Rotten mud: NFS is used for storage and KVM integration, and nfskvm Integration

Source: Internet
Author: User

Rotten mud: NFS is used for storage and KVM integration, and nfskvm Integration

This article was sponsored by Xiuyi linfeng and first launched in the dark world.

In previous articles about NFS, we introduced NFS mounting and so on. This article describes how to use NFS as storage.

Since the topic of this article is about NFS, we should first build the NFS server. For detailed construction process, refer to "mud: using NFS storage with VSphere.

We need to introduce the following parameters in the NFS configuration file/etc/exports:

Ro this host has read-only permission on the shared directory.

Rw this host has read and write permissions on the shared directory, which must be used with the no_root_squash parameter.

Root_squash this parameter is the default parameter. When a user accesses the shared folder as a root user, the user maps the root user to an anonymous user, that is, the nobody user does not have the Creation or Deletion operations on the directory.

When the no_root_squash client accesses the shared folder with the root user, the root user is not mapped. That is, it has all the permissions of the root user and has the permission to create and delete directories.

Any user on the all_squash client accesses the shared directory and maps it to an anonymous user.

Anonuid maps the user on the client to the user of the specified local user ID.

Anongid maps users on the client to the specified local user group ID.

Sync data is synchronously written to memory and hard disk.

The async data is saved in the memory instead of directly written to the hard disk.

Insecure allows unauthorized access from this machine.

Because NFS is used for storage, we must configure read and write permissions for shared files and root user permissions. Considering data security issues, we recommend that you configure synchronization permissions. The specific configuration permissions are as follows:

We can see that the NFS shared directory/nfs has the root user permission and the read/write and synchronization permissions. The NFS shared directory/home/datasoft/soft/iso/has only the read permission. Why is this? We will explain it below.

Now let's test the NFS shared directory permission.

Log on to the KVM server and mount the NFS shared directory. As follows:

Pass. We can see that the/NFS Directory of nfs is mounted to the/nfs Directory of the KVM server, and the/home/datasoft/soft/iso/directory is mounted to the/NFS Directory of nfs.

Next we will test the permissions of the respective Mount directories, as shown below:

We can see from the above two figures that all operations on the NFS shared directory/nfs on the kvm server will be synchronized on the NFS server/nfs, in addition, we have read, write, create, and delete permissions.

We can see that on the KVM server, we only have read permission on the NFS shared directory/home/datasoft/soft/iso/, but not the Creation or Deletion permission. This can also correspond to the permissions we set.

Note that although the NFS shared directory/home/datasoft/soft/iso/has read and write permissions, The root_squash parameter is used by default because the no_root_squash parameter is not added. Although the rw parameter has been given, it does not have the root user permission, so it does not have the permission to create or delete it.

After testing the NFS shared directory permission, we can now Configure NFS and KVM for integration.

For KVM and NFS storage, the graphic interface mode and command line mode are used.

First, we will introduce the command line method. Now we can create the hard disk of the kvm vm to the NFS server by using the following command:

Qemu-img create-f qcow2/nfs. img 20G

Ifconfig eth0 | grep "inet addr" | awk '{print $2}' | cut-d:-f2

After the file is created, log on to the NFS server to view the file generated. As follows:

We can see that the kvm vm hard disk already exists on the NFS server.

Run the following command to create a VM:

Virt-install-n nfs-r 2048 -- OS-type = linux -- vcpus = 1-c/iso/CentOS-6.5-i386-minimal.iso -- disk path =/nfs. img, format = qcow2, bus = ide -- boot cdrom, menu = on-B br0 -- vnc -- vnclisten = 0.0.0.0 -- vncport = 5993

However, the following error message is displayed:

ERROR internal ERROR Process exited while reading console log output: char device redirected to/dev/pts/1

Qemu-kvm:-drive file =/nfs. img, if = none, id = drive-ide0-0-0, format = qcow2, cache = none: cocould not open disk image/nfs. img: Permission denied

After many experiments, if you change the VM's Hard Disk File Permission to 777, no error is reported. As follows:

However, you can see that the security of the VM is very low.

After querying the data, we only need to remove the comments about users and user groups in the/etc/libvirt/qemu. conf file, so that we do not need to modify the VM configurations. Qemu. conf is the configuration file used by libvirt to drive QEMU, including VNC, SPICE, and the permission authentication method used to connect to them, it also includes memory huge pages, SELinux, Cgroups and other related configurations.

Vi/etc/libvirt/qemu. conf

Restart qemu after modification. As follows:

/Etc/init. d/libmongod restart

Create a VM again, as shown below:

The system does not report an error, indicating that the VM can be formally installed.

Now, you can use the VNC client to install the system as follows:

The above is about the configuration in the command line. To be honest, the configuration in the command line is relatively simple. Next I will introduce how to use NFS storage in the graphic interface. A storage pool needs to be created in the graphic interface.

Note that for better experiment results, I have unmounted all NFS mounts on the KVM server.

Start the KVM Virtual Machine to manage virt-manager, as shown below:

Now we create a storage pool for KVM as follows:

In this interface, you must note the type. Select netfs: Directory exported from the network.

In this interface, enter the mount point in the "target path" field for the KVM server. Now I need to mount the NFS Image File Permission to the/iso directory.

Enter the NFS server in "host name.

Enter the NFS shared directory in "Source Path.

This interface is the storage pool used to store image files. The following describes how to create a storage pool for a VM hard disk in the same way as above:

After the VM hard disk storage pool is created, no VM hard disk files are created. Create VM hard disk files as follows:

After the VM hard disk file is created, we can create a new virtual machine. As follows:

In an ISO image, we can select the image file storage pool created earlier.

On the VM hard disk, you can select the hard disk file created earlier.

Start the VM and start installing the system.

Now let's take a look at NFS mounting on the KVM server. As follows:

Df-h

We can find that the command line and GUI are configured in the same way.

The above is related to the configuration methods and notes when NFS is used as the storage and KVM integration.




Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.