About NFS
NFS (Network File System), that is, network file system. NFS functionality through the network to allow different machines, different operating systems to share files, make the client application server in the data network access through the disk, the disk is a way to achieve shared between Unix-like systems.
NFS uses RPC protocol, i.e. a set of RPC NFS system program. NFS can be seen as a RPC Server, the main function is to manage the shared directories and files, is not responsible for communication and information transfer, but this part of the work to complete the RPC protocol, so long as the local use NFS RPC services are required to open, Yes or whether NFS Server NFS Client.
NFS build
And mounting nfs-utils rpcbind
This article NFS Server to RHEL 7.7, required to run this command in the NFS Server and NFS Client side:
yum install -y nfs-utils
Notes:
- Since nfs-utils dependent rpcbind, so you can simply install nfs-utils
- Compared Ubuntu CentOS / RHEL, have slightly different
Configuration file / etc / exports
/ etc / exports recorded in the end is NFS Server share directory configuration information, share_dir is to share the directory, host is allowed to access the host, permission to share out privileges.
# $share_dir $host($permission)
/nfsdata *(rw,no_root_squash,no_all_squash,sync)
/iawsdata *(rw,sync,no_subtree_check)
Notes:
- / Etc / exports NFS server to share the directory profile
- / Var / lib / nfs / etab NFS share outside the main configuration file directory, which is maintained by the exportfs command, information and configuration information that the kernel NFS to keep pace. Note: Please do not edit this file manually.
- Directory listing / var / lib / nfs / rmtab client access, is maintained by the NFS system, do not be edited manually.
host - configuration allows access to the host
Set up to allow access to host a variety of ways:
- Specify the host IP, such as 192.168.1.31
- Specify the subnet, such as 192.168.0.0/24
- Specify the host domain name, such as www.nfsclient.com
- Specify a domain can access all hosts, such as * .nfsclient.com
- Specify all hosts can access that *
permission - Configure shared directory permissions
permission may be one or more, note that some rights are mutually exclusive logic.
- rw: readable and writable
- ro: Tada读
- no_root_squash: not recommended; login to share user directory if it is root, then for shared directory, it also has root privileges.
- root_squash: If user login to share directory is root, its authority will be compressed into an anonymous user, usually it will become UID and GID identity nobody system account.
- all_squash: user regardless of login to share directories is what capacity, will be compressed into an anonymous user.
- anonuid: UID users can set their own value, that users log on to the shared directory, the user identity UID becomes, of course, this UID must exist in / etc / passwd in.
- anongid: GID users can set their own value, that users log on to the shared directory, group identity becomes this user GID, of course, this GID must exist in / etc / group in.
- sync: synchronization data is written to the memory and disk during
- async: data is first temporarily stored in memory, rather than directly into the hard disk
Start / Stop rpcbind and nfs services
NFS Server always need to start over at least two processes (rpc.nfsd and rpc.mountd), a management question whether the Client can log in and manage file permissions whether another user after login host can use. After nfsd this process, mainly in management if the client can log permissions on the host, mountd this process is in the management of NFS file system, when the client passed nfsd, log in to the host, he can be used in NFS File Server shared before, will be certified to use the program file permissions! After only overcome this obstacle, Client able to use NFS file sharing services.
When the client attempts to use the services RPC Server offer, due to the Client needs to obtain the port (port) a possible connection to be able to use the services RPC Server provided, therefore, the client first to request rpcbind, then, rpcbind will manage their own port mapping tell the client, so the client can connect to the service, so before you start the NFS, be sure to start the rpcbind.
# 启动先启动rpcbind
systemctl start rpcbind
systemctl start nfs
# 停止先停nfs服务
systemctl stop nfs
systemctl stop rpcbind
NFS commonly used commands
exportfs command
NFS Server-side configuration file / etc / exports file after the change, do not need to restart the nfs service, just use the exportfs command to re-describe again / etc / exports to the new configuration.
exportfs command is used to maintain the configuration table NFS file system:
- -a: mounting or unmounting / etc / exports Configuration All the configuration file.
- -r: from the / etc / exports remount all configurations, and resetting / var / lib / nfs / etab The / etc / exports and /etc/exports.d under. This option will delete the / var / lib / nfs / etab entities according to "/ etc / exports" and "/etc/exports.d file under" content, and delete it from this entity NFS kernel, so they do not revalidation.
- -u: uninstall one or a set of directories: exportfs -u 192.168.31.0/24:/root/tmp
- -0: mount a directory, share it with other host access: exportfs -o rw 192.168.31.0/24:/root/tmp
- -v: displays detailed information during command execution
showmount command
Case for directory information and client mount NFS file system share in view of
- -a, --all: displays all the client has mounted directory, in the format: host: dir.
- -e, --exports: shows all the current directory hosts to share out.
- -d, --directories: lists the cases specified directory is mounted clients.
- -v, --version: show the version information of the program
Mounting and unmounting NFS Client directory
Test connectivity with showmount
showmount -e $host
Client using mount mount directory:
mount -t nfs $host:$sdir $ddir
Client use umount uninstall directory:
umount $ddir
TroubleShooting
firewall-cmd --permanent --add-service=rpc-bind
firewall-cmd --permanent --add-service=mountd
firewall-cmd --permanent --add-port=2049/tcp
firewall-cmd --permanent --add-port=2049/udp
firewall-cmd --add-service=nfs --permanent &&
firewall-cmd --reload
Reference
