CentOS 8 - install and configure NFS service
NFS
Network File System (Network File System) is a distributed file system protocol that shares remote directories through the network. Using NFS, you can mount remote directories on the system and use files on the remote computer as if they were local files.
By default, the NFS protocol is not encrypted, and unlike Samba, it does not provide user authentication. The client's IP address or host name restricts access to the server.
Host list
| HOSTNAME | IP | SYSTEM OS |
|---|---|---|
| nfs-server | 192.168.99.227 | CentOS Linux release 8.1.1911 |
| nfs-client-linux | 192.168.99.233 | CentOS Linux release 7.6.1810 |
| nfs-client-windows | 192.168.99.234 | Windows Server 2016 Datacenter |
nfs-server
Install nfs
[ root@nfs-server ~]# dnf install nfs-utils
Check the nfs version
[ root@nfs-server ~]# rpm -qa | grep nfs-utils
. nfs-utils-2.3.3-26.el8.x86_64
Enable nfs service
[ root@nfs-server /]# systemctl start nfs-server
View version information supported by nfs
[ root@nfs-server /]# cat /proc/fs/nfsd/versions -2+3+4+4.1+4.2
Create nfs shared directory
mkdir -p /mnt/{nfs1,nfs2}
/etc/exports is the default configuration file of nfs
nfs1 read and write
nfs2 read only
nfs3 read only
[ root@nfs-server /]# vim /etc/exports
/mnt/nfs1 192.168.99.0/255.255.255.0(rw,sync,all_squash)/mnt/nfs2 192.168.99.234(ro,sync,all_squash)/mnt/nfs3 *(ro,sync,all_squash)
/etc/exports parameter description
rw:Read and write
ro:Read only
no_root_Squash: Do not suppress the root user. If the client writes as the root user, it will be mapped to the server root user on the server
root_squash: nfs service: the opposite parameter root is used by default_Squash, if the client is operated by user root, it will be suppressed as the nobody user
all_squash:No matter who the client's user who uses nfs is, it will be suppressed as a nobody user
insecure:Allow unauthorized access from the client
sync:Synchronously write data to memory and hard disk
async:Data is written to the memory first, not directly to the hard disk
anonuid:Specify the value of uid, this uid must exist in/etc/passwd
anongid:Specify the value of gid
View the directories currently configured as nfs shares and their status
exportfs parameters
- r: Reexport all directories:Re-export all directories
- v: verbose,Output details
** Set folder permissions**
chown -R nobody /mnt/{nfs1,nfs2}
Firewall configuration
[ root@nfs-server /]# firewall-cmd --add-service=nfs --permanent
[ root@nfs-server /]# firewall-cmd --add-service=rpc-bind --permanent
[ root@nfs-server /]# firewall-cmd --add-service=mountd --permanent
[ root@nfs-server /]# firewall-cmd --reload
nfs-client-linux
showmount
Use the showmount command to test the output directory status of the NFS server. The basic format of the showmount command is:
showmount [option] NFS server name or address
-
a: Display all client hosts of the specified NFS server and their connected directories;
-
d: Display all output directories that have been connected by the client in the specified NFS server;
-
e: Display all output shared directories on the specified NFS server.
[ root@kafka-node2 ~]# showmount -e 192.168.99.227
Export list for192.168.99.227:/mnt/nfs2 192.168.99.0/255.255.255.0/mnt/nfs1 192.168.99.0/255.255.255.0
mount mount
mount server name or IP address: output directory local mount directory
[ root@kafka-node2 /]# mkdir /mnt/data
[ root@kafka-node2 /]# mount -t nfs 192.168.99.227:/mnt/nfs1 /mnt/data
umount uninstall
[ root@kafka-node2 /]# umount /mnt/data/
nfs-client-windows
Install NFS client
mount -h verify that the client is successfully installed
Mount
mount \\192.168.99.227\mnt\nfs1 x:
Uninstall
umount x:
View nfs directory
nfs1 read and write nfs2 read only
NFS server uid/gid mapping
In a cluster environment, each host has the same user account, but the assigned uid/gid are different. When the back-end storage of multiple hosts is the same shared storage, a problem will be encountered. The NFS protocol uses uid to control file read and write permissions. The file uid written by the user in the host is different from that of other hosts and cannot be Other hosts read or modify, and there is a problem of wrong permissions.
Create user
useradd -u 1234-s /sbin/nologin -M nfsuser
-
u: designated user uid
-
M: --no-create-home do not create user home directory
-
s: --shell specifies the user's shell
Modify user id and group id
usermod -u 1234 nfsusergroupmod -g 1234 nfsuser
Create nfs shared directory
mkdir /data/nfschown -R nfsuser:nfsuser /data/nfs
Edit nfs configuration file
[ root@nfs-server /]# vi /etc/exports
/data/nfs 192.168.99.0/255.225.255.0(rw,sync,all_squash,anonuid=1234,anongid=1234)
Recommended Posts