Skip to content

Managing Remote Mounts for Containerized Masking

This section describes how to mount an NFS mountpoint inside the Containerized Masking Engine. For information on file mountpoints for Virtual Machine Masking, please refer to Managing File Mounts.

In Containerized Masking, much more control is available to the admin at the kubernetes layer. That advantage is used to simplify file systems mounts for Containerized Masking. This document will describe the process using NFS as an example mountpoint type.


Filesystem mount points must be mounted as a subdirectory of /var/delphix/masking/remote-mounts/.


In order for kubernetes to utilize some particular network filesystem, the underlying host will typically need to be able to support that filesystem. In this example, to support mounting NFS filesystems, the underlying OS needs to be able to perform an nfs mount. This is typically enabled by installing the nfs-client package. For example, if the kubernetes cluster runs on top of a debian-type linux distro, the package would need to be installed using apt install nfs-client on each node to ensure all nodes have the necessary utilities to handle mounting NFS filesystems.

Creating the Mountpoint Connection in kubernetes

To establish a remote mount using NFS, the first step is creating the NFS connection to the remote NFS host. This is accomplished utilizing a special NFS persistent volume. This can be added to the beginning of the kubernetes-config.yaml file or created as separate config files just for this purpose. If separate config files are created, they will have to be applied before the main Pod config is applied.

Both a Persistent Volume (PV) and Persistent Volumne Claim (PVC) are necessary and the YAML for each of these looks like the following snippets.

NFS Persistent Volume YAML

    apiVersion: v1
    kind: PersistentVolume
      name: nfs-pv
        storage: 500Mi
      volumeMode: Filesystem
        - ReadWriteOnce
      storageClassName: nfs-storage
        - hard
        - nfsvers=4.1
        server: <your NFS server host>
        path: <the exported directory on the NFS server, for example /var/tmp/masking-mount>

NFS Persistent Volume Claim YAML

    apiVersion: v1
    kind: PersistentVolumeClaim
      name: nfs-pvc
        - ReadWriteOnce
      volumeMode: Filesystem
      storageClassName: nfs-storage
          storage: 500Mi # change corresponding to actual requirements

Using the Mountpoint in the Pod Configuration

Next, the recently created NFS PVC must get mounted into the application container. This is achieved by editing the existing Pod config YAML and adding 2 objects. First, attaching the PVC to the pod as a volume. Second, linking that volume into the application container. This is demonstrated in the excerpt below.

Excerpt of kubernetes-config.yaml to show support for NFS volumes

    # Example of volume definition per Persistent Volume Claim
      - name: nfs-pv-storage
          claimName: nfs-pvc
      - image: delphix-masking-app:
        name: app
          - containerPort: 8284
            name: http
          - name: masking-persistent-storage
            mountPath: /var/delphix/masking
            subPath: masking
          - name: masking-persistent-storage
            mountPath: /var/delphix/postgresql
            subPath: postgresql
            # Example of mounting an external volume
            # Mount path is the directory on the `app` container to be mounted to the
            # remote provided Persistent Volume.
            # It should always start with the `/var/delphix/masking/remote-mounts`
            # and to be followed with customer named sub-directory per mount.
            # That sub-directory will automatically be created on the Masking Engine `app` container.
          - name: nfs-pv-storage
            mountPath: /var/delphix/masking/remote-mounts/nfs_example

Using the Mountpoint in the UI

Once a properly configured Pod is started, the configured NFS filesystem can be accessed in the UI using the same process that was previously used for non-containerized instances documented in Managing Remote Mounts for VM Masking Engines. The one sticking point is that these mount points (in the dropdown list) by default are named "mountpoint_1", "mountpoint_2", etc.

It is possible to rename the default mount point names to something more friendly. This is done via the PUT /mount-filesystem/{mountID} API endpoint. Please Note: with containerized masking, the only attribute that can be altered is the mount point name. An attempt to alter any other attribute via the API endpoint will result in an error.


The /mount-filesystem API has a large set of functionality that is used to manage filesystem mounts in the Virtual Machine deployment of the Masking Engine. For Containerized Masking, most of that functionality is handled by kubernetes itself rendering the API tasks useless and therefore disabled. The only functionality available in Containerized is the endpoint that allows you to update an existing mount and only to update its name.

Other Types of Filesystem Mountpoint

This example used NFS, but it is possible to mount any filesystem that kubernetes will support. To mount CIFS or some other supported remote filesystem is possible so long as the same general procedure is followed including:

- creating the various kubernetes objects (such as the PV and PVC)
- mounting it under the `/var/delphix/masking/remote-mounts/` required path