MountFlags=shared- Documentation
- OpenShift Container Platform
- Configuring Clusters
- Persistent Storage Examples
- Mount Propagation history bug_report picture_as_pdf
Soon, all Red Hat OpenShift documentation will only be available on docs.redhat.com, the official location of all Red Hat product documentation. Get familiar with the updated experience today!
- About
- Release Notes
- Getting Started
- Architecture
- Container Security Guide
- Installing Clusters
- Upgrading Clusters
- Configuring Clusters
- Overview
- Setting up the Registry
- Setting up a Router
- Deploying Red Hat CloudForms
- Prometheus Cluster Monitoring
- Accessing and Configuring the Red Hat Registry
- Master and Node Configuration
- OpenShift Ansible Broker Configuration
- Adding Hosts to an Existing Cluster
- Loading the Default Image Streams and Templates
- Configuring Custom Certificates
- Redeploying Certificates
- Configuring Authentication and User Agent
- Syncing groups with LDAP
- Configuring LDAP failover
- Configuring the SDN
- Configuring Nuage SDN
- Configuring NSX-T SDN
- Configuring Kuryr SDN
- Configuring for AWS
- Configuring for Red Hat Virtualization
- Configuring for OpenStack
- Configuring for Google Compute Engine
- Configuring for Azure
- Configuring for VMware vSphere
- Configuring Local Volumes
- Configuring Persistent Storage
- Overview
- Using NFS
- Using GlusterFS
- Using OpenStack Cinder
- Using Ceph RBD
- Using AWS Elastic Block Store
- Using GCE Persistent Disk
- Using iSCSI
- Using Fibre Channel
- Using Azure Disk
- Using Azure File
- Using FlexVolume
- Using VMware vSphere volumes for persistent storage
- Using Local Volume
- Using Container Storage Interface (CSI)
- Using OpenStack Manila shares
- Dynamic Provisioning and Creating Storage Classes
- Volume Security
- Selector-Label Volume Binding
- Enabling Controller-managed Attachment and Detachment
- Persistent Volume Snapshots
- Using hostPath
- Persistent Storage Examples
- Overview
- Sharing an NFS PV Across Two Pods
- Using Ceph RBD for Persistent Storage
- Using Ceph RBD for dynamic provisioning
- Complete Example Using GlusterFS
- Complete Example Using GlusterFS for Dynamic Provisioning
- Mounting Volumes To Privileged Pods
- Mount Propagation
- Switching an Integrated OpenShift Container Registry to GlusterFS
- Binding Persistent Volumes by Label
- Using StorageClasses for Dynamic Provisioning
- Using StorageClasses for Existing Legacy Storage
- Configuring Azure Blob Storage for Integrated Container Image Registry
- Configuring Ephemeral Storage
- Working with HTTP Proxies
- Configuring Global Build Defaults and Overrides
- Configuring Pipeline Execution
- Configuring Route Timeouts
- Configuring Native Container Routing
- Routing from Edge Load Balancers
- Aggregating Container Logs
- Aggregate Logging Sizing Guidelines
- Enabling Cluster Metrics
- Customizing the Web Console
- Deploying External Persistent Volume Provisioners
- Installing the Operator Framework (Technology Preview)
- Uninstalling Operator Lifecycle Manager
- Day Two Operations Guide
- Cluster Administration
- Overview
- Managing Nodes
- Restoring your cluster
- Replacing a master host
- Managing Users
- Managing Projects
- Managing Pods
- Managing Networking
- Configuring Service Accounts
- Managing Role-based Access Control
- Image Policy
- Image Signatures
- Scoped Tokens
- Monitoring Images
- Managing Security Context Constraints
- Scheduling
- Overview
- Default Scheduling
- Descheduling
- Custom Scheduling
- Controlling Pod Placement
- Pod Priority and Preemption
- Advanced Scheduling
- Advanced Scheduling and Node Affinity
- Advanced Scheduling and Pod Affinity/Anti-affinity
- Advanced Scheduling and Node Selectors
- Advanced Scheduling and Taints and Tolerations
- Setting Quotas
- Setting Multi-Project Quotas
- Pruning objects
- Extending the Kubernetes API with Custom Resources
- Garbage Collection
- Allocating Node Resources
- Overcommitting
- Out of Resource Handling
- Setting Limit Ranges
- Node Problem Detector
- Assigning Unique External IPs for Ingress Traffic
- Monitoring and Debugging Routers
- High Availability
- IPtables
- Securing Builds by Strategy
- Restricting Application Capabilities Using Seccomp
- Sysctls
- Encrypting Data at Datastore Layer
- Encrypting traffic between nodes with IPsec
- Building Dependency Trees
- Replacing a failed etcd member
- Restoring etcd quorum
- Troubleshooting Networking
- Diagnostics Tool
- Idling Applications
- Analyzing Cluster Capacity
- Configuring the cluster auto-scaler in AWS
- Disabling Features using Feature Gates
- Kuryr SDN Administration
- Scaling and Performance Guide
- Overview
- Recommended Installation Practices
- Recommended Host Practices
- Optimizing Compute Resources
- Optimizing Persistent Storage
- Optimizing Ephemeral Storage
- Network Optimization
- Routing Optimization
- Scaling Cluster Metrics
- Scaling Cluster Monitoring
- Tested Maximums per Cluster
- Using Cluster Loader
- Using CPU Manager
- Managing Huge Pages
- Optimizing On GlusterFS Storage
- Developer Guide
- Overview
- Application Life Cycle Management
- Authentication
- Authorization
- Projects
- Migrating Applications
- Tutorials
- Builds
- Deployments
- Templates
- Opening a Remote Shell to Containers
- Service Accounts
- Managing Images
- Quotas and Limit Ranges
- Getting Traffic into a Cluster
- Routes
- Integrating External Services
- Using Device Manager
- Using Device Plug-ins
- Secrets
- ConfigMaps
- Downward API
- Projected Volumes
- Using Daemonsets
- Pod Autoscaling
- Managing Volumes
- Using Persistent Volumes
- Expanding Persistent Volumes
- Executing Remote Commands
- Copying Files
- Port Forwarding
- Shared Memory
- Application Health
- Events
- Managing Environment Variables
- Jobs
- OpenShift Pipeline
- Cron Jobs
- Create from URL
- Creating an object from a custom resource definition
- Application memory sizing
- Application ephemeral storage sizing
- Creating Images
- Using Images
- CLI Reference
- Ansible Playbook Bundle Development Guide
- API reference
- API list
- Common object reference
- core
- About core
- Binding [core/v1]
- ComponentStatus [core/v1]
- ConfigMap [core/v1]
- Endpoints [core/v1]
- Event [core/v1]
- LimitRange [core/v1]
- Namespace [core/v1]
- Node [core/v1]
- PersistentVolumeClaim [core/v1]
- PersistentVolume [core/v1]
- Pod [core/v1]
- PodTemplate [core/v1]
- ReplicationController [core/v1]
- ResourceQuota [core/v1]
- Secret [core/v1]
- ServiceAccount [core/v1]
- Service [core/v1]
- admissionregistration.k8s.io
- apiregistration.k8s.io
- apps
- apps.openshift.io
- authentication.k8s.io
- authorization.k8s.io
- authorization.openshift.io
- About authorization.openshift.io
- ClusterRoleBinding [authorization.openshift.io/v1]
- ClusterRole [authorization.openshift.io/v1]
- LocalResourceAccessReview [authorization.openshift.io/v1]
- LocalSubjectAccessReview [authorization.openshift.io/v1]
- ResourceAccessReview [authorization.openshift.io/v1]
- RoleBindingRestriction [authorization.openshift.io/v1]
- RoleBinding [authorization.openshift.io/v1]
- Role [authorization.openshift.io/v1]
- SelfSubjectRulesReview [authorization.openshift.io/v1]
- SubjectAccessReview [authorization.openshift.io/v1]
- SubjectRulesReview [authorization.openshift.io/v1]
- autoscaling
- batch
- build.openshift.io
- certificates.k8s.io
- events.k8s.io
- image.openshift.io
- network.openshift.io
- networking.k8s.io
- oauth.openshift.io
- policy
- project.openshift.io
- quota.openshift.io
- rbac.authorization.k8s.io
- route.openshift.io
- scheduling.k8s.io
- security.openshift.io
- storage.k8s.io
- template.openshift.io
- user.openshift.io
- CRI-O Runtime
- Container-native Virtualization Install
- Container-native Virtualization User's Guide
- Container-native Virtualization Release Notes
×
Mount Propagation
Overview
Mount propagation allows for sharing volumes mounted by a container to other containers in the same pod, or even to other pods on the same node.
Values
Mount propagation of a volume is controlled by the mountPropagation field in Container.volumeMounts. Its values are:
-
none- This volume mount does not receive any subsequent mounts that are mounted to this volume or any of its subdirectories by the host. In similar fashion, no mounts created by the container are visible on the host. This is the default mode, and is equal toprivatemount propagation in Linux kernels. -
HostToContainer- This volume mount receives all subsequent mounts that are mounted to this volume or any of its subdirectories. In other words, if the host mounts anything inside the volume mount, the container acknowledges it mounted there. This mode is equal torslavemount propagation in Linux kernels. -
Bidirectional- This volume mount behaves the same as theHostToContainermount. In addition, all volume mounts created by the container are propagated back to the host and to all containers of all pods that use the same volume. A typical use case for this mode is a Pod with a FlexVolume or CSI driver or a Pod that needs to mount something on the host using ahostPathvolume. This mode is equal torsharedmount propagation in Linux kernels.
|
|
Configuration
Before mount propagation can work properly on some deployments, such as CoreOS, Red Hat Enterprise Linux/Centos, or Ubuntu, the mount share must be configured correctly in Docker.
Procedure
-
Edit your Docker’s systemd service file. Set
MountFlagsas follows:Alternatively, remove
MountFlags=slave, if present. -
Restart the Docker daemon:
$ sudo systemctl daemon-reload $ sudo systemctl restart docker