Example of LinuxNFS configuration and deployment procedure
Source: Internet
Author: User
Example of LinuxNFS configuration and deployment procedure-Linux Enterprise Application-Linux server application information. For details, refer to the following section. NFS is a good shared storage system, but its performance is not very good under high load.
10.0.0.1-NFS Server
10.0.0.2-NFS Client
On NFS Server:
Shared Directory:/nfspool
NFS running user: nfsnobody
1. exports parameter description
Rw: read/write mode;
Async: asynchronous disk read/write;
Anonu (g) id: Specifies the anonymous user uid/gid used by NFS during operations
2. NFS management commands
Showmount-e execute this command on the NFS Server to display all the shared volumes on the NFS Server;
Showmount-e 10.0.0.1 execute this command on the NFS Client to display all the shared volumes on the NFS Server;
Export-av exports all volumes according to/etc/exports;
Export-rv re-export all the volumes, add new projects in/etc/exports, delete nonexistent projects, and update changed projects;
3. NFS-Related Files
/Etc/exports
Is one of the most basic configuration files of NFS Server. The file lists the shared file systems and hosts that allow access to these file systems.
/Proc/fs/nfs/exports
The kernel view of the exported file list, including the exported parameters.
/Var/lib/nfs/etab
Status file, which lists the current advanced list. This file contains all projects in the same format in/etc/exports and projects manually imported by exportfs-I.
/Var/lib/nfs/rmtab
Status file, which lists the remote clients that mount the exported file.
/Var/lib/nfs/xtab
Status file, the current underlying export list.
4. client writing rules in/etc/exports
(1) single host
You can use short and fully qualified names or IP addresses, such as student01, student01.flying.com.cn, or 192.168.10.1.
(2) Net-Group
You can list all hosts defined in the/etc/netgroup file or NFS Network Group ing. The Network Group name starts.
Prevent the use of IP Spoofing and RPC redirection technology through lo loop attacks and restrict authorized hosts:
Iptables-a input-p udp-d 127.0.0.1 -- dport 111-j DROP
Iptables-a input-p udp-d 127.0.0.1 -- dport 2049-j DROP
Iptables-a input-p udp-s 10.0.0.2 -- dport 111-j ACCEPT
Iptables-a input-p udp-s 10.0.0.2 -- dport 2049-j ACCEPT
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.