Bug 1270401

Summary: NFS v3 read/write support
Product: OpenShift Container Platform Reporter: Ryan Howe <rhowe>
Component: StorageAssignee: Sami Wagiaalla <swagiaal>
Status: CLOSED NOTABUG QA Contact: Liang Xia <lxia>
Severity: low Docs Contact:
Priority: unspecified    
Version: 3.0.0CC: aos-bugs, jkrieger, mmcgrath, nicholas_schuetz, rhowe
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-01-26 16:00:21 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ryan Howe 2015-10-09 22:51:02 UTC 
Description of problem:

Wanting NFS v3  read/write support for OSE v3 

Version-Release number of selected component (if applicable):
3.x

Additional info:

Due to selinux labeling not supported by NFSv3, Write does not work in osev3 

- This bug is to request, or track status, support for NFSv3 in OpenShift
Comment 2 Sami Wagiaalla 2015-10-29 14:35:49 UTC 
Hi Ryan,

What label do you get on the client side with V3 ?
If it is something like system_u:object_r:nfs_t:s0 then try this:
setsebool -P virt_use_nfs on

If not please report the label you get on the client side.

Also if the above does not solve your issue try finding the exact denial you are getting from SELinux:

tail -f /var/log/audit/audit.log | grep denied

then

osc exec <pod name> touch /path/to/mount TEST

With NFS v3 or v4 we cannot do client side chcon so the answer is to give users the correct instructions to set things up on the export side
Comment 4 Sami Wagiaalla 2016-01-26 16:00:21 UTC 
The fix for this if broken should to either update the policy or use the pod's security context to set the proper SELinux type.

Please reopen if you are still experiencing problems