NFS File Server Installation Configuration

NFS File Server Installation Configuration
NFS Introduction

Network File System (NFS) is a Network File System.

Main function: allows different host systems to share files or directories through the network (LAN.

Main Purpose: NFS network file systems are generally used to store shared videos, images, attachments, and other static resource files.

NFS Storage Service does not have NFS file shared storage

When user A uploads files over the Internet, the files are distributed to A node randomly or in A targeted manner through Server Load balancer. However, when user B downloads the file, it is not sure which node the request will be sent to. This will lead to a certain probability that the user will not be able to download the file.

NFS file shared storage

When user A uploads files over the Internet, the Server Load balancer will store the files to the NFS file server no matter which node is sent. However, when user B downloads the file, any node can read the file on the NFS file server.

Advantages and disadvantages of the NFS service

• Easy to use
• Convenient deployment and fast Maintenance
• Saves local storage space and stores common data on a server for network access.

Disadvantages

• NFS efficiency/performance is limited under high concurrency
• NFS data is in plaintext, and data integrity is not verified.
• Connection management and maintenance are troublesome when NFS servers are mounted on multiple machines
• It is prone to single point of failure. If the server goes down, all clients will not be able to access it.
• The client does not use the user authentication mechanism, and the data is transmitted in plain text, which is secure (generally recommended in the LAN)

RPC Workflow

NFS supports many features. Different features are implemented by different services. Many services need to listen to some ports, and many of them are not fixed. When starting these services, you must register a port with the rpcbind service. The rpcbind service randomly selects an unused port for allocation. The rpcbind service is listening on port 111. Therefore, the main function of rpcbind is to specify the port number corresponding to each RPC service and notify the client to connect the client to the correct port.

Steps for a client request to an NFS server:

• First, the user accesses the website program and the program sends a request to access the NFS file on the NFS client, this is why the RPC service of the NFS client does not send a query request for the NFS file access function to port 111 of the RPC service on the NFS server, including the functions to be implemented.

• The RPC service on the NFS server finds the corresponding registered NFS port and notifies the NFS client of the RPC service.

• At this time, the NFS client obtains the correct port and accesses data online with NFS.

• After the NFS client successfully accesses the data, it returns it to the client program to notify the user of the access result.

Note: Since the rpc service needs to register a port with rpcbind at startup, rpcbind must be started first. In addition, if rpcbind is restarted, the data originally registered will not be seen. Therefore, once rpcbind is restarted, the managed service needs to be restarted to register with rpcbind.

NFS server configuration

NFS server: 192.168.1.180

Check and install NFS

[root@iZ2ze74fkxrls31tr2ia2fZ ~]# rpm -qa rpcbind nfs-utilsnfs-utils-1.3.0-0.48.el7_4.1.x86_64rpcbind-0.2.0-42.el7.x86_64

If not, install the required software package for the NFS server. In fact, you need to install two packages: nfs-utils (main nfs service program) and rpcbind (main rpc program ), however, when nfs-utils is installed using yum, rpcbind is installed together.

yum install -y nfs-utils

Configuration instructions

/Etc/sysconfig/nfs # NFS master configuration file/etc/exports # configure files in the shared directory

/Etc/exports configuration format:

Nfs shared directory: nfs client address 1 (parameter 1, parameter 2...) Client address 2 (parameter 1, parameter 2 ...)

Note:

Nfs shared directory: the actual directory to be shared by the nfs server. It is an absolute directory. Pay attention to permission issues.

Nfs client address: the address of the client authorized to access the nfs server. It can be a separate IP address, host name, or domain name. It can also be the entire network segment.

Authorize the entire network segment: eg: 10.0.0.0/24

File configuration instance description:

/data/fileserver 192.168.1.190(rw,sync,no_root_squash)

If the server modifies the/etc/exports file, you can use the exportfs command to reload the service without restarting the service. If you need to re-register with prcbind to restart the service, which has a great impact on the client, try to use the exportfs command to make the configuration file take effect.

Exportfs: exportfs-ar # Re-export all file systems exportfs-r # export a file system exportfs-au # disable all exported file systems exportfs-u # disable the specified exported file system

Related Parameters (man exports)

A. Option: This option is used to set the access permission and user ing of the output directory.

• Set output directory read-only: ro
• Set output directory read/write: rw

B. User ing options

• All_squash: maps all common users and groups remotely accessed to anonymous users or user groups (nfsnobody );
• No_all_squash: returns an inverse value from all_squash (default );
• Root_squash: maps root users and groups to anonymous users or user groups (default );
• No_root_squash: returns the inverse of rootsquash;
• Anonuid = xxx: maps all remotely accessed users to anonymous users and specifies the user as a local user (UID = xxx );
• Anongid = xxx: maps all remotely accessed user groups to anonymous user group accounts, and specifies this anonymous user group account as a local user group account (GID = xxx );

C. Other options

• Secure: restrict the client to connect to the nfs server from a TCP/IP Port less than 1024 (default );
• Insecure: allows the client to connect to the server from a TCP/IP Port greater than 1024;
• Sync: write data synchronously to the memory buffer and disk, which is less efficient, but can ensure data consistency;
• Async: stores data in the memory buffer before writing data to the disk if necessary;
• Wdelay: Check whether there are related write operations. If yes, execute these write operations together to improve the efficiency (the default setting );
• No_wdelay: if there is a write operation, it will be executed immediately and should be used with sync;
• Subtree: If the output directory is a sub-directory, the nfs server checks the permissions of its parent directory (default );
• No_subtree: even if the output directory is a sub-directory, the nfs server does not check the permissions of its parent directory, which improves efficiency;

Start the NFS service on the nfs server

1. Start rpcbind and nfs first:

systemctl enable rpcbind.servicesystemctl enable nfs-server.service

2. Start the rpcbind and nfs services respectively:

systemctl start rpcbind.servicesystemctl start nfs-server.service

Check whether the service is started

[root@iZ2ze74fkxrls31tr2ia2fZ ~]# rpcinfo -p   program vers proto   port  service    100000    4   tcp    111  portmapper    100000    3   tcp    111  portmapper    100000    2   tcp    111  portmapper    100000    4   udp    111  portmapper    100000    3   udp    111  portmapper    100000    2   udp    111  portmapper    100024    1   udp  47426  status    100024    1   tcp  35379  status    100005    1   udp  20048  mountd    100005    1   tcp  20048  mountd    100005    2   udp  20048  mountd    100005    2   tcp  20048  mountd    100005    3   udp  20048  mountd    100005    3   tcp  20048  mountd    100003    3   tcp   2049  nfs    100003    4   tcp   2049  nfs    100227    3   tcp   2049  nfs_acl    100003    3   udp   2049  nfs    100003    4   udp   2049  nfs    100227    3   udp   2049  nfs_acl    100021    1   udp  53046  nlockmgr    100021    3   udp  53046  nlockmgr    100021    4   udp  53046  nlockmgr    100021    1   tcp  38280  nlockmgr    100021    3   tcp  38280  nlockmgr    100021    4   tcp  38280  nlockmgr

Use exportfs to view the shared directories on the local machine:

exportfs

NFS client Configuration

NFS client: 192.168.1.190

Install nfs and start the service.

yum install -y nfs-utilssystemctl enable rpcbind.servicesystemctl start rpcbind.service

The client does not need to start the nfs service, but only needs to start the rpcbind service.

Check whether directory sharing exists on the NFS server.

showmount -e 192.168.1.180

Mount remote services

mount -t nfs  192.168.1.180:/data/fileserver  /data/itstyle

View mounting

df -h

Start mounting, edit/etc/fstab

Vim/etc/fstab:

# Device File mount point file system type mount parameter dump parameter fsck sequential 192.168.1.180:/data/fileserver/data/itstyle nfs ults, _ netdev 0 0

_ Netdev clearly states that this is a Network File System and prevents mounting errors before the network starts.

After saving the file, Remount the content in/etc/fstab.
Mount-

Build NFS in Linux and share it with AIX