NFS安装

Posted on Posted in linux
Tips: 本文创建于2014年2月20日,已超过 2 年,内容或图片可能已经失效!

nfs 安装

nfs = network file system  

介绍

三个进程

  • rpc.nfsd 客户端能否登录服务器
  • rpc.mountd 管理nfs文件系统
  • portmap 端口分发

软件结构

  • /etc/exports 主配置文件,无默认值。在某些版本中需要手动建立
  • /usr/sbin/exportfs 维护共享资源的命令
  • /usr/sbin/showmount 查看共享资源的命令
  • /var/lib/nfs/*tab etab完整权限设定值,xtab记录相关客户端数据
rpm -qa | grep nfs  

主配置文件的格式exports

[共享目录路径 客户端描述(权限,另一个权限) 另一个客户端(权限,另一个权限)]  
  
  
客户端描述可以是:  
    IP地址:192.168.1.123  
    host:   www.a.com  
    网段: 192.168.18.0/24  
    域中主机    *.a.com  
    所有主机    *  
权限:  
    ro              只读  
    rw              读写  
    no_root_squash  登录到nfs主机,使用共享目录的用户,如说是root,对于这个目录就有root的权限  
    root_squash                                     贬成匿名用户(nfsnobody)  
    all_squash  不管是谁,全是匿名用户(nfsnobody)  
    anonuid     指定被贬用户的UID  
    anongid     指定被贬用户的GID  
    sync        资料同步写入到内存和磁盘  
    async       资料先写到内存再写到磁盘  
rpcinfo -p  #查看nfs服务状况  
rpcinfo -u localhost nfs    #服务状态  
  
exportfs                -a  全部在主配置文件中的共享目录  
            -r  重新挂载主配置文件中的共享目录  
            -u  卸载目录  
            -v  显示信息  
showmount               -a  显示服务器客户端的连接状况  
            -e  显示主机有那些共享  
  
service portmap status  
service nfs status  
  
vim /etc/exports  
/tmp    192.168.18.0/24(ro)  
/mnt    192.168.18.0/24(rw)  
  
  
  
/etc/hosts.allow    /etc/hosts.deny  
vim /etc/hosts.deny  
portmap:    192.168.1.123  

客户端连接:

mount   192.168.18.251:/mnt /a  
mount -t nfs 192.168.18.251:/mnt /a (防止出现为识别系统类型)  
  
tmp所有都可读写  
  
/tmp    *(rw,no_root_squash)  
  
home下的share共享  
  
/home/share 192.168.18.0/24(rw) *(ro)  
/home/myfile    192.168.18.100(rw)  
/home/linux     *(rw,all_squash,anonuid=250,anongid=250)  

端口固定:

/etc/sysconfig/nfs  
RQUOTAD_PORT=10001  
LOCKD_TCPPORT=10002  
LOCKD_UDPPORT=10002  
MOUNTD_PORT=1003  
STATD_PORT=1004  
  
service nfs restart  

nfs自动挂载

service autofs status  
/etc/init.d/autofs  
rpm -qf /etc/init.d/autofs  
  
vim /etc/auto.master  
/mnt    /etc/auto.mnt   --timeout=10  

挂载点 挂载点的具体配置文件 超时时间

vim /etc/auto.mnt  
nfs     --fstype=nfs,ro     192.168.18.251:/tmp  
挂载点目录名称 文件系统类型和权限   共享路径  
  
等同于===== mount -t nfs -o ro 192.168.18.251:/tmp /mnt/nfs  
  
service autofs restart  
/mnt目录没有nfs,直接进入就有nfs,10秒不用就卸载了  

安装重新整理(推荐)

server 端

检查安装

-> root@c1 ~ ☺ # rpm -qa | grep nfs  
-> root@c1 ~ ☺ # rpm -qa | grep rpcbind  
-> root@c1 ~ ☺ # yum -y install nfs-utils rpcbind  
-> root@c1 ~ ☺ # rpm -q nfs-utils portmap  
nfs-utils-1.2.3-64.el6.x86_64  
package portmap is not installed  

软件结构

  • /etc/exports nfs的配置文件
  • /usr/sbin/exportfs nfs系统维护指令
  • /var/lig/nfs/*tab 分享资源的登录文档
  • /usr/sbin/showmount 查看分享资源的指令

配置

  • rw 读写权限
  • sync 数据实时同步
  • no_root_squash 防止客户端没有权限修改,出现Permission denied
  • no_subtree_check 不检查目录权限,提高数据读取效率
  • 65534代表nfsnobody用户,打开/etc/passwd查找
  • 65534代表nfsnobody组
-> root@c1 ~ ☺ # vim /etc/exports  
/data/nfsdir    192.168.36.0/23(rw,sync,no_root_squash,no_subtree_check,anonuid=65534,anongid=65534)  

-> root@c1 ~ ☺ # vim /etc/sysconfig/nfs   
RQUOTAD_PORT=875  
LOCKD_TCPPORT=32803  
LOCKD_UDPPORT=32769  
MOUNTD_PORT=892  
STATD_PORT=1001  
STATD_OUTGOING_PORT=1004  

防火墙

vi /etc/sysconfig/iptables  
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 111 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 111 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 875 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 875 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 892 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 892 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 32803 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 32769 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1001 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 1001 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1002 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 1002 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1003 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 1003 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1004 -j ACCEPT  
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 1004 -j ACCEPT  
/etc/init.d/iptables restart #最后重启防火墙使配置生效

修改完exports,需要重新启动

  • -a :全部挂载(或卸载) /etc/exports档案内的设定
  • -r :重新挂载/etc/exports里面的设定,此外,亦同步更新/etc/exports 及/var/lib/nfs/xtab的内容!
  • -u :卸载某一目录
  • -v :在export的时候,将分享的目录显示到萤幕上!
-> root@c1 ~ ☺ # showmount -e localhost  
Export list for localhost:  
/data/nfsdir 192.168.36.0/23  
-> root@c1 ~ ☺ # exportfs -arv  
exporting 192.168.36.0/23:/data/nfsdir  
-> root@c1 ~ ☺ # showmount -e localhost  
Export list for localhost:  
/data/nfsdir 192.168.36.0/23  
-> root@c1 ~ ☺ # exportfs -auv   
-> root@c1 ~ ☺ # showmount -e localhost  
Export list for localhost:  

开启/停止服务(顺序都不能错)

开启
-> root@c1 ~ ☺ # /etc/rc.d/init.d/rpcbind start  
Starting rpcbind:                                          [  OK  ]  
-> root@c1 ~ ☺ # /etc/rc.d/init.d/nfslock start  
Starting NFS statd:                                        [  OK  ]  
-> root@c1 ~ ☺ # /etc/rc.d/init.d/nfs start  
Starting NFS services:                                     [  OK  ]  
Starting NFS mountd:                                       [  OK  ]  
Starting NFS daemon:                                       [  OK  ]  
Starting RPC idmapd:                                       [  OK  ]  
停止
-> root@c1 ~ ☺ # service nfslock stop  
Stopping NFS locking:                                      [  OK  ]  
Stopping NFS statd:                                        [  OK  ]  
-> root@c1 ~ 2☺ # service nfs stop  
Shutting down NFS daemon:                                  [  OK  ]  
Shutting down NFS mountd:                                  [  OK  ]  
Shutting down NFS services:                                [  OK  ]  
Shutting down RPC idmapd:                                  [  OK  ]  
-> root@c1 ~ ☺ # service rpcbind stop  
Stopping rpcbind:                                          [  OK  ] 

查看状态

  • -p :针对某IP (未写则预设为本机) 显示出所有的port 与porgram 的资讯;
  • -t :针对某主机的某支程式检查其TCP 封包所在的软体版本;
  • -u :针对某主机的某支程式检查其UDP 封包所在的软体版本;
-> root@c1 ~ ☺ # rpcinfo -p 192.168.36.67   #查看端口状态  
   program vers proto   port  service  
    100000    4   tcp    111  portmapper  
    100000    3   tcp    111  portmapper  
    100000    2   tcp    111  portmapper  
    100000    4   udp    111  portmapper  
    100000    3   udp    111  portmapper  
    100000    2   udp    111  portmapper  
    100024    1   udp  49313  status  
    100024    1   tcp  48130  status  
    100005    1   udp  46850  mountd  
    100005    1   tcp  41668  mountd  
    100005    2   udp  55759  mountd  
    100005    2   tcp  45163  mountd  
    100005    3   udp  45975  mountd  
    100005    3   tcp  49617  mountd  
    100003    2   tcp   2049  nfs  
    100003    3   tcp   2049  nfs  
    100003    4   tcp   2049  nfs  
    100227    2   tcp   2049  nfs_acl  
    100227    3   tcp   2049  nfs_acl  
    100003    2   udp   2049  nfs  
    100003    3   udp   2049  nfs  
    100003    4   udp   2049  nfs  
    100227    2   udp   2049  nfs_acl  
    100227    3   udp   2049  nfs_acl  
    100021    1   udp  43360  nlockmgr  
    100021    3   udp  43360  nlockmgr  
    100021    4   udp  43360  nlockmgr  
    100021    1   tcp  45304  nlockmgr  
    100021    3   tcp  45304  nlockmgr  
    100021    4   tcp  45304  nlockmgr  
-> root@c1 ~ ☺ #  rpcinfo -t localhost nfs  
program 100003 version 2 ready and waiting  
program 100003 version 3 ready and waiting  
program 100003 version 4 ready and waiting  
选项与参数:
  • -a :显示目前主机与用户端的NFS 连线分享的状态;
  • -e :显示某部主机的/etc/exports 所分享的目录资料。
-> root@c1 ~ ☺ # showmount -e 192.168.36.67     #查看共享的目录           
Export list for 192.168.36.67:  
/data/nfsdir 192.168.36.0/23  

查看log

-> root@c1 ~ ☺ # tail /var/log/messages  
May 23 13:31:02 c1 kernel: NFSD: starting 90-second grace period  
May 23 13:32:24 c1 rpc.statd[67061]: Caught signal 15, un-registering and exiting  
May 23 13:32:35 c1 kernel: nfsd: last server has exited, flushing export cache  
May 23 13:32:35 c1 rpc.mountd[67110]: Caught signal 15, un-registering and exiting.  
May 23 13:32:41 c1 rpcbind: rpcbind terminating on signal. Restart with "rpcbind -w"  
May 23 13:33:51 c1 rpc.statd[67364]: Version 1.2.3 starting  
May 23 13:33:51 c1 sm-notify[67365]: Version 1.2.3 starting  
May 23 13:33:56 c1 rpc.mountd[67406]: Version 1.2.3 starting  
May 23 13:33:56 c1 kernel: NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory  
May 23 13:33:56 c1 kernel: NFSD: starting 90-second grace period  

查看预设参数

-> root@c1 ~ ☺ # cat /var/lib/nfs/etab   
/data/nfsdir    192.168.36.0/23(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,anonuid=65534,anongid=65534,sec=sys,rw,root_squash,no_all_squash)  

client端

安装启动与上面一样

[root@localhost ~]# showmount -e 192.168.36.67  
Export list for 192.168.36.67:  
/data/nfsdir 192.168.36.0/23  
  
[root@localhost nfsdir]# mount -t nfs -o soft,intr,bg,rw,rsize=32768,wsize=32768 192.168.36.67:/data/nfsdir   /data/nfsdir  

卸载用umount

[root@localhost ~]# umount /data/nfsdir  

设置开机自动挂载目录

vi /etc/fstab  #编辑  
192.168.21.160:/data/nfsdir /data/nfsdir    nfs soft,intr,bg,rw,rsize=32768,wsize=32768  0   0  

centos 7.x 版本的不同

centos 7.x 版本需要一些不一样的地方

Important Services

  • rpcbind : The rpcbind server converts RPC program numbers into universal addresses.

  • nfs-server : It enables the clients to access NFS shares.

  • nfs-lock / rpc-statd : NFS file locking. Implement file lock recovery when an NFS server crashes and reboots.

  • nfs-idmap : It translates user and group ids into names, and to translate user and group names
    into ids

Important Configuration Files

  • /etc/exports : It is the main configuration file, controls which file systems are exported to remote hosts and specifies options.

  • /etc/fstab : This file is used to control what file systems including NFS directories are mounted when the system boots.

  • /etc/sysconfig/nfs : This file is used to control which ports the required RPC services run on.

  • /etc/hosts.allow, and /etc/hosts.deny : These files are called TCP wrappers, controls the access to NFS server. It is used by NFS to decide whether or not to accept a connection coming in from another IP address

安装

yum install nfs-utils libnfsidmap

服务管理

systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock   # 或 systemctl enable rpc-statd
systemctl enable nfs-idmap
systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock    # 或 systemctl start rpc-statd
systemctl start nfs-idmap
» 转载请注明来源:呢喃 » NFS安装