In my previous article on moving Gitea from FreeBSD to Linux I ended the post noting that I needed to be able to share the host NAS filesystem with a virtual machine it was hosting. In my case, this is so that Gitea backups could be stored on the NAS external to the virtual machine, but in the near future when I migrate Plex my media library will need to be available for Plex running in a VM, without an enormous VM for all the data. And while I could mount a samba share from the other TrueNAS box to the VM, having it all running on the same system is the goal.
TrueNAS bridge network
To do this, the first thing you need to do is setup bridge networking. I found a good YouTube video for this, and while it was recorded for TrueNAS Scale 25.04 it works the same on the 25.10 release I’m using: Building a Network Bridge in TrueNAS Fangtooth (25.04). This is a pretty short, straightforward video. The only caveat I’ll add is make sure you turn off all of your virtual machines before you attempt it or it will fail.
Once you have a working bridge adapter (br1 in my case) then you need to go back to the virtual machine settings to change the network adapter. So for my Gitea VM I went and expanded the virtual machine and clicked on Devices to change the network settings. This would be Devices -> NIC -> Edit -> NIC To Attach which will be set to whatever the physical NIC is. Change it to br1 (or whatever you named your bridge network adapter). Do this for all of the virtual machines before starting them.
Serial shell for VMs
While I was fiddling around, I also setup serial console support in my guest VMs. Typically I interact with them via SSH but sometimes if you’ve not started a VM for a while and the DHCP lease expires, you might find yourself not being able to SSH into the VM because the IP has changed. Using the SPICE client to connect is ok, but really slow. TrueNAS gives you a wonderful way to get to your virtual machine and open a Serial Shell but only if you configure the guest first.
With the VM started, either SSH in or use the Display button to launch the SPICE console. Login and obtain a root shell.
If your guest is Debian-based, or Alpine Linux in my case, you’ll want to edit the /etc/default/grub and add:
GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,19200n8"
GRUB_TERMINAL=serial
GRUB_SERIAL_COMMAND="serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1"
Most likely there is already a GRUB_CMDLINE_LINUX entry so do not replace the entry with the one above! You want to add the console options to the existing entry.
Once this is done, you’ll need to run the following commands as root:
update-grub
reboot
Once rebooted, you should be able to log in via the Serial Shell button in the TrueNAS virtual machine list.
If you’re using RHEL or Fedora or similar, you’ll need to do something different. Red Hat has some good documentation but in a nutshell you’ll need to run the following as root by using the grubby command. It’ll look something like this:
grubby --info=ALL|grep -i args
args="ro crashkernel=2G-64G:256M,64G-:512M resume=UUID=9ed6ca57-b228-47b2-a623-f29457aa6342 rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet $tuned_params"
args="ro crashkernel=2G-64G:256M,64G-:512M resume=UUID=9ed6ca57-b228-47b2-a623-f29457aa6342 rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet $tuned_params"
args="ro crashkernel=2G-64G:256M,64G-:512M resume=UUID=9ed6ca57-b228-47b2-a623-f29457aa6342 rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet $tuned_params"
args="ro crashkernel=2G-64G:256M,64G-:512M resume=UUID=9ed6ca57-b228-47b2-a623-f29457aa6342 rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet"
grubby --update-kernel=ALL --args="console=tty0 console=ttyS0,115200"
grubby --info=ALL|grep -i args
args="ro crashkernel=2G-64G:256M,64G-:512M resume=UUID=9ed6ca57-b228-47b2-a623-f29457aa6342 rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet $tuned_params console=tty0 console=ttyS0,115200"
args="ro crashkernel=2G-64G:256M,64G-:512M resume=UUID=9ed6ca57-b228-47b2-a623-f29457aa6342 rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet $tuned_params console=tty0 console=ttyS0,115200"
args="ro crashkernel=2G-64G:256M,64G-:512M resume=UUID=9ed6ca57-b228-47b2-a623-f29457aa6342 rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet $tuned_params console=tty0 console=ttyS0,115200"
args="ro crashkernel=2G-64G:256M,64G-:512M resume=UUID=9ed6ca57-b228-47b2-a623-f29457aa6342 rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet console=tty0 console=ttyS0,115200"
reboot
The important command is grubby --update-kernel=ALL --args="console=tty0 console=ttyS0,115200"
Once this is rebooted, you’ll also be able to use the Serial Shell for RHEL/Fedora-based virtual machines which is significantly faster than using SPICE.
Mounting Samba shares in the VM
All of this was done for the purpose of mounting Samba shares inside the virtual machine. You’ll want to make sure that you have the Samba client packages installed in whichever distro you’re using. On Alpine:
sudo apk add cifs-utils samba-client
On Fedora:
sudo dnf install samba-client
In the virtual machine guest, try listing shares with a valid user:
smbclient -L //<ip> -U <user>
Specify the user’s password. If you’ve not setup specific users, this will be your user account. In my case, I made two users: gitea and plex and gave them access to specific shares: gitea has access to the git backup share, and plex has access to where my Plex media will end up living.
If you can successfully authenticate, it’s time to add an entry to /etc/fstab.
//<ip>/<share name> /mnt/<directory name> cifs credentials=/root/.smbcredentials,nofail,uid=<local uid>,gid=<local gid>,vers=3.0,sec=ntlmv2 0 0
This takes a little explanation. In the above you’ll need to change:
- ip: the IP address of the NAS host
- share name: the Samba share name on the NAS host (i.e. gitbackup)
- directory name: the directory where to mount the share (i.e. /mnt/gitbackup)
- local uid: the UID of the local user that will own the files on the share, in my case it’s the gitea user on the virtual machine
- local gid: the GID of the local user that will own the files on the share
Now we need to store the credentials in /root/.smbcredentials so that the system can authenticate when mounting. The most secure way to do this is:
touch /root/.smbcredentials
chmod 0600 /root/.smbcredentials
vim /root/.smbcredentials
Put the user and password information in the file like:
username=USER
password=PASSWORD
When the file is saved, try to mount it:
mount -a
mount | grep cifs
If this is successful, you should see the share mounted. Browse the directory you mounted to make sure that you expect to see there is actually there. By setting it up this way, whenever the VM reboots the Samba share should automatically mount.
For both of my projects, I can now run a fairly light and small virtual machine to access the host filesystem. It works quite well and is exactly what I wanted.
The next steps now are to setup a new virtual machine for Plex; I’m going to use Fedora and found an installation guide that looks promising. I’m just waiting for a new NVMe SSD I ordered to arrive which is where I’m going to be running my containers and virtual machines off of (hopefully I can migrate the virtual machine datasets easily from one pool to another!). This will let me keep the NAS storage for just that, and run my containers and VMs on something a little more zippy.