NFS is a good shared storage system, and its performance is poor under high load conditions. The only drawback is that it does not support Windows well.
The setting Declaration is as follows:
10.0.0.1-NFS Server
10.0.0.2-NFS Client
On NFS Server:
Shared Directory:/nfspool
NFS running user: nfsnobody
Server configuration steps:
# Mkdir/nfspool
# Vi/etc/exports
/Nfspool 10.0.0.2 (rw, async, anonuid = 65534, anongid = 65534)
# Mkdir-p/nfspool
# Chown nfsnobody: nfsnobody/nfspool
# Chown-R nfsnobody: nfsnobody/nfspool /.
# Service portmap start
# Service nfslock start
# Service nfs start
On NFS Client settings:
Remote NFS shared directory mount point:/usr/local/nfs
# Service portmap start
# Mkdir/usr/local/nfs
# Chown nfsnobody: nfsnobody/usr/local/nfs
# Chmod 777/usr/local/nfs
############ BKJIA Editor's note: I keep my comments on this step. 777 of the permissions for a file are a big headache for the system administrator, I personally think that 755 of permissions are sufficient. I hope that you can share your comments in the comments section after the article.
# Mount-t nfs-o soft, intr, bg, timeo = 50 10.0.0.1:/nfspool/usr/local/nfs
# Vi/etc/fstab
10.0.0.1:/nfspool/usr/local/nfs soft, intr, bg, timeo = 50 0 0
Note:
1. exports parameter description
Rw: read/write mode;
Async: asynchronous disk read/write;
Anonu (g) id: Specifies the anonymous user uid/gid used by NFS during operations
2. NFS management commands
Showmount-e execute this command on the NFS Server to display all the shared volumes on the NFS Server;
Showmount-e 10.0.0.1 execute this command on the NFS Client to display all the shared volumes on the NFS Server;
Export-av exports all volumes according to/etc/exports;
Export-rv re-export all the volumes, add new projects in/etc/exports, delete nonexistent projects, and update changed projects;
3. NFS-Related Files
/Etc/exports
Is one of the most basic configuration files of NFS Server. The file lists the shared file systems and hosts that allow access to these file systems.
/Proc/fs/nfs/exports
The kernel view of the exported file list, including the exported parameters.
/Var/lib/nfs/etab
Status file, which lists the current advanced list. This file contains all projects in the same format in/etc/exports and projects manually imported by exportfs-I.
/Var/lib/nfs/rmtab
Status file, which lists the remote clients that mount the exported file.
/Var/lib/nfs/xtab
Status file, the current underlying export list.
4. client writing rules in/etc/exports
(1) single host
You can use short and fully qualified names or IP addresses, such as student01, student01.flying.com.cn, or 192.168.10.1.
(2) Net-Group
You can list all hosts defined in the/etc/netgroup file or NFS Network Group ing. The Network Group name starts.
(3) wildcard host
* .Discuz.net *. * .comsenz.com
(4) mask
192.168.1.0/255.255.255.0
5. Start and Stop Sequence
Start:
Portmap
Nfslock
Nfs
Stop:
Nfslock
Nfs
Portmap
6. Security
Portmap: 111
NFS: 2049
Prevent the use of IP Spoofing and RPC redirection technology through lo loop attacks and restrict authorized hosts:
Iptables-a input-p udp-d 127.0.0.1 -- dport 111-j DROP
Iptables-a input-p udp-d 127.0.0.1 -- dport 2049-j DROP
Iptables-a input-p udp-s 10.0.0.2 -- dport 111-j ACCEPT
Iptables-a input-p udp-s 10.0.0.2 -- dport 2049-j ACCEPT
Related Articles]
- How NFS works and the role of service processes