专题:NFSv4 file server
Network File System (NFS) is a file system protocol that allows client machines to access network attached filesystems. The newest version is version 4.
<A> Kernel requirements:
NFS server support is not required for NFS clients, and NFS client support is not required for NFS servers. Dnotify support is only required for NFSv4. NFSv3 is only required for compatibility with legacy clients e.g.
File systems ---> [*] Dnotify support [*] Network File Systems ---> <*> NFS client support <*> NFS client support for NFS version 3 <*> NFS client support for NFS version 4 [*] NFS client support for NFSv4.1 <*> NFS server support [*] NFS server support for NFS version 3 [*] NFS server support for NFS version 4 [*] NFSv4.1 server support for Parallel NFS (pNFS)
<B> Install "net-fs/nfs-utils"(Gentoo) or "nfs-utils.x86_64"(RedHat)
After installation, set the "rpcbind" and "nfs" service start with your OS:
root # rc-update add nfs default && rc-update add rpcbind default
OR
root # systemctl enable nfs.service && systemctl enable rpcbind.service
<C> Virtual root
The filesystems to be exported must be made available under a single directory. This directory is known as the virtual root directory, and it is required for NFSv4:
root #mkdir /export #The dir_name "/export" can be changed it to any other.
Create directories in the virtual root directory for the filesystems that are to be exported:
root #mkdir /export/distfiles
Write to "/etc/fstab"
/PATH/TO/distfiles /export/distfiles none bind 0 0
<D> Exports
The filesystems to be made accessible for clients are specified in /etc/exports. This file consists of the directories to be exported, the clients allowed to access those directories, and a list options for each client:
/export 10.1.0.0/8(sync,rw,insecure,no_subtree_check,crossmnt,fsid=root) /export/distfiles *(sync,ro,insecure,no_subtree_check)
The following table briefly describes the client options used in the configuration above:
1 insecure The server will require that client requests originate on unprivileged ports (those above 1024). This option is required when mounting exported directories from OS X. The default is to use privileged ports. 2 rw The client will have read and write access to the exported directory. The default is to allow read-only access. 3 sync The server must wait until filesystem changes are committed to storage before responding to further client requests. This is the default. 4 no_subtree_check The server will not verify the requests from clients(wether it's in the appropriate filesystem or has the correct permissions). This is the default in NFSv4. 5 crossmnt The server will reveal filesystems that are mounted under the virtual root directory that would otherwise be hidden when a client mounts the virtual root directory. 6 fsid=root This option is required to uniquely identify the virtual root directory.
If changes are made to /etc/exports after the NFS server has started, execute the following command:
root #exportfs -rv OR root #/etc/init.d/nfs reload OR root #systemctl reload nfs.service
<E> Daemon
The NFS daemon is configured via /etc/conf.d/nfs:
# /etc/conf.d/nfs # Options to pass to rpc.nfsd OPTS_RPC_NFSD="8 -N 2 -V 3 -V 4 -p 8888"
The option 8
is the number of NFS server threads to start.The option -N 2
disables NFS version 2, while options -V 3 and
-V 4
enable NFS versions 3 and 4, The option -p 8888 change listening port from the default 2049 to 8888.
<F> Client Service
To be able to mount exported directories, start the NFS client:
root # service rpcbind start
OR
root # systemctl start rpcbind
<G> Mount on Client
root # mount [-t nfs] 113.114.115.116:/ /mnt #"-t nfs" argument is not necessary
<H>Troubeshooting
The system may become unresponsive during shutdown when the NFS client attempts to unmount exported directories after udev has stopped. To prevent this, a local.d script(Gentoo) can be used to forcibly unmount the exported directories during shutdown:
#write in "/etc/local.d/NFS_umount.stop" /bin/umount -a -f -t nfs
Remember to add "x" permission:
chmod +x NFS_umount.stop
Verify which NFS daemons are running:
Gentoo > rpcinfo -p program vers proto port service 100000 4 tcp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 35261 status 100024 1 tcp 59039 status 100005 1 udp 53336 mountd 100005 3 tcp 37138 mountd 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100021 1 udp 36565 nlockmgr
List the exported directories from the NFS server:
Gentoo > exportfs -v /export 10.1.7.0/24(rw,wdelay,crossmnt,insecure,root_squash,no_subtree_check,fsid=0,sec=sys,rw,insecure,root_squash,no_all_squash)
List the established connections:
Gentoo > ss -tuanp | grep 2049 udp UNCONN 0 0 *:2049 *:* udp UNCONN 0 0 :::2049 :::* tcp LISTEN 0 64 *:2049 *:* tcp LISTEN 0 64 :::2049 :::*