Linux NPS service deployment

A. NFS installation service

rpm -qa | grep nfs 
rpm -qa | grep rpcbind
yum install nfs-utils        #如果检查的结果是没有安装，则使用该命令安装
/etc/init.d/rpcbind start
/etc/init.d/nfs start

Two. NFS software architecture

1. The main configuration file: / etc / exports

This file is the primary configuration file for the NFS! However, the system does not default values, so this file "will not necessarily exist," you may have to use vim initiative to establish this file, as follows.

[root@www ~]# vim /etc/exports
/tmp         192.168.100.0/24(ro)       localhost(rw)   *.ev.ncku.edu.tw(ro,sync)
[分享目录]       [第一部主机(权限)]            [可用主机名]         [可用通配符]

Parameter Value	Description
rw、ro	The shared directory is writable permissions (read-write) or read-only (read-only), but in the end can not read or write, or rwx and identity documents and related systems.
sync、async	sync will sync the data on behalf of the hard disk is written to the memory, async represents the data will first be temporarily stored in the memory of them, rather than directly into the hard disk!
no_root_squash、root_squash	The client uses the NFS file system if the account is root, the system how to determine the identity of the account? The case of default, the root of the identity of the client will be compressed into nfsnobody by the root_squash set, so the system server will be more secure. But if you want to use open client to operate as root server's file system, this would have to open no_root_squash job!
all_squash	Regardless of the identity of a user login NFS why, his identity will be compressed into an anonymous user, usually it is nobody (nfsnobody) it!
anonuid, anongid	anon means anonymous (anonymous) on the front of the set value * _squash UID anonymous user mentioned, usually nobody (nfsnobody), but you can set the value of the UID of its own! Of course, this UID will need to exist in your / etc / passwd them! anonuid refers to the UID and GID group is anongid Hello.

2. NFS file system maintains command: / usr / sbin / exportfs

This is to maintain instruction NFS share resources, we can use this command to re-share the resource directory / etc / exports change, the NFS Server share directory excluded or re-share and so on, use the following instructions.

[root@www ~]# exportfs [-aruv]
选项与参数：
-a ：全部挂载(或卸除) /etc/exports 档案内的设定
-r ：重新挂载 /etc/exports 里面的设定，此外，亦同步更新 /etc/exports及 /var/lib/nfs/xtab 的内容！
-u ：卸除某一目录
-v ：在 export 的时候，将分享的目录显示到屏幕上！

3. Sharing resources registry: / var / lib / nfs / * tab

Log files are placed in the NFS server to the / var / lib / nfs / directory, there are two more important to log files in the directory, one is etab, major record full access NFS shared directory is set out value; another xtab relevant client data used to link to the NFS server is recorded.

[root@www ~]# tail /var/lib/nfs/etab
/home/public    192.168.100.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,
no_all_squash,no_subtree_check,secure_locks,acl,anonuid=65534,anongid=65534)
# 上面是同一行，可以看出除了 rw, sync, root_squash 等等，
# 其实还有 anonuid 及 anongid 等等的设定！

4. The client queries the server to share resources command: / usr / sbin / showmount

This is another important NFS command. exportfs is used in the NFS Server end, and showmount is mainly used in the Client side. This showmount can be used to look out of the NFS share directory resource!

[root@www ~]# showmount [-ae] [hostname|IP]
选项与参数：
-a ：显示目前主机与客户端的 NFS 联机分享的状态；
-e ：显示某部主机的 /etc/exports 所分享的目录数据。

Three. NFS deployment case

1. is to establish / etc / exports

[root@www ~]# vim /etc/exports
/tmp         192.168.100.0/24(rw,no_root_squash)
/home/nfs    192.168.100.0/24(ro)  *(ro,all_squash)
/home/upload 192.168.100.0/24(rw,all_squash,anonuid=210,anongid=210)
/home/andy   192.168.100.10(rw)

2. Build each corresponding actual Linux directory permissions

# 1. /tmp
[root@www ~]# ll -d /tmp
drwxrwxrwt. 12 root root 4096 2011-07-27 23:49 /tmp

# 2. /home/nfs
[root@www ~]# mkdir -p /home/nfs
[root@www ~]# chmod 755 -R /home/nfs
# 修改较为严格的档案权限将目录与档案设定成只读！不能写入的状态，会更保险一点！

# 3. /home/upload
[root@www ~]# groupadd -g 210 nfs-upload
[root@www ~]# useradd -g 210 -u 210 -M nfs-upload
# 先建立对应的账号与组名及 UID 喔！
[root@www ~]# mkdir -p /home/upload
[root@www ~]# chown -R nfs-upload:nfs-upload /home/upload
# 修改拥有者！如此，则用户与目录的权限都设定妥当！

# 4. /home/andy
[root@www ~]# useradd andy
[root@www ~]# ll -d /home/andy
drwx------. 4 andy andy 4096 2011-07-28 00:15 /home/andy

3. Restart nfs service

[root@www ~]# /etc/init.d/nfs restart

4. The drill bit at the top of this machine 192.168.100.10

# 1. 确认远程服务器的可用目录：
[root@clientlinux ~]# showmount -e 192.168.100.254
Export list for 192.168.100.254:
/home/andy   192.168.100.10
/home/upload 192.168.100.0/24
/home/nfs    (everyone)
/tmp         192.168.100.0/24

# 2. 建立挂载点：
[root@clientlinux ~]# mkdir -p /mnt/{tmp,nfs,upload,andy}

# 3. 实际挂载：
[root@clientlinux ~]# mount -t nfs 192.168.100.254:/tmp         /mnt/tmp
[root@clientlinux ~]# mount -t nfs 192.168.100.254:/home/nfs    /mnt/nfs
[root@clientlinux ~]# mount -t nfs 192.168.100.254:/home/upload /mnt/upload
[root@clientlinux ~]# mount -t nfs 192.168.100.254:/home/andy   /mnt/andy