RHEL 9.0 Install NFS 4 Server
Lets start with one server and install NFS 4.
# dnf install -y nfs-utils
# man 5 exports
...
root_squash
Map requests from uid/gid 0 to the anonymous uid/gid. Note that this does not apply to any other uids or gids that might be
equally sensitive, such as user bin or group staff.
...
EXAMPLE
# sample /etc/exports file
/ master(rw) trusty(rw,no_root_squash)
...
Before configure NFS 4 Server, we will create a couple of directories with file permissions.
The user we create below, will be created with specific UID and GID, as they need to be the same on the clients machines.
# mkdir -p /nfs-share/john
# mkdir -p /nfs-share/jane
# mkdir -p /nfs-share/alice
# mkdir /nfs-share/tmp
# groupadd --gid 1101 john
# groupadd --gid 1102 jane
# groupadd --gid 1103 alice
# useradd --uid 1101 --gid 1101 john
# useradd --uid 1102 --gid 1102 jane
# useradd --uid 1103 --gid 1103 alice
# chown john:john /nfs-share/john
# chown jane:jane /nfs-share/jane
# chown alice:alice /nfs-share/alice
# chmod 750 /nfs-share/john
# chmod 750 /nfs-share/jane
# chmod 750 /nfs-share/alice
# chmod 1777 /nfs-share/tmp
# cp /etc/skel/.bash* /nfs-share/john/
# cp /etc/skel/.bash* /nfs-share/jane/
# cp /etc/skel/.bash* /nfs-share/alice/
# chown john:john /nfs-share/john/.bash*
# chown jane:jane /nfs-share/jane/.bash*
# chown alice:alice /nfs-share/alice/.bash*
And now for the NFS 4 Server configuration.
# vim /etc/exports
/nfs-share/john *(rw,root_squash)
/nfs-share/jane *(rw,root_squash)
/nfs-share/alice *(rw,root_squash)
# systemctl enable --now nfs-server.service
# firewall-cmd --add-service=nfs; firewall-cmd --add-service=nfs --permanent
Install NFS 4 on RHEL 9.0 Client
# dnf install -y nfs-utils
NFSv3 used the RPC protocol, which requires a file server that supports NFSv3 connections to run the rpcbind service. An NFSv3 client connects to the rpcbind service at port 111 on the server to request NFS service. The server responds with the current port for the NFS service. Use the showmount command to query the available exports on an RPC-based NFSv3 server.
# showmount --exports server
NFSv4 introduced an export tree that contains all of the paths for the server's exported directories.
$ sudo mount 192.168.122.76:/ /mnt
$ ls /mnt/
nfs-share
$ sudo umount /mnt
There are 4 different ways to mount NFS shares.
Way 1: Temporary Mount
$ sudo mkdir -p /nfs-share/tmp
$ sudo mount -t nfs -o rw,sync 192.168.122.76:/nfs-share/tmp /nfs-share/tmp
$ sudo mount | grep 192.168.122.76
192.168.122.76:/ on /mnt type nfs4 (rw,relatime,vers=4.2,rsize=262144,wsize=262144,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=192.168.122.58,local_lock=none,addr=192.168.122.76)
$ sudo umount /nfs-share/tmp
Way 2: Permanent Mount
$ sudo mkdir -p /nfs-share/tmp
$ sudo vim /etc/fstab
...
192.168.122.76:/nfs-share/tmp /nfs-share/tmp nfs rw,sync 0 0
$ sudo mount -a
$ sudo systemctl daemon-reload
Way 3: Automount Direct Map and Automount Indirect Map
Differene between Automount Direct Map and Indirect Map
An indirect automount is a well known and unchanging mount point that is known before hand. The indirect is the opposite, e.g. user home directory (/home), that you do not know before hand which user will login to a spefic server.
Way 3: Automount Direct Map
$ sudo dnf install -y autofs nfs-utils
$ man 5 auto.master
...
For direct maps the mount point is always specified as:
/-
...
EXAMPLE
/- auto.data
/home /etc/auto.home
/mnt yp:mnt.map
This will generate two mountpoints for /home and /mnt and install direct mount triggers for each entry in the di‐
rect mount map auto.data. All accesses to /home will lead to the consultation of the map in /etc/auto.home and
all accesses to /mnt will consult the NIS map mnt.map. All accesses to paths in the map auto.data will trigger
mounts when they are accessed and the Name Service Switch configuration will be used to locate the source of the
map auto.data.
To avoid making edits to /etc/auto.master, /etc/auto.master.d may be used. Files in that directory must have a
".autofs" suffix, e.g. /etc/auto.master.d/extra.autofs. Such files contain lines of the same format as the au‐
to.master file, e.g.
/foo /etc/auto.foo
/baz yp:baz.map
...
$ sudo vim /etc/auto.master.d/nfs-share-direct-tmp.autofs
/- /etc/auto.nfs-share-direct-tmp
$ sudo vim /etc/auto.nfs-share-direct-tmp
/nfs-share-direct/tmp -rw,sync 192.168.122.76:/nfs-share/tmp
$ sudo systemctl enable --now autofs
$ sudo mount | grep nfs-share-direct-tmp
/etc/auto.nfs-share-direct-tmp on /nfs-share-direct/tmp type autofs (rw,relatime,fd=17,pgrp=6250,timeout=300,minproto=5,maxproto=5,direct,pipe_ino=74858)
$ echo "HELLO" > /nfs-share-direct/tmp/HELLO
$ cat /nfs-share-direct/tmp/HELLO
HELLO
Way 4: Automount Indirect Map
$ sudo dnf install -y autofs nfs-utils
$ sudo vim /etc/auto.master.d/nfs-share-indirect-tmp.autofs
/nfs-share-indirect /etc/auto.nfs-share-indirect-tmp
/nfs-share-indirect is the base for the final mount point. The next file is called mapping file.
# vim /etc/auto.nfs-share-indirect-tmp
tmp -rw,sync 192.168.122.76:/nfs-share/tmp
The final mount point (path) is the combined path from and master mapping file, e.g. /shares/work.
Both the directory /nfs-share-indirect and /nfs-share-indirect/tmp are created and removed automatically by the aufofs service.
# systemctl enable --now autofs
$ man 5 autofs
...
-fstype=
is used to specify a filesystem type if the filesystem is not of the default NFS type. This option
is processed by the automounter and not by the mount command.
-strict
is used to treat errors when mounting file systems as fatal. This is important when multiple file
systems should be mounted (`multi-mounts'). If this option is given, no file system is mounted at
all if at least one file system can't be mounted.
...
EXAMPLE
Indirect map:
kernel -ro,soft ftp.kernel.org:/pub/linux
boot -fstype=ext2 :/dev/hda1
windoze -fstype=smbfs ://windoze/c
removable -fstype=ext2 :/dev/hdd
cd -fstype=iso9660,ro :/dev/hdc
floppy -fstype=auto :/dev/fd0
server -rw,hard / -ro myserver.me.org:/ \
/usr myserver.me.org:/usr \
/home myserver.me.org:/home
In the first line we have a NFS remote mount of the kernel directory on ftp.kernel.org. This is mounted read-
only. The second line mounts an ext2 volume from a local ide drive. The third makes a share exported from a
Windows machine available for automounting. The rest should be fairly self-explanatory. The last entry (the last
three lines) is an example of a multi-map (see below).
If you use the automounter for a filesystem without access permissions (like vfat), users usually can't write on
such a filesystem because it is mounted as user root. You can solve this problem by passing the option
gid=<gid>, e.g. gid=floppy. The filesystem is then mounted as group floppy instead of root. Then you can add the
users to this group, and they can write to the filesystem. Here's an example entry for an autofs map:
floppy-vfat -fstype=vfat,sync,gid=floppy,umask=002 :/dev/fd0
Direct map:
/nfs/apps/mozilla bogus:/usr/local/moxill
/nfs/data/budgets tiger:/usr/local/budgets
/tst/sbin bogus:/usr/sbin
FEATURES
Map Key Substitution
An & character in the location is expanded to the value of the key field that matched the line (which probably
only makes sense together with a wildcard key).
Wildcard Key
A map key of * denotes a wild-card entry. This entry is consulted if the specified key does not exist in the map.
A typical wild-card entry looks like this:
* server:/export/home/&
The special character '&' will be replaced by the provided key. So, in the example above, a lookup for the key
'foo' would yield a mount of server:/export/home/foo.
...
To map user homes directories.
$ sudo vim /etc/auto.master.d/nfs-share-indirect-home.autofs
/home /etc/auto.nfs-share-indirect-home
$ vim /etc/auto.nfs-share-indirect-home
* -rw,sync 192.168.122.76:/nfs-share/&
# systemctl enable --now autofs
# groupadd --gid 1101 john
# useradd --uid 1101 --gid 1101 john
# passwd john
# su - john
$ echo "JOHN" > john
$ pwd
/home/john
No comments:
Post a Comment