NFS file Server for the Javaweb project architecture

Introduction to NFS

The network file system is NFS.

Main function: Through the network (LAN) allows different host systems to share files or directories.

Main Purpose: NFS Network File system is generally used to store shared video, pictures, attachments and other static resource files.

NFS Storage Service without NFS file share storage

When user a uploads a file over the Internet, it is load balanced, randomly or directed to a node. However, when User B goes to download the file, it is not sure which node to send the request to, which will cause the user to have a chance to download the situation.

NFS File Share storage available

When user a uploads a file over the Internet, it is load balanced and will be stored to the NFS file server regardless of which node it is sent to. However, when User B downloads the file, any node can read the NFS file server file.

Advantages and disadvantages of NFS services

• Simple and easy to get started
• Easy deployment very fast and easy to maintain
• Saves on-premises storage storing common data on a single server that can be accessed over the network

Disadvantages

• NFS Efficiency/performance is limited under high concurrency
• NFS data is plaintext and does not validate data integrity
• Connection management maintenance Hassle when multiple machines Mount Server for NFS
• Prone to single point of failure, if the server is down, all clients will not be able to access
• The client does not use the user authentication mechanism, and the data is transmitted in clear text, security general (generally recommended for use within the LAN)

RPC Workflow

NFS supports a very large number of features, different functions will have different services to complete, many services need to listen on some ports, many of which are not fixed. When these services are started, they need to register a port with the Rpcbind service, and the Rpcbind service randomly chooses an unused port to allocate. The Rpcbind service listens on port 111, so the primary function of Rpcbind is to specify the port number for each RPC service and notify the client to connect the client to the correct port.

Steps the client requests to the NFS server side:

• First, the user accesses the Web site program, and the program sends a Request for NFS files on the NFS client, which is the NFS client's RPC service does not issue a query Request for NFS file access over the network to the 111 port of the NFS server-side RPC service, including what functionality to implement.

• The NFS server-side RPC service locates the corresponding registered NFS port, notifying the NFS client of the RPC service.

• At this point, the NFS client gets to the correct port and accesses the data online with NFS.

• After the NFS client has successfully accessed the data, it returns to the client program, informing the user of the access results.

Note: Because the RPC service needs to register the port with Rpcbind at startup, the Rpcbind is started first. In addition, if the Rpcbind reboot, the original registered data will not be seen, so one but rpcbind restart, so that the managed services because the need to restart to re-register to Rpcbind.

Server-side Configuration for NFS

Server for NFS: 192.168.1.180

Check and install NFS

[[email protected] ~]# rpm -qa rpcbind nfs-utilsnfs-utils-1.3.0-0.48.el7_4.1.x86_64rpcbind-0.2.0-42.el7.x86_64

If not, installing the required Packages for NFS server actually requires the installation of two packages Nfs-utils (NFS service main program) and Rpcbind (RPC main program), but when installing nfs-utils with Yum, the Rpcbind is installed together.

yum install -y nfs-utils

Configuration Instructions

/etc/sysconfig/nfs #NFS的主配置文件/etc/exports       #配置共享目录的文件

Configuration format for/etc/exports:

NFS Shared directory NFS Client address 1 (parameter 1, parameter 2 ...). ) Client Address 2 (parameter 1, parameter 2 ...) ）

Description

NFS shared directory: The absolute directory for the actual directory to be shared for the NFS server. Note the permissions issue.

NFS Client Address: The address of the client that can be accessed for NFS server authorization, which can be a separate IP address or host name, domain name. It can also be an entire network segment.

Authorizing the entire network segment: EG:10.0.0.0/24

File Configuration Example Description:

/data/fileserver 192.168.1.190(rw,sync,no_root_squash)

If the server side modifies the/etc/exports file, the service can be reloaded via the EXPORTFS command without restarting the service. If restarting the service requires re-registering with Prcbind and has a significant impact on the client, use the Exportfs command as much as possible to make the configuration file effective.

exportfs：exportfs -ar      #重新导出所有的文件系统exportfs -r       #导出某个文件系统exportfs -au      #关闭导出的所有文件系统exportfs -u       #关闭指定的导出的文件系统

Related parameters (man exports)

A. Options: option to set the output Directory access rights, user mappings, and so on.

• Set output Directory read-only: RO
• Set output directory Read/write: RW

B. User mapping options

• All_squash: Maps all normal users and groups that are accessed remotely to anonymous users or user groups (Nfsnobody);
• No_all_squash: Reverse with All_squash (default setting);
• Root_squash: The root user and the owning group are mapped to anonymous users or groups of users (default setting);
• No_root_squash: Reverse with Rootsquash;
• ANONUID=XXX: Maps All remote access users to anonymous users and specifies that the user is a local user (uid=xxx);
• ANONGID=XXX: Maps All remote Access user groups to anonymous user group accounts and specifies that the anonymous user group account is a local user group account (GID=XXX);

C. Other options

• Secure: Restrict clients from connecting to Server for NFS (default setting) only from TCP/IP ports less than 1024;
• Insecure: Allow clients to connect to the server from TCP/IP ports greater than 1024;
• Sync: It is inefficient to write data synchronously to memory buffer and disk, but it can guarantee the consistency of data;
• Async: Save the data in the memory buffer first, and write to disk if necessary;
• Wdelay: Check if there is a related write operation, if any, then perform these writes together, which can improve the efficiency (default setting);
• No_wdelay: If a write operation is performed immediately, it should be used in conjunction with sync;
• Subtree: If the output directory is a subdirectory, the NFS server will check the permissions of its parent directory (default setting);
• No_subtree: Even if the output directory is a subdirectory, the NFS server does not check the permissions of its parent directory, which can improve efficiency;

Start NFS Service on NFS server

1. Start the boot for Rpcbind and NFS first:

systemctl enable rpcbind.servicesystemctl enable nfs-server.service

2. Then start the Rpcbind and NFS services separately:

systemctl start rpcbind.servicesystemctl start nfs-server.service

To see if the service is started

[[email protected] ~]# rpcinfo-p program vers proto Port service 100000 4 TCP 111 Portmapper 100 3 TCP 111 Portmapper 100000 2 TCP 111 portmapper 100000 4 UDP 111 Portmapper 10000    0 3 UDP 111 portmapper 100000 2 UDP 111 portmapper 100024 1 UDP 47426 status 100024 1  TCP 35379 Status 100005 1 udp 20048 mountd 100005 1 tcp 20048 mountd 100005 2 UDP 20048 MOUNTD 100005 2 tcp 20048 mountd 100005 3 udp 20048 mountd 100005 3 tcp 20048 MOUNTD 100 003 3 TCP 2049 NFS 100003 4 TCP 2049 NFS 100227 3 TCP 2049 nfs_acl 100003 3 UDP 20 100003 NFS 4 UDP 2049 NFS 100227 3 UDP 2049 nfs_acl 100021 1 UDP 53046 nlockmgr 100    021 3 UDP 53046 nlockmgr 100021 4 udp 53046 nlockmgr 100021 1 tcp 38280 nlockmgr 100021 3 TCP 38280 Nlockmgr   100021 4 TCP 38280 Nlockmgr 

Use Exportfs to view directories that are already shared on this computer:

exportfs

NFS Client Configuration

Client for NFS: 192.168.1.190

Install NFS and start the service.

yum install -y nfs-utilssystemctl enable rpcbind.servicesystemctl start rpcbind.service

The client does not need to start the NFS service and only needs to start the Rpcbind service.

Check if there is a directory share on the NFS server side

showmount -e 192.168.1.180

Mount Remote Services

mount -t nfs  192.168.1.180:/data/fileserver  /data/itstyle

View Mounts

df -h

Boot mount, edit/etc/fstab

Vim/etc/fstab Add the following content:

# 设备文件  挂载点  文件系统类型  mount参数  dump参数  fsck顺序192.168.1.180:/data/fileserver /data/itstyle nfs defaults,_netdev 0 0

_netdev explicitly indicates that this is a network file system that prevents errors from mounting before the network starts up.

After saving, re-mount the contents of/etc/fstab.
Mount-a

Xiao Qi

Source: https://blog.52itstyle.com

Sharing is happy, but also witnessed the personal growth process, the article is mostly work experience summary and usually learn to accumulate, based on their own cognitive deficiencies are unavoidable, also please correct, common progress.

NFS file Server for the Javaweb project architecture