代码改变世界

RHCE 共享文件系统

  Ivan的一亩三分地  阅读(338)  评论(0编辑  收藏  举报

9.1 共享文件系统

概述: 共享文件系统通常有两种方式:

基于文件共享,一种直接共享文件夹给client端,常见的技术有NFS(Network File System )和 SMB (Server Message Block)

基于block共享,即共享服务器端分配的磁盘给client端使用。

 

--------------------------------------------------------------------------------------------------------

测试环境

--------------------------------------------------------------------------------------------------------

9.1.1  基于文件共享

 

NFS 配置

服务端设置

?
1
2
3
4
5
安装包
    libnfsidmap-0.25-9.el7.x86_64
    nfs-utils-1.3.0-0.el7.x86_64
服务名: nfs
防火墙:

 

1. 安装包检查及安装

?
1
2
rpm -qa | grep -i nfs
yum install nfs-utils-*

 

2. 启动服务nfs-server

?
1
2
3
systemctl restart nfs-server
systemctl enable nfs-server
systemctl status nfs-serve

3. 开启防火墙

?
1
2
3
rhel 7
firewall-cmd --permanent --add-service=nfs
firewall-cmd --reload

4. 配置分享的文件

4.1. 创建分享的文件系统

?
1
mkdir /nfs

如果分享的用户有写权限,需要设置other 对共享文件夹有写权限

4.2. 配置共享文件

?
1
2
3
4
5
/etc/exports
 
/nfs   desktop0(rw)
保存退出后,使用命令检测是否成功
exportfs -r

 

 

客户端设置

配置/etc/fstab

?
1
192.168.56.12:/nfs     /sharednfs             nfs   defaults 0 0

执行挂载

?
1
2
3
mount -a
df -h
mount  192.168.56.12:nfs   /sharednfs  

 

 

SMB (Server Message Block)

?
1
2
安装包samba
samba-client服务 :smb<br>防火墙:

 

服务端设置

1. 安装包

?
1
yum install samba*

 

2. 启动服务

?
1
2
3
systemctl restart smb
systemctl enable smb
systemctl status smb

3. 开启防火墙

?
1
2
firewall-cmd --permanent --add-service=samba
firewall-cmd --reload

 

4. 创建共享文件目录,及用户需求

?
1
mkdir /samba

 

5. 设置共享文件

5.1 添加共享配置

?
1
2
3
4
5
6
7
8
/etc/samba/smb.conf
 
[samba_s0]
path=/samba
valid users=user0
write list=user1,user2
hosts allow=192.168.56.1
writable=no

 

5.2  执行命令testparm 检查配置是否存在语法错误

?
1
2
3
4
5
6
7
8
[root@localhost ~]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[samba_s0]"
Loaded services file OK.
“Loaded services file OK.”   表示everything is ok

 

5.3 将用户升级为samba用户,需要设置对应用户的登录密码

smbpasswd -a user0

?
1
2
3
4
[root@localhost ~]# smbpasswd -a user0
New SMB password:
Retype new SMB password:
Added user user0.

 

客户端设置

?
1
2
3
4
5
安装包
samba-client-3.6.23-45.el6_9.x86_64
cifs-utils-4.8.1-20.el6.x86_64
 
服务:N/A

 

1. 安装安装包

?
1
2
yum install  samba-client
yum install  cifs*

 

2. 测试是否能够访问成功

    2.1 测试是否mount 成功

?
1
2
[root@dpf01 ~]# mount -ousername=user0  //192.168.56.12/samba_s0  /samba
Password:

    2.2 测试是否有读权限

?
1
2
3
[root@dpf01 ~]# cd /samba
[root@dpf01 samba]# ls
ls: reading directory .: Permission denied

 

   原因分析及解决方法

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
临时关闭 selinux, 测试成功
setenforce 0
接下来我们 fix ,在 server 端做如下操作
方法一:
[root@localhost ~]# semanage fcontext -a -t samba_share_t "/samba(/.*)?"
[root@localhost ~]# restorecon -R -v /samba
restorecon reset /samba context unconfined_u:object_r:default_t:s0->unconfined_u:object_r:samba_share_t:s0
[root@localhost ~]# ls -dZ /samba
drwxr-xr-x. root root unconfined_u:object_r:samba_share_t:s0 /samba
 
方法二: 通过查看配置文件  /etc/samba/smb.conf
# Security-Enhanced Linux (SELinux) Notes:
#
# Turn the samba_domain_controller Boolean on to allow Samba to use the useradd
# and groupadd family of binaries. Run the following command as the root user to
# turn this Boolean on:
# setsebool -P samba_domain_controller on
#
# Turn the samba_enable_home_dirs Boolean on if you want to share home
# directories via Samba. Run the following command as the root user to turn this
# Boolean on:
# setsebool -P samba_enable_home_dirs on
#
# If you create a new directory, such as a new top-level directory, label it
# with samba_share_t so that SELinux allows Samba to read and write to it. Do
# not label system directories, such as /etc/ and /home/, with samba_share_t, as
# such directories should already have an SELinux label.
#
# Run the "ls -ldZ /path/to/directory" command to view the current SELinux
# label for a given directory.
#
# Set SELinux labels only on files and directories you have created. Use the
# chcon command to temporarily change a label:
# chcon -t samba_share_t /path/to/directory
#
# Changes made via chcon are lost when the file system is relabeled or commands
# such as restorecon are run.
#
# Use the samba_export_all_ro or samba_export_all_rw Boolean to share system
# directories. To share such directories and only allow read-only permissions:
# setsebool -P samba_export_all_ro on
# To share such directories and allow read and write permissions:
# setsebool -P samba_export_all_rw on

 

 

9.1.2  基于 block 共享

ISSCI

?
1
2
1.  安装必要的安装包
2.  创建共享的磁盘<br>3.  配置ISSCI 服务端

 服务端设置

?
1
要求的安装包<br>target<br>服务:target<br>防火墙:

 1.  安装包

?
1
yum install target*

2.   启动服务

?
1
2
3
systemctl restart target
systemctl enable target
systemctl status target

 3.  配置共享磁盘

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
targetcli
 
[root@localhost RHEL-7.0 Server.x86_64]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.fb34
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
 
/> ls
o- / ..................................................................................................................... [...]
  o- backstores .......................................................................................................... [...]
  | o- block .............................................................................................. [Storage Objects: 0]
  | o- fileio ............................................................................................. [Storage Objects: 0]
  | o- pscsi .............................................................................................. [Storage Objects: 0]
  | o- ramdisk ............................................................................................ [Storage Objects: 0]
  o- iscsi ........................................................................................................ [Targets: 0]
  o- loopback ..................................................................................................... [Targets: 0]
/>
 
/backstores> block/ create block0  /dev/sda5
Created block storage object block0 using /dev/sda5.
cd ..
/> ls
o- / ..................................................................................................................... [...]
  o- backstores .......................................................................................................... [...]
  | o- block .............................................................................................. [Storage Objects: 1]
  | | o- block0 .................................................................. [/dev/sda5 (200.0MiB) write-thru deactivated]
  | o- fileio ............................................................................................. [Storage Objects: 0]
  | o- pscsi .............................................................................................. [Storage Objects: 0]
  | o- ramdisk ............................................................................................ [Storage Objects: 0]
  o- iscsi ........................................................................................................ [Targets: 0]
  o- loopback ..................................................................................................... [Targets: 0]
/>
 
iscsi/ create iqn.2017-11.com.example:remotedisk1
cd iscsi/iqn.2017-11.com.example:remotedisk1/tpg1/
acls/ create iqn.2017-11.com.example:192.168.56.1
luns/ create
portals/ create 192.168.56.12
 
/> ls
o- / ......................................................................................................................... [...]
  o- backstores .............................................................................................................. [...]
  | o- block .................................................................................................. [Storage Objects: 1]
  | | o- block0 ........................................................................ [/dev/sda5 (200.0MiB) write-thru activated]
  | o- fileio ................................................................................................. [Storage Objects: 0]
  | o- pscsi .................................................................................................. [Storage Objects: 0]
  | o- ramdisk ................................................................................................ [Storage Objects: 0]
  o- iscsi ............................................................................................................ [Targets: 1]
  | o- iqn.2017-11.com.example:remotedisk1 ............................................................................... [TPGs: 1]
  |   o- tpg1 ............................................................................................... [no-gen-acls, no-auth]
  |     o- acls .......................................................................................................... [ACLs: 1]
  |     | o- iqn.2017-11.com.example:192.168.56.1 ................................................................. [Mapped LUNs: 1]
  |     |   o- mapped_lun0 ................................................................................ [lun0 block/block0 (rw)]
  |     o- luns .......................................................................................................... [LUNs: 1]
  |     | o- lun0 ....................................................................................... [block/block0 (/dev/sda5)]
  |     o- portals .................................................................................................... [Portals: 1]
  |       o- 192.168.56.12:3260 ............................................................................................... [OK]
  o- loopback ......................................................................................................... [Targets: 0]
/>

 4.  防火墙设置

?
1
2
3
4
[root@localhost ~]# firewall-cmd --permanent --add-port=3260/tcp
success
[root@localhost ~]# firewall-cmd --reload
success

 

 客户端设置

1. 安装包

iscsi-initiator-utils

2. 启动服务

?
1
2
3
systemctl restart iscsid
systemctl enable iscsid
systemctl status iscsid

2. 设置配置文件

/etc/iscsi/initiatorname.iscsi

?
1
nitiatorName=iqn.2017-11.com.example:192.168.56.1

 

3. 发现共享 node

iscsiadm --mode discoverydb --type sendtargets --portal 192.168.56.12  --discover

?
1
2
3
[root@dpf01 ~]# iscsiadm --mode discoverydb --type sendtargets --portal 192.168.56.12  --discover
Starting iscsid:                                           [  OK  ]
192.168.56.12:3260,1 iqn.2017-11.com.example:remotedisk1

 

4. login node

  iscsiadm --mode node --targetname iqn.2017-11.com.example:remotedisk1 --portal  192.168.56.12:3260 --login

 iscsiadm --mode node --targetname iqn.2001-05.com.doe:test --portal    192.168.1.1:3260 --logout

5. 配置/etc/fstab

 

编辑推荐:
· ASP.NET Core 模型验证消息的本地化新姿势
· 对象命名为何需要避免'-er'和'-or'后缀
· SQL Server如何跟踪自动统计信息更新?
· AI与.NET技术实操系列:使用Catalyst进行自然语言处理
· 分享一个我遇到过的“量子力学”级别的BUG。
阅读排行:
· AI Agent爆火后,MCP协议为什么如此重要!
· Draw.io:你可能不知道的「白嫖级」图表绘制神器
· dotnet 源代码生成器分析器入门
· ASP.NET Core 模型验证消息的本地化新姿势
· Java使用多线程处理未知任务数方案
点击右上角即可分享
微信分享提示