I have a dockerised legacy JBOSS app deployed on AWS Fargate. There is an on-prem NFS file share with routing between the subnets enabled. Why can't I mount the NFS file share from inside the Docker container as I can from a regular linux host?
E.g.:
FROM daggerok/jboss-eap-6.4:6.4.22-alpine
RUN sudo apk add --update --no-cache nfs-utils
RUN sudo apk add --update --no-cache openrc
RUN sudo rc-update add nfsmount
RUN sudo mount -t nfs nfs.local:FILE_SHARE /mnt
Allowing a container to perform a filesystem mount would be a security vulnerability, allowing a container escape to the host.
You cannot do this at build time in the Dockerfile. Instead you should configure the container with a volume mount. Support for this was added earlier this year.