After some month of learning/praticsing Docker on my PI3, i’v discovered the Balena Ecosystem and found it very usefull even for my pure home project (Domotic stuff, Nas, PlexMediaServer, VPN server , OwnCloud…)… i think a am a little geeky guy
But after reading for few hours official documention, forum post… i am a litte bit lost in the best way [or best practice] to share an external SSD drive plugged on my PI
do i have to mount it on my host first, but i am not sure we are able to do it on the balenaOS just like in a standard Linux system (FSTAB or SystemD). I thinking it is not necessary to mount it.
do i have to specify my /dev/<MY_USB_UUID> on the device section of my docker-compose.yml ??
Thank you for any help.
Regards from Toulouse\France (and sorry for my bad english)
Hi,
So sorry to hear our documentation is not helpful here.
The idea is to have the SSD exposed to your container. Container privileged + UDEV running inside the container would be the best setup, this part in our documentation describes how to enable UDEV in a balenalib base image: https://www.balena.io/docs/reference/base-images/base-images/#major-changes. Once the container has the ability to see the SSD (it would be exposed as /dev/sdX), you can go ahead and mount it, here are you few ways to achieve the mount: https://www.balena.io/docs/learn/develop/runtime/#mounting-external-storage-media.
Let us know if it works.
Kind regards,
Theodor
I will let notice you if it is working (i am sure will … but one more question please :
Is it mandatory to run the service in “Priviliged” mode just for accessing one or two host /dev things… because it can become a security hole ??? I am right ?
So this depends a bit on your use case. If you’re running a single container application, then that service is privileged. If you’re running a multicontainer application then by default none of the services are. What you can do is specify which devices you want to use in your docker-compose.yml (as you noted), and add the SYS_RAWIO capability. https://www.balena.io/docs/learn/develop/hardware/ shows an example of this.
Hi.
I can confirm that i am able to see my /dev/sda1 on my container :
`root@cf60cfe:/mnt# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 931.5G 0 disk
└─sda1 8:1 0 931.5G 0 part ’
i do not see any error on the build process
‘[main] Step 4/6 : COPY mnt-storage.mount /etc/systemd/system/’
‘[main] Step 5/6 : RUN systemctl enable mnt-storage.mount’
but on the shell i do not see my mount and my unit doesnt seem to be loaded
'root@cf60cfe:/# systemctl status mnt-storage.mount
'mnt-storage.mount
'Loaded: not-found (Reason: Unit mnt-storage.mount not found.)
'Active: inactive (dead)
Any Ideas ? or maybe i can see that with the crator of the project mount-usb ?
Any way, is it possible to mount the USB stick directly in the BalenaOS itself ? instead of mounting it on each service ?
Hi.
Yes of course, the manually mount, or even via FSTAB is working.
But i had to run this “mount” in the entrypoint or startup script of my container, il would prefer use the Systemd mount capabilities to avoid this script.
In fact my initial question was about sharing an Host connected USB device between all containers :
-mount the drive directly on the BalenaOS host system ?
or mount it in a “Data Container” and share it via Volumes.
Hi,
We currently don’t support this, but we will have an internal discussion on how we can realize this and update you once we have more information. Any information you can share on your specific use case to share an external disk with multiple containers, helps us to cover it in the generic solution we are trying to create.
Cheers,
Oke thank you for your answer.
I’v followed the usefulls projects given by @janvda, and create a container that mount and share (via Samba and maybe NFS) the data between container. But it should be better to be able to mount it on the host system, for simplicity and maybe for better IO performances.
I think it shoul be a good feature for BalenaOS to give the opportunity to the user to optionnaly mount some drive. Especially when you are working on a RPI, with an SD card as media
I’ll keep in touch about any implemntation of such a feature.
If the different services (containers) don’t need to access the same files you can also consider creating a separate disk partition (using fdisk command) for each service on you USB stick and have each service mounts its “own” disk partition. I think that should work also in case you don’t need to share files.
