Known Issues for File Storage

Details

File Storage does not support file level Access Control Lists (ACLs). Only user, group, and world permissions are supported. File Storage uses the NFSv3 protocol, which doesn't include support for ACLs. setfacl fails on mounted file systems. getfacl returns only standard permissions.

Workaround

We're working on a resolution.

Details

When using the mkdir command in Windows CMD to create a snapshot of a mounted file system, an error appears. For example: 

C:\>mkdir X:\.snapshot\snapshot1

The semaphore timeout period has expired.

Although the error appears, the snapshot is successfully created.

Workaround

Use the Console, API or CLI to create snapshots. For more information, see Creating a Snapshot.

Details

When moving a file system or mount target from one compartment to another, the operation fails. Users are required to be members of the Administrators group.

Workaround

We're working on a resolution. To work around this problem, be sure the user is a member of the Administrators group. For more information, see Managing Groups.

Details

When creating or moving a file system or mount target from one compartment to another, you might encounter one of the following 409 API errors:

Create file system:

oci.exceptions.ServiceError: {'opc-request-id': <<OPC REQUEST ID>>, 'code': 'Conflict', 'message': 'Another filesystem is currently being provisioned, try again later', 'status': 409}

Move file system:

oci.exceptions.ServiceError: {'opc-request-id': <<OPC REQUEST ID>>, 'code': 'Conflict', 'message': 'filesystem <<FILE SYSTEM OCID>> is currently being modified, try again later', 'status': 409}

Create mount target:

oci.exceptions.ServiceError: {'opc-request-id': <<OPC REQUEST ID>>, 'code': 'Conflict', 'message': 'Another mount target is currently being provisioned, try again later', 'status': 409}

Move mount target:

oci.exceptions.ServiceError: {'opc-request-id': <<OPC REQUEST ID>>, 'code': 'Conflict', 'message': 'mount target<<MOUNT TARGET OCID>> is currently being modified, try again later', 'status': 409}

The Compartment Quotas feature introduces constraints that limit the number of concurrent operations that a tenancy can perform on file system and mount target resources in a region:

• Each tenancy in a region can have one CreateFileSystem or ChangeFilesystemCompartment operation in progress at a time.
• Each tenancy in a region can have one CreateMountTarget or ChangeMountTargetCompartment operation in progress at a time.

If a tenancy attempts to do more than one simultaneous operation, one operation succeeds and the others receive the 409 error response code. The default retry strategy for the OCI SDK is to not retry 409 conflicts. See SDK Behaviors - Retries.

Workaround

We're working on a resolution. To work around this problem, create a custom retry strategy that retries on 409. Several examples of building a custom retry strategy are provided at https://github.com/oracle/oci-python-sdk/blob/master/examples/retries.py.

File systems that use in-transit TLS encryption can't be mounted using a DNS hostname. Only IP addresses can be used to mount file systems with in-transit TLS encryption.

Details

The oci-fss-utils in-transit encryption tool does not currently support the use of DNS hostnames for mounting file systems.

Workaround

We're working on a resolution. Until this issue is resolved, use the IP address of the mount target in the oci-fss-utils mount command. For example:

sudo mount -t oci-fss 10.x.x.x:/fs-export-path /mnt/yourmountpoint

Replace 10.x.x.x: with the local subnet IP address assigned to your mount target, fs-export-path with the export path you specified when associating the file system with the mount target, and yourmountpoint with the path to the local mount point. The export path is the path to the file system (relative to the mount target IP address). See Using In-transit TLS Encryption for more information.