NFS Client mount error MOUNT.NFS access denied by server while mounting

in the production environment, a system due to the changes in the architecture, the original single node expansion into two nodes, the front end of the use of Nginx to do the load of the architecture, and these two nodes need a public storage to store user uploaded pictures, the user's concurrency is not high, Again because the original business module is stripped from the Nginx host, the original Nginx host has "IMG" This storage image directory, so consider installing the NFS service on the Nginx host, and then mount the "IMG" directory on the same point on the two nodes to achieve the cluster node access to the picture directory.

The installation of the NFS service is relatively simple, but in the production environment should be verified in their own test environment, here the installation process is recorded as follows:

Server-side configuration

NFS server-side system environment:

[[email protected] ~]# cat /etc/issue
CentOS release 6.5 (Final)
Kernel \r on an \m
[[email protected] ~]# uname -r
2.6.32-431.el6.x86_64

If the system does not have NFS services installed, run the following command to install:

[[email protected] ~]# yum -y install nfs-utils rpcbind
[[email protected] ~]# service rpcbind start
[[email protected] ~]# service nfs start
[[email protected] ~]# chkconfig nfs on

To configure a shared directory:

[[email protected] ~]# vim /etc/exports
/home/tomcat/img/ 192.168.207.128(insecure,rw,sync,anonuid=500,anongid=500)

#The configuration format of this file is: <Output Directory> [Client 1 options (access rights, user mappings, others)] [Client 2 options (access rights, user mappings, others)]





#Comment

Insecure     This parameter is required when the Mount listener port is greater than 1024

[[email protected] ~]# ss -tnlp | grep mountd
LISTEN     0      128                       *:50288                    *:*      users:(("rpc.mountd",5354,8))
LISTEN     0      128                       *:33842                    *:*      users:(("rpc.mountd",5354,16))
LISTEN     0      128                      :::54325                   :::*      users:(("rpc.mountd",5354,14))
LISTEN     0      128                       *:43992                    *:*      users:(("rpc.mountd",5354,12))
LISTEN     0      128                      :::50657                   :::*      users:(("rpc.mountd",5354,10))
LISTEN     0      128                      :::33795                   :::*      users:(("rpc.mountd",5354,18))

RW Read-write, can read and write;

Sync: The file is written to both the hard disk and memory;

Async: Files are staged in memory instead of directly to memory;

No_root_squash:nfs the client connects to the server, if root is used, it also has root access to the directory shared by the server. Obviously it's not safe to turn it on.

Root_squash:nfs the client connects to the server, if root is used, then the directory shared by the server, with anonymous user rights, usually he will use nobody or nfsnobody identity;

All_squash: Regardless of which user is used by the NFS client to connect to the server, the directory shared by the server has anonymous user rights;

Anonuid: The UID value of the anonymous user, usually nobody or nfsnobody, can be set at this point;

Anongid: The GID value of the anonymous user.

Reload the/etc/exports configuration:

[Email protected] ~]# Exportfs-r

To view native shared directories:

[[email protected] ~]# showmount -e localhost
Export list for localhost:
/home/tomcat/img 192.168.207.128

Client Configuration

Client system Environment:

[email protected]:~# cat /etc/issue
Debian GNU/Linux 8 \n \l
[email protected]:~# uname -r
3.16.0-4-amd64

On the client only need to install the nfs-client side, if not installed, use the following command to install:

[Email protected]:~# aptitude-y Install nfs-client

List the NFS server-side shared directories:

[email protected]:~# showmount -e 192.168.207.129
Export list for 192.168.207.129:
/home/tomcat/img 192.168.207.128

Since the production environment is required to share the IMG directory under the Tomcat user home directory of the NFS server and let the existing two-node tomcat user mount the home directory under the IMG directory, it is necessary to first switch to a Tomcat user to create an IMG directory, as follows:

[email protected]:~# su - tomcat -c "mkdir ~/img"
[email protected]:~# ls /home/tomcat/img/ -ld
drwxr-xr-x 2 tomcat tomcat 4096 12月  4 15:23 /home/tomcat/img/

To mount the shared directory for NFS:

[Email protected]:~# mount-t NFS 192.168.207.129:/home/tomcat/img/home/tomcat/img-o proto=tcp-o nolock

Mount.nfs:access denied by server while mounting 192.168.207.129:/home/tomcat/img

Cause: Using NFSV4 in CentOS 6 x64, you can see the log Output at NFS startup in/var/log/messages:

Dec  4 15:21:04 nginx-01 rpc.mountd[2178]: Version 1.2.3 starting
Dec  4 15:21:04 nginx-01 kernel: NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
Dec  4 15:21:04 nginx-01 kernel: NFSD: starting 90-second grace period
Dec  4 15:21:58 nginx-01 kernel: svc: 192.168.207.128, port=748: unknown version (4 for prog 100003, nfsd)

When using NFSV4, do the following on the NFS server:

[[email protected] ~]# vim /etc/sysconfig/nfs
# Optional arguments passed to rpc.nfsd. See rpc.nfsd(8)
# Turn off v2 and v3 protocol support
RPCNFSDARGS="-N 2 -N 3"
         ----->Enable
# Turn off v4 protocol support
RPCNFSDARGS="-N 4" ---->Enable

Restart Service:

[[Email protected] ~]# Service NFS Restart

Then try to mount again on the client:

[email protected]:~# mount -t nfs 192.168.207.129:/home/tomcat/img /home/tomcat/img -o proto=tcp -o nolock
[email protected]:~#

Mounted successfully.

[email protected]:~# ls /home/tomcat/img/
     #Previously two files existed
Fstab test

Test: Create a file directly with the root user, but the permission of this file is still 500, the user with UID 500 on the server is Tomcat, which is the effect I need.

[email protected]:~# touch /home/tomcat/img/nfs.txt
[email protected]:~# ls -l /home/tomcat/img/nfs.txt
-rw-r--r-- 1 500 500 0 December 4 15:24 /home/tomcat/img/nfs.txt

Finally let this directory automatically after the host restarts automatically mount, I write here directly to the/etc/rc.local:

[email protected]:~# cat /etc/rc.local
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
mount -t nfs 192.168.207.129:/home/tomcat/img /home/tomcat/img -o proto=tcp -o nolock
exit 0

Restart the test to see if you can mount it successfully.

This article is from the "focus on operations, and Linux Dances" blog, please be sure to keep this source http://zhaochj.blog.51cto.com/368705/1719640

NFS Client mount error MOUNT.NFS access denied by server while mounting