Summary of NFS Server setup under CentOS

Source: Internet
Author: User
Tags root access nfsd

Environment Introduction:1. Server:192.168.0.100 2. Client:192.168.0.101To Install the package:1both the server and the client install the NFS and Rpcbind packages:Yum-YInstallnfs-utils Rpcbind2. Use the following command to see if nfs-is already installedUitls Rpcbind These two packages: if the query results are as follows, the instructions have been installed: [[email protected]~]# rpm-qa|grep NFS NFS-utils-1.2.3- the. el6.x86_64 NFS4-acl-tools-debuginfo-0.3.3-6. el6.x86_64 NFS-utils-debuginfo-1.2.3- the. el6.x86_64 NFS-utils-lib-devel-1.1.5-6. el6.x86_64 NFS-utils-lib-1.1.5-6. el6.x86_64 NFS-utils-lib-debuginfo-1.1.5-6. el6.x86_64 NFS4-acl-tools-0.3.3-6. el6.x86_64 [[email protected]~]# rpm-qa|grepRpcbind Rpcbind-0.2.0- One. el6.x86_64 server-side configuration:1. To create an NFS shared directory on the server:mkdir/usr/local/Test2. To set read and write permissions for a shared directory:chmod 666/usr/local/Test3. Edit Export File:VI/etc/exports/usr/local/test/192.168.0.101(Rw,no_root_squash,no_all_squash,SyncNote that there are no spaces between the address and the parameter table. If the MOUNTD port set below is greater than 1024, you need to include the parameter in the parameter table: insecure4. Make configuration effective: Exportfs-r Note: Configuration file Description:/usr/local/test/for the shared directory, use the absolute path. 192.168.0.101(Rw,no_root_squash,no_all_squash,Sync) is the address and permissions of the client, and the address can be a network segment (such as:192.168.0.0/ -), an IP address or a domain name that supports wildcard characters such as: *. hpce.cn, there is no space between the address and the permission. Permission Description: Rw:read-Write, can read and write; Ro:read-only, read only;Sync: The file is written to both the hard disk and the memory, because our logs need to be written synchronously, all with the sync option. Async: The file is staged in memory instead of directly to memory, and if root is used when No_root_squash:nfs client connects to the server, it also has root access to the directory shared by the server. Obviously it's not safe to turn it on. Root_squash:nfs the client connects to the server, if root is used, then the directory shared by the server has anonymous user rights, usually he will use nobody or nfsnobody identity; All_ Squash: Regardless of which user is used by the NFS client to connect to the server, the directory shared by the server has anonymous user rights; Anonuid: The UID value of the anonymous user, usually nobody or nfsnobody, which can be set at its own ; Anongid: The GID value of the anonymous user. 5. Start Service Rpcbind, NFS Services: Service Rpcbind Start service NFS Start server-side firewall settings (NFS-enabled anti-wall configuration): Modify/etc/Services File: Configures the port used by the RPC,NFSD,RQUOTAD,MOUNTD. Configuration before you check whether it has been configured, has been equipped with no configuration. Not configured, to assign a port number that is not used in this file. My machine is configured by default: RPC, NFSD, Rquotad MOUNTD: Not configured. Manual Plus: Mountd48620/TCP #rpc. Mountd mountd48620/UDP #rpc. mountd If the mountd occupies a port greater than1024x768, you need to add the parameter insecure in the file/etc/exports. Such as:192.168.0.100(Insecure,rw,async,root_squash,no_all_squash) Restart NFS Services: Service NFS Restart open the port configured above in the firewall configuration file: Open file: Vim/etc/sysconfig/iptables Add the contents of the Red section:-A input-m state--state new-m tcp-p TCP--dport A-J ACCEPT #rpc-A input-m state--state new-m tcp-p TCP--dport121-J ACCEPT-A input-m state--state new-m udp-p UDP--dport121-J ACCEPT #nfsd-A input-m state--state new-m tcp-p TCP--dport2049-J ACCEPT-A input-m state--state new-m udp-p UDP--dport2049-J ACCEPT #rquotad-A input-m state--state new-m tcp-p TCP--dport875-J ACCEPT-A input-m state--state new-m udp-p UDP--dport875-J ACCEPT #mountd-A input-m state--state new-m tcp-p TCP--dport48620-J ACCEPT-A input-m state--state new-m udp-p UDP--dport48620-J ACCEPT-A input-j REJECT--reject-with icmp-host-prohibited Client mount: Create mount directory:mkdir/usr/local/test to view shared directory information thrown by the server: Showmount-E192.168.0.100Export List for 192.168.0.100: /usr/local/test192.168.0.101If the display: RPCMountExport:RPC:Unable to receive; errno =No route to host, you need to shut down the firewall on the server side. To improve the stability of NFS, using TCP protocol Mounts, NFS defaults with the UDP protocol:Mount-T NFS192.168.0.100:/usr/local/test/usr/local/test-o proto=tcp-o the shared NFS file system can be accessed after the NOLOCK mount is successfully mounted. Uninstalling an NFS that is already hangingUmount/usr/local/test to view information about the mounted directory:Fuser-m-v/usr/local/Test rpcinfo–p IP///to view the RPC service and port for a hostshowmount–e IP///View the NFS list thrown by the hostother NFS Features:1. Service Nfslock start allows NFS clients to lock files on the server. This process corresponds to the problem encountered by the Nfslock service:1. Clnt_create:RPC:Port Mapper failure-unable to Receive:errno113(No route to host)2. Rpcinfo:can'T Contact Portmapper:RPC:Remote system error-no route to hostWorkaround: Execute on server: Rpcinfo-P192.168.0.100Add the listed ports to/etc/sysconfig/iptables file, and then restart the firewall.


From: http://blog.chinaunix.net/uid-20551990-id-4278757.html

Summary of NFS Server setup under CentOS

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.