Linux disk mount and Mount sharing, NFS and firewall configuration __linux

Source: Internet
Author: User
Tags parent directory iptables

One, Linux disk mount and mount sharing


For Linux Server disk mount mount and share to do a simple operation description:

1. View the disks that have been used

Df–h


2. View all disks

Fdisk–l


3. View the partition of the specified disk "/dev/xvde"

Fdisk-l/dev/xvde


As you can see, the disk is not partitioned

4, we now need to mount the/DEV/XVDE disk to the file system/opt/huiyy directory,

first on the disk "/dev/xvde" Partition (we use 1 partitions here)

Command Fdisk/dev/xvde carriage return, as follows:


Input W Write


Use Fdisk–l to view the disk number that you just assigned


5. Format Disk

Command Mkfs-t Ext3/dev/xvde1

-t specifies that the file system type of the formatted disk is EXT3 and is not specified by default as ext2 (Linux old file system type)

followed by the partition number "/dev/xvde1" that you just created.


6, mount the disk

A) Create a disk Mount destination folder

Command Mkdir/opt/huiyy

b) Mount the disk

Command Mount/dev/xvde1/opt/huiyy

c) recorded in the/ext/fstab file (prevent mount loss after reboot)

Command Vi/etc/fstab


now that the disk mount is complete, we can write the file to/opt/huiyy and the file will be written to our mounted disk.

7. Configure Share

Shared directory "/opt/huiyy/resource" and "/opt/huiyy/log" Permissions "Rw,sync,no_root_squash"

Command vi/etc/exports Edit content: Wq Save exit


Shared view command for More/etc/exports


8, the client mount this directory

We use the above server to configure the shared directory as Server A, and we are now ready to mount the shared directory server as Server B

A) log on to Server B

b) Mount Directory "/opt/huiyy/log" (where 61.132.254.160 is Server a)

Mount-t nfs-orw,bg,hard,nointr,rsize=32768,wsize=32768,tcp,vers=3,timeo=600,actimeo=061.132.254.160:/opt/huiyy/ Log/opt/huiyy/log

/opt/huiyy/log is a directory that is mounted to this machine and can be defined by itself.

C Save Mount Mounts configuration to/etc/fstab (prevent server reboot and mount loss)

Command Vi/etc/fstab Edit

Command Cat/etc/fstab View Configuration


You can now create files, directories on server B and File source Server A on the directory "/opt/huiyy/log".


Two, mount the commonly used command


1. Start Server for NFS

In order for the NFS server to function properly, the Portmap and NFS two services need to be started, and Portmap must be started before NFS.

#service Portmap Start

#service NFS Start

RHEL4 and 5 were renamed Portmap and Nfs,rhel6 later called Rpcbind and Nfs-server.

In addition Rhel 7 after Operation command of the service is suggested to use: Systemctl [Status|stop|start|restart] [ServiceName]

such as: Systemctl status Rpcbind, systemctl restart Nfs-server

2. Querying NFS Server Status

#service portmap Status

#service NFS Status

3. Stop NFS Server

To stop NFS running, you need to stop the NFS service before stopping the Portmap service, and you do not need to stop the Portmap service for other services in the system (such as NIS) that need to be used

#service NFS Stop

#service Portmap Stop

4. Restart Portmap and NFS Services

#service Portmap Restart

#service NFS Restart

#exportfs

5, set up Server for NFS automatic start state

For the actual application system, it is unrealistic to start the NFS server manually each time you start the Linux system, and you need to set up the system to automatically start Portmap and NFS services at the specified run level.

#chkconfig--list Portmap

#chkconfig--list NFS

Set up Portmap and NFS services to start automatically at System run level 3 and 5.

#chkconfig--level Portmap on

#chkconfig--level NFS On

6. Server-side uses the Showmount command to query NFS for shared status

#showmount –e///default view of their shared services, the premise is to DNS can resolve their own, or easily error

#showmount –a IP Displays the client of the specified NFS server and the mount point of the server on the client #showmount –d IP display Specifies the mount point of the Server for NFS on the client side #showmount –e IP display specifies the share on Server for NFS Directory list (or output list)

7, display the directory information already connected with the client

#showmount-A

8. Clients use the Showmount command to query NFS for shared status

#showmount-e NFS Server IP


Third, mount and firewall configuration


If the firewall on the server side is open, we will be prompted for an error when we execute the mount, as follows:

Mount:mount to NFS server ' 192.168.0.10 ' Failed:system error:no route to host.

This is mainly due to firewall problems caused by the opening of the firewall on the corresponding port can
Since NFS services require the opening of the Mountd,nfs,nlockmgr,portmapper,rquotad 5 services, the ports of these 5 services need to be added to the iptables
While NFS and portmapper two services are fixed ports, NFS is 2049,portmapper to 111. The other 3 services are random ports, so you need to set the ports of these 3 services to a fixed one first.

Use the command rpcinfo-p to view the ports of the current 5 services and record them.

Where NFS 2049, portmapper111, and the remaining 3 service ports each record one, so that we have 5 ports, as follows:

NFS 2049

Portmapper 111

MOUNTD 976

Rquotad 966

Nlockmgr 33993

The following sets the 3 ports Mountd, Rquotad, nlockmgr to Fixed ports, modifies/etc/service, and adds the following:

Vi/etc/services

On the last line of the file, add:
Mountd 976/tcp
Mountd 976/UDP
Rquotad 966/tcp
Rquotad 966/UDP
Nlockmgr 33993/tcp
Nlockmgr 33993/UDP
Save and exit.

Then set up the NFS profile, configure the port to fix the Rquotad, Nlockmgr, and Mountd ports as follows:

Vi/etc/sysconfig/nfs

rquotad_port=966
lockd_tcpport=33993
lockd_udpport=33993
mountd_port=976

Where the Portmapper and NFS service ports are fixed, respectively, are 111 and 2049

Reboot the NFS service. Service NFS Restart

Open these 5 ports in the firewall

Edit Iptables configuration file
Vim/etc/sysconfig/iptables
Add the following line:

-A rh-firewall-1-input-s 192.168.0.0/24-m state--state new-p TCP--dport 111-j ACCEPT

-A rh-firewall-1-input-s 192.168.0.0/24-m state--state new-p TCP--dport 976-j ACCEPT

-A rh-firewall-1-input-s 192.168.0.0/24-m state--state new-p TCP--dport 2049-j ACCEPT

-A rh-firewall-1-input-s 192.168.0.0/24-m state--state new-p TCP--dport 966-j ACCEPT

-A rh-firewall-1-input-s 192.168.0.0/24-m state--state new-p TCP--dport 33993-j ACCEPT

-A rh-firewall-1-input-s 192.168.0.0/24-m state--state new-p UDP--dport 111-j ACCEPT

-A rh-firewall-1-input-s 192.168.0.0/24-m state--state new-p UDP--dport 976-j ACCEPT

-A rh-firewall-1-input-s 192.168.0.0/24-m state--state new-p UDP--dport 2049-j ACCEPT

-A rh-firewall-1-input-s 192.168.0.0/24-m state--state new-p UDP--dport 966-j ACCEPT

-A rh-firewall-1-input-s 192.168.0.0/24-m state--state new-p UDP--dport 33993-j ACCEPT

Save exit and restart Iptables
Service Iptables Restart

And then mount it again.

Supplementary information:

RO read-only access

RW Read-Write access

Sync all data is written to share when requested

Async NFS can request it before writing data

Secure NFS is sent via a secure TCP/IP port under 1024

Insecure NFS is sent over 1024 ports

Wdelay If multiple users are writing to the NFS directory, group write (default)

No_wdelay If multiple users are writing to the NFS directory, write now and do not need this setting when using Async.

Hide does not share subdirectories in NFS shared directories

No_hide Share subdirectories for NFS directories

Subtree_check Force NFS to check the permissions of the parent directory (default) if you share a subdirectory such as/usr/bin

No_subtree_check and above, do not check parent directory permissions

All_squash the UID and GID of shared files map anonymous users anonymous, which is suitable for public directories.

No_all_squash preserves UID and GID for shared files (default)

Root_squash all requests for root users are mapped to the same permissions as anonymous users (default)

No_root_squash Root user has full administrative access to the root directory

Anonuid=xxx Specify the UID of anonymous users in server/etc/passwd files for NFS

Anongid=xxx Specify the GID for anonymous users in server/etc/passwd files for NFS

---------------------------

Finish

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.