专题:NFSv4 file server

  Network File System (NFS) is a file system protocol that allows client machines to access network attached filesystems. The newest version is version 4.

<A> Kernel requirements:

  NFS server support is not required for NFS clients, and NFS client support is not required for NFS servers. Dnotify support is only required for NFSv4. NFSv3 is only required for compatibility with legacy clients e.g.

File systems --->
  [*] Dnotify support
  [*] Network File Systems --->
        <*>   NFS client support
        <*>     NFS client support for NFS version 3
        <*>     NFS client support for NFS version 4
        [*]   NFS client support for NFSv4.1
        <*>   NFS server support
        [*]     NFS server support for NFS version 3
        [*]     NFS server support for NFS version 4
        [*]       NFSv4.1 server support for Parallel NFS (pNFS)

<B> Install "net-fs/nfs-utils"(Gentoo) or "nfs-utils.x86_64"(RedHat)

  After installation, set the "rpcbind" and "nfs" service start with your OS:

root # rc-update add nfs default && rc-update add rpcbind default
OR
root # systemctl enable nfs.service && systemctl enable rpcbind.service

<C> Virtual root 

  The filesystems to be exported must be made available under a single directory. This directory is known as the virtual root directory, and it is required for NFSv4:

root #mkdir /export
#The dir_name "/export" can be changed it to any other.

  Create directories in the virtual root directory for the filesystems that are to be exported:

root #mkdir /export/distfiles

  Write to "/etc/fstab"

/PATH/TO/distfiles    /export/distfiles    none    bind    0 0

<D> Exports

  The filesystems to be made accessible for clients are specified in /etc/exports. This file consists of the directories to be exported, the clients allowed to access those directories, and a list options for each client:

/export          10.1.0.0/8(sync,rw,insecure,no_subtree_check,crossmnt,fsid=root)
/export/distfiles    *(sync,ro,insecure,no_subtree_check)

  The following table briefly describes the client options used in the configuration above:

1 insecure    The server will require that client requests originate on unprivileged ports (those above 1024). This option is required when mounting exported directories from OS X. The default is to use privileged ports.
2 rw    The client will have read and write access to the exported directory. The default is to allow read-only access.
3 sync    The server must wait until filesystem changes are committed to storage before responding to further client requests. This is the default.
4 no_subtree_check    The server will not verify the requests from clients(wether it's in the appropriate filesystem or has the correct permissions). This is the default in NFSv4.
5 crossmnt    The server will reveal filesystems that are mounted under the virtual root directory that would otherwise be hidden when a client mounts the virtual root directory.
6 fsid=root    This option is required to uniquely identify the virtual root directory.

  If changes are made to /etc/exports after the NFS server has started, execute the following command:

root #exportfs -rv
OR
root #/etc/init.d/nfs reload
OR
root #systemctl reload nfs.service

<E> Daemon

  The NFS daemon is configured via /etc/conf.d/nfs:

# /etc/conf.d/nfs
# Options to pass to rpc.nfsd
OPTS_RPC_NFSD="8 -N 2 -V 3 -V 4 -p 8888"

  The option 8 is the number of NFS server threads to start.The option -N 2 disables NFS version 2, while options -V 3 and -V 4 enable NFS versions 3 and 4, The option -p 8888 change listening port from the default 2049 to 8888. 

<F> Client Service

  To be able to mount exported directories, start the NFS client:

root # service rpcbind start
OR
root # systemctl start rpcbind

<G> Mount on Client

root # mount [-t nfs] 113.114.115.116:/ /mnt    #"-t nfs" argument is not necessary

<H>Troubeshooting

  The system may become unresponsive during shutdown when the NFS client attempts to unmount exported directories after udev has stopped. To prevent this, a local.d script(Gentoo) can be used to forcibly unmount the exported directories during shutdown:

#write in "/etc/local.d/NFS_umount.stop"
/bin/umount -a -f -t nfs

  Remember to add "x" permission:

chmod +x NFS_umount.stop

  Verify which NFS daemons are running:

Gentoo > rpcinfo -p
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  35261  status
    100024    1   tcp  59039  status
    100005    1   udp  53336  mountd
    100005    3   tcp  37138  mountd
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100003    3   udp   2049  nfs
    100003    4   udp   2049  nfs
    100021    1   udp  36565  nlockmgr

  List the exported directories from the NFS server:

Gentoo > exportfs -v
/export           10.1.7.0/24(rw,wdelay,crossmnt,insecure,root_squash,no_subtree_check,fsid=0,sec=sys,rw,insecure,root_squash,no_all_squash)

  List the established connections:

Gentoo > ss -tuanp | grep 2049
udp    UNCONN     0      0         *:2049                  *:*                  
udp    UNCONN     0      0        :::2049                 :::*                  
tcp    LISTEN     0      64        *:2049                  *:*                  
tcp    LISTEN     0      64       :::2049                 :::*        

 

posted @ 2015-04-17 16:45  范辉  阅读(849)  评论(0编辑  收藏  举报