Block Device Passthrough to Docker guest on Proxmox LXC
I run Proxmox on my homelab server, with one of my LXC's running a docker engine with all of my smallworkloads.
Recetnly, I needed to pass through block devices (/dev/sda , etc) to a docker container so that I could monitor SMART status (using scrutiny).
Since the docker engine is running on an LXC, this had some small challenges. We can solve them with some clever mapping in two places.
Solution
Part 1: Set up mounts on the proxmox host
Edit the appropriate LXC file on your proxmox host, and add a mount point for /dev
# vim /etc/pve/lxc/106.conf
mp4: /dev,mp=/mnt/dev # add this line at the bottom of your filePart 2: Map the block devices back into docker
On our docker guest, we now have the /mnt/dev endpoint with all of our host devices under it.
Note: this is incredibly insecure, and should only be done to completely trusted systems.
We don't want to mount to /dev inside the guest, as that would clobber the exisitng /dev mounts and cause various problems.
Now, inside our docker compose we can add the devices mappings back to the expected paths:
# https://github.com/AnalogJ/scrutiny
version: '3.4'
services:
collector:
image: 'ghcr.io/analogj/scrutiny:master-collector'
cap_add:
- SYS_RAWIO
- SYS_ADMIN
volumes:
- '/run/udev:/run/udev:ro'
environment:
COLLECTOR_API_ENDPOINT: 'http://your.endpoint'
devices:
- "/mnt/dev/sda:/dev/sda" # map the device back in