Filesystem actions in containers fail with `Too many levels of symbolic links`

Follow
Table of Contents

Issue

When attempting to perform a filesystem action inside a container with a volume located on an autofs directory, the error Too many levels of symbolic links is thrown and the action fails.

bash: cd: /data: Too many levels of symbolic links

Pre-requisites

  • Docker container or Kubernetes Pod with a volume defined that is mounted on the host with autofs, typically backed by NFS

Root cause

As the share that backs the autofs volume isn't mounted until the directory specified is accessed, it is typically not mounted when a container is run.
With the default Docker bind-mount propagation of rprivate, containers do not receive mount changes for volumes from the host.

Resolution

Docker - Mount the volume in question with the flag slave, rslave, shared, or rshared to ensure that mount changes are propagated to the container.
Example:
docker run -d -v /path/to/autofs:/data:shared ubuntu

See the links at the bottom of this article for info on what each of these flags does

Kubernetes - Define mountPropagation for the volume in question as either HostToContainer (same as Docker's rslave) or Bidirectional (same as Docker's rshared):

kind: Pod
apiVersion: v1
metadata:
  name: test-app
spec:
  containers:
    - name: test
      image: busybox
      volumeMounts:
      - mountPath: "/data"
        name: test-app-vol
        mountPropagation: HostToContainer
  volumes:
    - name: test-app-vol
      hostPath:
        path: /data

Further reading

Docker bind propagation - https://docs.docker.com/storage/bind-mounts/#configure-bind-propagation
Kubernetes mountPropagation - https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation
Linux Kernel Shared Subtree - https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.