Instance parsing: NFS configuration and deployment in Linux

NFS is a good shared storage system, and its performance is poor under high load conditions. The only drawback is that it does not support Windows well.

The setting Declaration is as follows:

10.0.0.1-NFS Server

10.0.0.2-NFS Client

On NFS Server:

Shared Directory:/nfspool

NFS running user: nfsnobody

Server configuration steps:

# Mkdir/nfspool

# Vi/etc/exports

/Nfspool 10.0.0.2 (rw, async, anonuid = 65534, anongid = 65534)

# Mkdir-p/nfspool

# Chown nfsnobody: nfsnobody/nfspool

# Chown-R nfsnobody: nfsnobody/nfspool /.

# Service portmap start

# Service nfslock start

# Service nfs start

On NFS Client settings:

Remote NFS shared directory mount point:/usr/local/nfs

# Service portmap start

# Mkdir/usr/local/nfs

# Chown nfsnobody: nfsnobody/usr/local/nfs

# Chmod 777/usr/local/nfs

############ BKJIA Editor's note: I keep my comments on this step. 777 of the permissions for a file are a big headache for the system administrator, I personally think that 755 of permissions are sufficient. I hope that you can share your comments in the comments section after the article.

# Mount-t nfs-o soft, intr, bg, timeo = 50 10.0.0.1:/nfspool/usr/local/nfs

# Vi/etc/fstab

10.0.0.1:/nfspool/usr/local/nfs soft, intr, bg, timeo = 50 0 0

Note:

1. exports parameter description

Rw: read/write mode;

Async: asynchronous disk read/write;

Anonu (g) id: Specifies the anonymous user uid/gid used by NFS during operations

2. NFS management commands

Showmount-e execute this command on the NFS Server to display all the shared volumes on the NFS Server;

Showmount-e 10.0.0.1 execute this command on the NFS Client to display all the shared volumes on the NFS Server;

Export-av exports all volumes according to/etc/exports;

Export-rv re-export all the volumes, add new projects in/etc/exports, delete nonexistent projects, and update changed projects;

3. NFS-Related Files

/Etc/exports

Is one of the most basic configuration files of NFS Server. The file lists the shared file systems and hosts that allow access to these file systems.

/Proc/fs/nfs/exports

The kernel view of the exported file list, including the exported parameters.

/Var/lib/nfs/etab

Status file, which lists the current advanced list. This file contains all projects in the same format in/etc/exports and projects manually imported by exportfs-I.

/Var/lib/nfs/rmtab

Status file, which lists the remote clients that mount the exported file.

/Var/lib/nfs/xtab

Status file, the current underlying export list.

4. client writing rules in/etc/exports

(1) single host

You can use short and fully qualified names or IP addresses, such as student01, student01.flying.com.cn, or 192.168.10.1.

(2) Net-Group

You can list all hosts defined in the/etc/netgroup file or NFS Network Group ing. The Network Group name starts.

(3) wildcard host

* .Discuz.net *. * .comsenz.com

(4) mask

192.168.1.0/255.255.255.0

5. Start and Stop Sequence

Start:

Portmap

Nfslock

Nfs

Stop:

Nfslock

Nfs

Portmap

6. Security

Portmap: 111

NFS: 2049

Prevent the use of IP Spoofing and RPC redirection technology through lo loop attacks and restrict authorized hosts:

Iptables-a input-p udp-d 127.0.0.1 -- dport 111-j DROP

Iptables-a input-p udp-d 127.0.0.1 -- dport 2049-j DROP

Iptables-a input-p udp-s 10.0.0.2 -- dport 111-j ACCEPT

Iptables-a input-p udp-s 10.0.0.2 -- dport 2049-j ACCEPT

Related Articles]

• NFS features

• How NFS works and the role of service processes

• Mount an NFS File System