azureubuntuelasticsearchsmbmount-point

Azure File Share Owner/Group Permissions Revert On VM Reboot

I am mounting an Azure File Share to /elasticdata/azshare on my Ubuntu 16.04 LTS virtual machine. I mount the drive using the following script: 

sudo mkdir /elasticdata/fileshare
if [ ! -d "/etc/smbcredentials" ]; then
sudo mkdir /etc/smbcredentials
fi
if [ ! -f "/etc/smbcredentials/fileshare.cred" ]; then
sudo bash -c 'echo "username=fileshare" >> /etc/smbcredentials/fileshare.cred'
sudo bash -c 'echo "password=password" >> /etc/smbcredentials/fileshare.cred'
fi
sudo chmod 600 /etc/smbcredentials/fileshare.cred

sudo bash -c 'echo "//fileshare.file.core.windows.net/analysis /elasticdata/fileshare cifs nofail,vers=3.0,credentials=/etc/smbcredentials/fileshare.cred,dir_mode=0777,file_mode=0777,serverino" >> /etc/fstab'
sudo mount -t cifs //fileshare.file.core.windows.net/analysis /elasticdata/fileshare -o vers=3.0,credentials=/etc/smbcredentials/fileshare.cred,dir_mode=0777,file_mode=0777,serverino,uid=$(id -u elasticsearch),gid=$(id -g elasticsearch)

In my last line, I set the owner and the group of the mount location to be that of the user elasticsearch. I can verify this is true after the drive is mounted.

I then make a symlink like so:

ln -s /elasticdata/fileshare/analysis /etc/elasticsearch

In /etc/elasticsearch/analysis, I can see the owner and group to be that of the elasticsearch user.

When I restart my VM, the owner and group permissions I set revert back to that of the root user and my elasticsearch cluster is unable to start due to the following error: 

[HTTP/1.1 500 Internal Server Error]{"error":{"root_cause":[{"type":"access_control_exception","reason":"access denied (\"java.io.FilePermission\" \"/etc/elasticsearch/analysis/charmapping.txt\" \"read\")"}],"type":"access_control_exception","reason":"access denied (\"java.io.FilePermission\" \"/etc/elasticsearch/analysis/charmapping.txt\" \"read\")"},"status":500}`.

How can I prevent the permissions from reverting? Or, how can I let elasticsearch gain access to the files a different way?

Solution

  • Try using /etc/fstab to mount the cifs filesystem at boot time.

    A basic /etc/fstab looks like this

    /dev/hda2   /              ext2 defaults             1 1
/dev/hdb1   /home          ext2 defaults             1 2
/dev/cdrom  /media/cdrom   auto ro,noauto,user,exec  0 0
/dev/fd0    /media/floppy  auto rw,noauto,user,sync  0 0
proc        /proc          proc defaults             0 0
/dev/hda1   swap           swap pri=42               0 0

    My guess is you want to add a line to the file for the cifs file system. It should look something like this.

    //fileshare.file.core.windows.net/analysis /elasticdata/fileshare cifs defaults,uid=<user id you want>,gid=<group id you want> 0 0