Using root squashing on a Network File System (NFS) volume prevents remote root users from having root access to the volume. Without additional configuration to support NFS root squashing, these volumes cannot be backed up or restored.
Prerequisites
All files and folders on the NFS volume must be owned by the same owner and group. If any file or folder on the volume uses a different user identifier (UID) or group identifier (GID), backups fail.
Steps
Create a storage class with root-client access enabled. For example, set the property
RootClientEnabled when creating a
PowerScale/Isilon storage class.
Create a ConfigMap named
ppdm-root-access-storage-class-mapping in the PowerProtect namespace.
In the data section of the ConfigMap, add a storage-class mapping in the following format:
name of storage class with root-client access disabled:
name of storage class with root-client access enabled
For example, to map
isilon-root-squashing-sc to
isilon-allow-backups-sc, type:
isilon-root-squashing-sc:
isilon-allow-backups-sc
NOTE:During the restore of root squashed volumes, the data mover pod (cproxy) runs with the UID of the file owner that is captured during backup. When using storage class mapping during the restore of root squashed volume backups, ensure that the CSI driver for the target storage class sets the permissions for the PVC volume path in a manner that allows writes from pods running as
nonroot. CSI drivers allow setting volume path permissions as part of the driver configuration, or as parameters in storage class. Check your CSI driver documentation for more information.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\