[centos7 nfs installation]
server side installation
- Check for installation
rpm -qa | grep nfs
- download
yum -y install nfs-utils rpcbind # CentOS 7 comes with rpc bind. rpc listens on port 111.
- to configure
mkdir -p /data/nfs/share chmod -R 777 /data/nfs/share
#create profile vi /etc/exports # Add the following /data/nfs/share *(rw,all_squash) #/data/nfs/share is a shared directory #After saving, let the configuration take effect immediately exportfs –arv
- Start the server side
#Startup sequence rpcbind - > NFS # Power on systemctl enable rpcbind.service systemctl enable nfs-server.service # Restart service systemctl restart rpcbind.service systemctl restart nfs-server.service
- Set up firewall
- Turn off firewall
# 1. Check firewall status systemctl status firewalld.service # 2. Turn off the firewall systemctl stop firewalld.service
- Firewall open port
# Permanent opening firewall-cmd --add-service=nfs --permanent firewall-cmd --add-service=rpc-bind --permanent firewall-cmd --add-service=mountd --permanent # Make configuration effective firewall-cmd --reload # View services firewall-cmd --list-service
client installation
- download
yum install -y nfs-utils rpcbind # Here, NFS utils is only installed and not started, so it is convenient to execute the view command.
- start-up
# Power on systemctl enable rpcbind # Restart service systemctl restart rpcbind
- mount
1,Direct mount mkdir -p /tmpdata mount -t nfs hadoop100:/data/nfs/share /tmpdata You can also write the mount configuration to fstab In the file, as with ordinary disk mount, you can also specify permissions when mounting, but the type is nfs. 2,autofs mount # yum -y install autofs # vi /etc/auto.master #Add a row /- /etc/auto.mount # vi /etc/auto.mount #Add a row /data -fstype=nfs,rw hadoop100:/data/nfs/share #Start service # systemctl start autofs # systemctl enable autofs
fault
1,nfs Can only be mounted as nobody At the same time, modify the server and client/etc/idmapd.conf Medium Domain To the same value and then restart rpcidmapd Service, or restart all services 2,The client cannot be uninstalled nfs catalogue umount.nfs4: /var/nfs: device is busy implement fuser -km /var/nfs/,Then execute umount 3,uninstall sudo fuser -m -v -i -k /app/file sudo umount /app/file # Directly using umount /app/file may report "Device is busy" error.
error: mount.nfs: No route to host
[root@localhost ~]# mount -t nfs 192.168.38.128:/data/hab_data tmpdata
mount.nfs: No route to host
Turn off the firewall and try again
systemctl stop firewalld systemctl disable firewalld
Permission description
- 1. Ordinary users
When all is set_ Square: visitors are always mapped as anonymous users (nfsnobody)
When no is set_ all_ Square: the guest is mapped to a user with the same uid on the server. Therefore, a user with the same uid on the server should be established on the client, otherwise it should also be mapped to nfsnobody. Except root, because root_suqash is the default option unless no is specified_ root_ squash
- 2. root user
When setting root_squash: when a guest accesses the NFS server as root, it is mapped to the nfsnobody user
When no is set_ root_ Square: when a guest accesses the NFS server as root, it is mapped as root. When accessed by other users, it is also mapped to the user corresponding to the uid, because No_ all_ Square is the default option
Option description
ro: shared directory read only
rw: the shared directory is readable and writable
all_ Square: all access users are mapped to anonymous users or user groups
no_ all_ Square (default): the access user is first matched with the local user, and then mapped to an anonymous user or user group after the matching fails
root_ Square (default): the root user accessed in the future is mapped to an anonymous user or user group
no_ root_ Square: the visiting root user keeps the root account permission
anonuid =: Specifies the local user UID of the anonymous access user. The default is nfsnobody (65534)
anongid =: Specifies the local user group GID of the anonymous access user. The default is nfsnobody (65534)
secure (default): restrict clients to connect to the server only from tcp/ip ports less than 1024
Secure: allows clients to connect to the server from tcp/ip ports greater than 1024
sync: write data into memory buffer and disk synchronously, which is inefficient, but can ensure data consistency
async: save the data in the memory buffer before writing to disk if necessary
wdelay (default): check whether there are related write operations. If so, execute these write operations together, which can improve efficiency
no_wdelay: if there is a write operation, it will be executed immediately. It should be used in conjunction with sync
subtree_check (default): if the output directory is a subdirectory, the nfs server will check the permissions of its parent directory
no_subtree_check: even if the output directory is a subdirectory, the nfs server does not check the permissions of its parent directory, which can improve efficiency
Create a shared directory with nfsuser(uid=1000). The parameter is rw by default
# mkdir /data/nfs/share # chown nfsuser. -R /var/nfs # vi /etc/exports #/data/nfs/share 192.168.10.0/24(rw) # exportfs -r #Reload exports configuration # exportfs -v #View shared parameters #/data/nfs/share 192.168.10.0/24(rw,sync,wdelay,hide,no_subtree_check,sec=sys,secure,root_squash,no_all_squash)
- exportfs parameter description
-a Mount or uninstall all /etc/exports Content in -r Reread/etc/exports And update synchronously/etc/exports,/var/lib/nfs/xtab -u Uninstall a single directory (and-a Use together to uninstall all/etc/exports (directory in file) -v Output detailed shared parameters