CentOS 6.3 NFS installation configuration, startup and mount mounting methods

Time:2021-9-22

1、 Environment introduction:

Server: CentOS 192.168.1.225

Client: CentOS 192.168.1.226

2、 Installation:

NFS mount configuration:
centos 5 :

yum -y install nfs-utils portmap

CentOS 6 (in CentOS 6.3, rpcbind is responsible for portmap service)  :

yum -y install nfs-utils rpcbind

3、 Server side configuration:

1. Create shared directory:

[[email protected] /]# mkdir /usr/local/test

2. NFS file configuration:

[[email protected] /]# vi /etc/exports 
#Add a line:
/usr/local/test/ 192.168.1.226(rw,no_root_squash,no_all_squash,sync)

: X save and exit;

Make configuration effective:

[[email protected] /]# exportfs -r

Note: description of configuration file:

/Usr / local / test / is the shared directory, using the absolute path.
192.168.1.226 (RW, no_root_square, no_all_square, sync) refers to the address and permission of the client. The address can be a network segment, an IP address or a domain name. The domain name supports wildcards, such as *. Youxia.com. There is no space between the address and permission. Permission Description:
RW: read-write, read-write;
Ro: read-only, read-only;
Sync: files are written to hard disk and memory at the same time;
Async: files are temporarily stored in memory rather than written directly to memory;
no_ root_ Square: if the NFS client uses root when connecting to the server, it also has root permission for the directory shared by the server. Obviously, it’s not safe to start this.
root_ Square: if the NFS client uses root when connecting to the server, it has anonymous user permissions for the directory shared by the server. Usually, it will use nobody or nfsnobody identity;
all_ Square: no matter what user the NFS client uses when connecting to the server, it has anonymous user permissions for the directory shared by the server;
Anonuid: the uid value of an anonymous user, usually nobody or nfsnobody, which can be set here;
Anongid: GID value of anonymous user.

3. Start:

centos6:

[[email protected] /]# service rpcbind start

Starting rpcbind:                                          [  OK  ]
[[email protected] /]# service nfs start
Starting NFS services:                                     [  OK  ]
Starting NFS quotas:                                       [  OK  ]
Starting NFS mountd:                                       [  OK  ]
Stopping RPC idmapd:                                       [  OK  ]
Starting RPC idmapd:                                       [  OK  ]
Starting NFS daemon:                                       [  OK  ]
[[email protected] /]# 

centos 5

[[email protected] /]# service portmap start
[[email protected] /]# service nfs start
[[email protected] /]# 

4、 Client mount:

1. Create a directory to mount:

[[email protected] ~]# mkdir /usr/local/test
[[email protected] ~]# 

2. Test mount:

[[email protected] ~]# showmount -e 192.168.1.225
Export list for 192.168.1.225:
/usr/local/test 192.168.1.226
[[email protected] ~]# 

If: RPC mount export: RPC: unable to receive; Errno = no route to host, you need to turn off the firewall at the server (more on this later).

3. Mount:

[[email protected] ~]# mount -t nfs 192.168.1.225:/usr/local/test /usr/local/test

[[email protected] ~]# mount
/dev/mapper/VolGroup-lv_root on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/sda1 on /boot type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
nfsd on /proc/fs/nfsd type nfsd (rw)
192.168.1.225:/usr/local/test on /usr/local/test type nfs (rw,vers=4,addr=192.168.1.225,clientaddr=192.168.1.226)
[[email protected] ~]# 

If the information is shown above, the mount is successful!

4. Test:

The client generates a file:

[[email protected] /]# cd /usr/local/test/
[[email protected] test]# echo "hello nfs test">>test
[[email protected] test]# ll
total 4
-rw-r--r-- 1 root root 15 Apr  9 13:24 test
[[email protected] test]# 

Server check:

[[email protected] /]# cd /usr/local/test/
[[email protected] test]# ll
total 4
-rw-r--r-- 1 root root 15 Apr  9 13:24 test
[[email protected] test]# 

Mount succeeded!

5、 Unmount:

[[email protected] ~]# umount /usr/local/test

[[email protected] ~]# mount
/dev/mapper/VolGroup-lv_root on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/sda1 on /boot type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
nfsd on /proc/fs/nfsd type nfsd (rw)
[[email protected] ~]# 

If encountered: umount.nfs: / usr / local / test: device is busy

Possible commands:

[[email protected] /]# fuser -m -v /usr/local/test

User process number permission command
/usr/local/test/:              root       2798 ..c.. bash
                     root       2996 ..c.. su
[[email protected] /]# kill -9 2798

[[email protected] /]# kill -9 2996

[[email protected] /]# umount /usr/local/test
[[email protected] /]#

6、 Server side firewall settings (NFS enabled firewall configuration):

1. Modify / etc / service and add the following contents (the port number must be below 1024 and not occupied)

 # Local services  
    mountd 1011/tcp #rpc.mountd  
    mountd 1011/udp #rpc.mountd  
    rquotad 1012/tcp #rpc.rquotad  
    rquotad 1012/udp #rpc.rquotad

2. Restart Linux NFS service

    service nfs restart 

3. At this time, RPC related ports have been fixed, and firewall rules can be added for Linux NFS

    #portmap  
    /sbin/iptables -A INPUT -s 192.168.1.0/254 -p tcp –dport 111 -j ACCEPT  
    /sbin/iptables -A INPUT -s 192.168.1.0/254 -p udp –dport 111 -j ACCEPT  
    #nfsd  
    /sbin/iptables -A INPUT -s 192.168.1.0/254 -p tcp –dport 2049 -j ACCEPT  
    /sbin/iptables -A INPUT -s 192.168.1.0/254 -p udp –dport 2049 -j ACCEPT  
    #mountd  
    /sbin/iptables -A INPUT -s 192.168.1.0/254 -p tcp –dport 1011 -j ACCEPT  
    /sbin/iptables -A INPUT -s 192.168.1.0/254 -p udp –dport 1011 -j ACCEPT  
    #rquotad  
    /sbin/iptables -A INPUT -s 192.168.1.0/254 -p tcp –dport 1012 -j ACCEPT  
    /sbin/iptables -A INPUT -s 192.168.1.0/254 -p udp –dport 1012 -j ACCEPT  
    #rpc.statd  
    /sbin/iptables -A INPUT -s 192.168.1.0/254 -p tcp –dport 32768 -j ACCEPT  
    /sbin/iptables -A INPUT -s 192.168.1.0/254 -p udp –dport 32768 -j ACCEPT 

—TCP method succeeded——————————————-
-A INPUT -m state –state NEW -m tcp -p tcp –dport 111 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 2049 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 1011 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 1012 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 32768 -j ACCEPT

A problem encountered by the client during mounting is as follows. The network may be unstable. NFS uses UDP protocol by default and can be replaced with TCP protocol:

mount -t nfs 192.168.1.225:/usr/local/test /usr/local/test  -o proto=tcp -o nolock