NFS configuration with Vagrant

In order to get NFS working in Vagrant, you have to specify type: 'nfs' in your Vagrantfile for each shared folder. If you are using chef, you will also want to use chef.synced_folder_type = 'nfs'

But that’s not functional for most people! NFS will mount in your guest with the same UID as your host (for OSX that is most likely 501 or 502, for Ubuntu that’s probably 1000). To compound the issue, chmod and chown operations are also useless on NFS - not only are they ineffective, they fail hard (they tend to interrupt things like chef runs with their failure, even if there aren’t actually permission changes). There are a few options to get around this though. One of those is vagrant-bindfs. Essentially this takes your NFS mounts, and then remounts them under the user you specify. Bindfs is a thing outside the Vagrant world, this plugin just makes automating it simpler. This is a good option for some, although we still had some lingering permission issues with it.
The other option was to dynamically create our deploy user with the uid of the user running vagrant. We did this by setting a variable equal to Process.uid and then overriding the default attributes for our deploy user with that value. From there, our deploy user now had the proper uid! But we soon realized that in our setup, www-data needs access to certain subdirectories in our shared folders (as did the redis user). So, we modified their default attributes to give them the same uid! To solve the chmod/chown issues, I used these export/mount options:

:mount_options => ['noatime,soft,nfsvers=3'],
:export_options => ['async,insecure,no_subtree_check,no_acl,no_root_squash']

Occasionally we will see NFS issues with this setup (/etc/exports not getting cleared properly, stale mounts, etc), but it is leaps ahead of VirtualBox Shared Folders in terms of performance.

 
79
Kudos
 
79
Kudos

Now read this

Devs without Admin

Most developers cringe a bit when they first hear that. How are they going to work? How are they going to test code and experiment with new technologies without admin rights? On the other hand, organizations like ours have hipaa and... Continue →