Hipchat Data Center configuration fails with "Operation not Permitted" when trying to write to the NFS file store.

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform Notice: Server and Data Center Only - This article only applies to Atlassian products on the server and data center platforms.


Problem

When trying to configure a Hipchat Data Center node, the Chef run fails trying to perform actions on the NFSv4 share.

The following error(s) will appear in the /var/log/chef.log on the server:

chef.log
---- Begin output of mount -t nfs4 -o rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 nfsserver.example.com:/hi
pchat /file_store/shared ----
STDOUT: 
STDERR: mount.nfs4: Operation not permitted
---- End output of mount -t nfs4 -o rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 nfsserver.example.com:/hipc
hat /file_store/shared ----
chef.log
 [2017-08-09T19:06:57+00:00] ERROR: directory[/file_store/shared] (nfs::default line 9) had an error: Errno::EPERM: Operation not permitted - /file_store/shared
[0m
================================================================================[0m
[31mError executing action `create` on resource 'directory[/file_store/shared]'[0m
================================================================================[0m

[0m
Errno::EPERM[0m
------------[0m
Operation not permitted - /file_store/shared[0m

[0m
Resource Declaration:[0m
---------------------[0m
# In /hipchat-scm/chef-repo/cookbooks/nfs/recipes/default.rb

  9:   directory "#{node[:nfs][:mount][:path]}" do
 10:     owner 'hipchat'
 11:     group 'www-data'
 12:     mode '2750' # setgid, so that www-data can read. Setgid bit is inherited by any sub-directories by default.
 13:                 # any files/dirs created will have group set to www-data
 14:     action :create
 15:     recursive true
 16:   end
 17: 
[0m

[0m
Compiled Resource:[0m
------------------[0m
# Declared in /hipchat-scm/chef-repo/cookbooks/nfs/recipes/default.rb:9:in `from_file'

directory("/file_store/shared") do
  provider Chef::Provider::Directory
  action [:create]
  retries 0
  retry_delay 2
  path "/file_store/shared"
  recursive true
  cookbook_name :nfs
  recipe_name "default"
  owner "hipchat"
  group "www-data"
  mode "2750"
end
[0m


Diagnosis

Environment

  • Hipchat Data Center.
  • External NFSv4 server. 

Steps to Reproduce 

  • Configure an NFSv4 Share on an external server for use with Hipchat Data Center. 
  • Configure the Hipchat Data Center node using the instructions in the Manual Deployment Guide.
  • Run the data center restart command: 

    hipchat datacenter restart
  • The data center restart operation fails with the error listed earlier from the chef.log. 

Cause

During the Data Center restart, the Data Center node will mount the NFSv4 and attempt to create directories on it.  

The NFS server share is being exported with root squashing enabled, which prevents the root user on the Hipchat Data Center node from being able to write to the mounted NFS share. 

Workaround

On the NFS server, add the "no_root_squash" option to the designated share in the /etc/exports file and restart the NFS service.  Below is an example of an NFS share with the no_root_squash option included.:


server#vi /etc/exports

/export/test 192.168.1.0/255.255.255.0(no_root_squash,insecure,rw)


Be sure to restart the NFS services on the NFS server for the changes to take effect. 




Last modified on Nov 2, 2018

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.