Supplement of YUM warehouse and NFS sharing service of Linux network advanced

1. Overview of YUM

Yum does not carry out the actual operation, here is just to add a little yum concept and method, specific steps refer to: linux application basics and how to install

1、YUM (Yellow dog Updater Modified)

• Software update mechanism based on RPM package
• Can resolve dependencies automatically
• All software packages are provided by the centralized YUM software warehouse

2. Prepare the installation source

(1) How to provide software warehouse

• Network source
  • FTP service: ftp://…
  • HTTP service: http://...
• Local source
  • Local directory: file://...

(2) The source of the RPM package

• Collection of RPM packages released by CentOS
• A collection of RPM packages released by third-party organizations
• User-defined RPM package collection

(3) Build the CentOS 7 software warehouse

• The RPM package comes from the CentOS 7 DVD disc
• Provide to the client via FTP (install and enable the vsftpd service)

mkdir -p /var/ftp/CentOS7
cp -rf /dev/cdrom/*  /var/ftp/CentOS7

rpm -ivh /dev/cdrom/Packages/vsftp-3.0.2-21.el7.x86_64.rpm
systemctl start vsftpd
systemctl enabled vsftpd

(4) Join the unofficial RPM package group in the software warehouse

• Generally obtained through the Internet
• Include all other RPM packages that have dependencies
• Need to use createrepo tool to build repodata data file warehouse
• The installation package file is stored in the /var/ftp/other directory

mkdir -p  /var/ftp/other
cd /var/ftp/other
createrepo -g /dev/cdrom/repodata/repomd.xml ./

3. Visit YUM warehouse

• Specify the YUM warehouse location for the client
• Configuration file location: /etc/yum.repos.d/centos7.repo

vim /etc/yum.repos.d/centos7.repo
[base]        #仓库类别，注意：方括号里面不能有空格。
name=CentOS 7   #仓库名称
baseurl=ftp:///192.168.4.254/CentOS7    #URL访问路径
enabled=1     #启用此软件仓库，默认该选项可以不写。如果值为0，则表示禁用这个软件源。
gpgcheck=1(或0：表示不验证公钥)      #验证软件包的签名
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 (软件校验公钥)     #GPG公钥文件的位置

[other]
name=Other RPM Packages
baseurl=ftp:///192.168.4.254/other
enabled=1
gpgcheck=0

2. NFS shared storage service

1. Related concepts

• NFS is a network file system protocol based on TCP/IP transmission. By using the NFS protocol, the client can access the shared resources in the remote server as if it were accessing a local directory.
• For most load balancing clusters, it is a common practice to use the NFS protocol to share data storage. NFS is also a protocol that NAS storage devices must support. However, because NFS does not have a user authentication mechanism, and the data is transmitted in plain text on the network, the security is very poor , and it can generally only be used in a local area network .
• The implementation of the NFS service relies on the RPC (Remote Process Call) mechanism to complete the remote-to-local mapping process, so it is necessary to install the nfs-utils and rpcbind software packages to provide NFS sharing services.
  • nfs-utils is used for NFS share publishing and access
  • rpcbind for RPC support

2. Configuration file of NFS service

• The configuration file of NFS is /etc/exports
• The format is: shared directory location client address (permission option)
  • E.g:
    

Three, NFS service configuration details

1. Use NFS to publish shared resources in the file server

(1) Install nfs-utils and rpcbind software packages

rpm -q rpcbind nfs-utils 
yum -y install nfs-utils rpcbind

(2) Set up a shared directory

mkdir -p /opt/share
chmod 777 /opt/share/

vim /etc/exports
/opt/share 192.168.163.0/24(rw,sync,no_root_squash)

客户机地址可以是主机名、IP 地址、网段地址，允许使用“*”、“?”通配符。
常用选项
“rw” 表示允许读写，“ro” 表示为只读；

sync ：表示同步写入到内存与硬盘中。
async ：将数据先保存在内存缓冲区中，必要时才写入磁盘。

no_root_squash ： 表示当客户机以root身份访问时赋予本地root权限（默认是root_squash）。
root_squash ：表示客户机用root用户访问该共享目录时，将root用户映射成匿名用户。
all_squash ：所有访问用户都映射为匿名用户或用户组。

subtree_check（默认）：若输出目录是一个子目录，则nfs服务器将检查其父目录的权限。
no_subtree_check ：即使输出目录是一个子目录，nfs服务器也不检查其父目录的权限，这样可以提高效率。

其他例子：
/var/ftp/pub 192.168.163.11(ro) 192.168.163.110(rw)
/share *(rw,sync)

(3) Start the NFS service program When
manually loading the NFS sharing service, you should start rpcbind first, and then start nfs

systemctl start rpcbind
systemctl start nfs
systemctl enable rpcbind
systemctl enable nfs

netstat  -anpt  |  grep  111     #查看rpcbind端口111是否开启， rpcbind默认使用tcp端口111

(4) View the NFS shared directory published by this machine

exportfs -rv			#发布共享
showmount -e            #查看共享

2. Access NFS shared resources in the client

(1) Install nfs-utils and rpcbind software packages

rpm -q rpcbind nfs-utils 
yum -y install nfs-utils rpcbind
systemctl start rpcbind
systemctl enable rpcbind

systemctl stop firewalld.service 
setenforce 0

#查看 NFS 服务器端共享了哪些目录
showmount -e 192.168.163.10

(2) Mount the NFS shared directory

方法一：手动挂载
mkdir /myshare
mount 192.168.163.10:/opt/share /myshare
方法二：自动挂载
vim /etc/fstab
192.168.163.10:/opt/share    /myshare    nfs defaults,_netdev  0  0

_netdev ：表示挂载设备需要网络
mount -a     #挂载 fstab 中的所有文件系统

df -Th      #确认挂载结果

Manual mount

Auto mount

(3) Forcibly uninstalling NFS

如果服务器端NFS服务突然间停掉了，而客户端正在挂载使用时，在客户端就会出现执行 df -h 命令卡死的现象。这个时候直接使用umount 命令是无法直接卸载的，需要加上 -lf 选项才能卸载。
umount -lf /myshare