vm.provision :shell, path: "scripts/workarounds/restartNetwork.sh"
       d.vm.provision :shell, path: "scripts/install_ansible.sh"
       d.vm.provision :shell, inline: "PYTHONUNBUFFERED=1 ansible-playbook /vagrant/ansible/buildmaster.yml -i /vagrant/ansible/hosts -c local"
       d.vm.provision :shell, inline: "PYTHONUNBUFFERED=1 ansible-playbook /vagrant/ansible/exs.yml -i /vagrant/ansible/hosts"
       d.vm.provider "virtualbox" do |v|
           v.name = "buildmaster"
       end
    end

    if Vagrant.has_plugin?("vagrant-cachier")
        config.cache.scope = :box
       
        if ENV["USE_RSYNC"]
            config.cache.synced_folder_opts = {
                type: :rsync
            }
        else
            # Source https://github.com/GulDmitry/vagrant-boxes/blob/master/lamp/Vagrantfile
            config.cache.synced_folder_opts = {
                  type: :nfs,
                  mount_options: ['rw', 'vers=3', 'tcp', 'nolock']
            }
        end
    end

end

 Output from vagrant up:

Bringing machine 'exs1' up with 'virtualbox' provider...
Bringing machine 'buildmaster' up with 'virtualbox' provider...
==> exs1: Importing base box 'centos/7'...
==> exs1: Matching MAC address for NAT networking...
==> exs1: Checking if box 'centos/7' is up to date...
==> exs1: Setting the name of the VM: exs1
==> exs1: Clearing any previously set network interfaces...
==> exs1: Preparing network interfaces based on configuration...
    exs1: Adapter 1: nat
    exs1: Adapter 2: hostonly
    exs1: Adapter 3: intnet
==> exs1: Forwarding ports...
    exs1: 22 (guest) => 2222 (host) (adapter 1)
==> exs1: Running 'pre-boot' VM customizations...
==> exs1: Booting VM...
==> exs1: Waiting for machine to boot. This may take a few minutes...
    exs1: SSH address: 127.0.0.1:2222
    exs1: SSH username: vagrant
    exs1: SSH auth method: private key
    exs1: Warning: Remote connection disconnect. Retrying...
    exs1: Warning: Remote connection disconnect. Retrying...
    exs1: Warning: Remote connection disconnect. Retrying...
    exs1:
    exs1: Vagrant insecure key detected. Vagrant will automatically replace
    exs1: this with a newly generated keypair for better security.
    exs1:
    exs1: Inserting generated public key within guest...
    exs1: Removing insecure key from the guest if it's present...
    exs1: Key inserted! Disconnecting and reconnecting using new SSH key...
==> exs1: Machine booted and ready!
==> exs1: Checking for guest additions in VM...
    exs1: No guest additions were detected on the base box for this VM! Guest
    exs1: additions are required for forwarded ports, shared folders, host only
    exs1: networking, and more. If SSH fails on this machine, please install
    exs1: the guest additions and repackage the box to continue.
    exs1:
    exs1: This is not an error message; everything may continue to work properly,
    exs1: in which case you may ignore this message.
==> exs1: Setting hostname...
==> exs1: Configuring and enabling network interfaces...
==> exs1: Exporting NFS shared folders...
==> exs1: Preparing to edit /etc/exports. Administrator privileges will be required...
==> exs1: Mounting NFS shared folders...
The following SSH command responded with a non-zero exit status.
Vagrant assumes that this means the command failed!

set -e
mkdir -p /vagrant
mount -o vers=3,udp 192.168.20.1:/Users/eagutom/repo/Exposure_Switch/ex-container /vagrant
if command -v /sbin/init && /sbin/init --version | grep upstart; then
  /sbin/initctl emit --no-wait vagrant-mounted MOUNTPOINT=/vagrant
fi


Stdout from the command:



Stderr from the command:

mount.nfs: access denied by server while mounting 192.168.20.1:/Users/eagutom/repo/Exposure_Switch/ex-container

And gist with debug log from ´vagrant up´:

https://gist.github.com/agusti-t/51634486159c2c962ab767cdd8e1279c

I also had one occasion when this worked, i.e. the vagrant up command didn't give me any error and the folders were correctly mounted. All in all this is driving me a bit crazy. Any idea on what could this be?

[Alvaro Miranda Aguilera]

Hello

Try to mount something from your host that is outside /Users

try mounting 

sudo mkdir -p /usr/local/test

sudo chown -R <youruser> /usr/local/test

then mount /usr/local/test

OSX have some security features that make home directory to fail sometimes

Alvaro

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/vagrant/issues
IRC: #vagrant on Freenode
---
You received this message because you are subscribed to the Google Groups "Vagrant" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/4fac982f-7070-4026-a571-50187a433502%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Alvaro

(+31)103400555

[Agusti Tomas]

Thanks for your reply Álvaro, I'll try it when I have some time. For now I have found a workaround for my rsync problem.

To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/4fac982f-7070-4026-a571-50187a433502%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Alvaro

(+31)103400555

--

This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/vagrant/issues
IRC: #vagrant on Freenode
---

You received this message because you are subscribed to a topic in the Google Groups "Vagrant" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/vagrant-up/wLINlRfJ8Os/unsubscribe.
To unsubscribe from this group and all its topics, send an email to vagrant-up+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/CAHqq0ezVG520KHGmcW6WtN3aAc7bEb9YfCKdJXFoXXf8Ad1%2Bsg%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

--

Agustí Tomàs