Currently I’m using Lxd via snapd on Debian Buster to containerize my home server. And… I’m new to Lxd / Lxc.
I have 4 containers with different services (nextcloud, samba, tvheadend, lms).
The ID mapping (uid/gid) for the containers are isolated from the host and from each other.
At the moment my data is stored on a sepperate Nas (Samba). My lxd host is accessing the Nas via cifs mounts (sometimes the same shares are mounted to a different path because I need to chown them to match the respective container user uids/gids for r/w).
I have configured different devices and bind mounted them to my containers.
That seems to work great for my usecases.
However, I want to save energy and I would like to use the nas hard disks in my server in the future. The described cifs mounts will then be omitted.
I’m worried about how I can ensure r/w access for multiple containers to the same path on the host in the future.
Is it even possible?
Is there a best practice or a better strategy?
I implemented support for this which will be in LXD 3.16 so long as you have an Ubuntu kernel that’s 5.0 or higher (has shiftfs support).
With such a system, you can do:
lxc config device add CONTAINER DEVICE disk path=/container/path source=/host/path shift=true
And it will show up in the container with the same visible uid/gid as you would see on the host, allowing for it to be passed to multiple isolated containers and show the same uid/gid on all of them.