知乎專欄 | 多維度架構 | 微信號 netkiller-ebook | QQ群:128659835 請註明“讀者” |
目錄
sudo apt-get install nfs-kernel-server
Configuration
vim /etc/exports /www *(ro,sync,no_root_squash) /home *(rw,sync,no_root_squash) /export 192.168.1.0/24(rw,fsid=0,insecure,no_subtree_check,async) /export/users 192.168.1.0/24(rw,nohide,insecure,no_subtree_check,async)
To start the NFS server
sudo /etc/init.d/nfs-kernel-server start
sudo apt-get install nfs-common
NFSv3
sudo mount example.hostname.com:/www /www
NFSv4
# mount -t nfs4 -o proto=tcp,port=2049 nfs-server:/ /mnt # mount -t nfs4 -o proto=tcp,port=2049 nfs-server:/users /home/users
NFS Client Configuration
vim /etc/fstab example.hostname.com:/ubuntu /local/ubuntu nfs rsize=8192,wsize=8192,timeo=14,intr
yum install -y nfs-utils
過程 71.1. On the *SERVER* side
stop & disable services
service nfs stop service nfslock stop service rpcbind stop service rpcidmapd stop
/etc/fstab
as root edit /etc/fstab and add nfs4 exports /www /exports none bind 0 0
as root edit /etc/exports
NFSv3
/exports 172.16.1.0/24 (rw,sync)
NFSv4
/exports 172.16.1.0/24(rw,sync,fsid=0,anonuid=99,anongid=99) /exports/neo *(rs,sync)
reload exported filesystems
# exportfs -rv
start required services
chkconfig rpcbind on chkconfig nfs on chkconfig nfslock on chkconfig rpcidmapd on service rpcbind start service rpcidmapd start service nfs start service nfslock start
nfs status
# nfsstat Server rpc stats: calls badcalls badauth badclnt xdrcall 171 0 0 0 0 Server nfs v3: null getattr setattr lookup access readlink 3 1% 150 88% 0 0% 3 1% 2 1% 0 0% read write create mkdir symlink mknod 0 0% 0 0% 0 0% 0 0% 0 0% 0 0% remove rmdir rename link readdir readdirplus 0 0% 0 0% 0 0% 0 0% 0 0% 9 5% fsstat fsinfo pathconf commit 0 0% 3 1% 0 0% 0 0%
# watch nfsstat -c Every 2.0s: nfsstat -c Mon Sep 20 16:53:55 2010 Client rpc stats: calls retrans authrefrsh 286818929 1160 0 Client nfs v4: null read write commit open open_conf 0 0% 37286763 13% 6 0% 1 0% 38990106 13% 17986485 6% open_noat open_dgrd close setattr fsinfo renew 6 0% 0 0% 38774539 13% 2172019 0% 16 0% 147 0% setclntid confirm lock lockt locku access 321 0% 321 0% 0 0% 0 0% 0 0% 62157123 21% getattr lookup lookup_root remove rename link 80553542 28% 8828991 3% 8 0% 5 0% 5 0% 0 0% symlink create pathconf statfs readlink readdir 0 0% 1 0% 0 0% 5 0% 0 0% 13933 0% server_caps delegreturn 24 0% 54556 0%
security
# vi /etc/hosts.deny rpcbind:ALL # vi /etc/hosts.allow rpcbind:172.16.1.0/255.255.254.0
NFS的隊列大小下面將設置為較合理的值256K
# echo 262144 > /proc/sys/net/core/rmem_default # echo 262144 > /proc/sys/net/core/rmem_max # echo 262144 > /proc/sys/net/core/wmmen_default # echo 262144 > /proc/sys/net/core/wmmen_max
過程 71.2. NFSv4
/etc/exports
# cat /etc/exports /www 172.16.1.2/32(ro,sync,fsid=0,anonuid=99,anongid=99) /www/logs *(rw,sync)
注意,要通過NFS4共享一個目錄,必須使用 fsid=0 的參數,使用fsid=0選項的時候只能共享一個目錄,這個目錄將成為NFS伺服器的根目錄。
啟動NFS,v4 不需要rpcbind
service rpcbind stop service rpcidmapd stop service nfs restart service nfslock stop
查看 export 設置
# exportfs /www 172.16.1.2/32 /www/logs 172.16.1.0/24
mount NFSv4
mount -t nfs4 172.16.1.15:/logs /mnt
查看NFS正在使用的連接埠
rpcinfo -p localhost
vi /etc/sysconfig/nfs
LOCKD_TCPPORT=32803 LOCKD_UDPPORT=32769 MOUNTD_PORT=892 RQUOTAD_PORT=875 STATD_PORT=662 STATD_OUTGOING_PORT=2020
service nfs restart
iptables -I INPUT -m state --state NEW -p tcp \ -m multiport --dport 111,892,2049,32803 -s 192.168.0.0/24 -j ACCEPT iptables -I INPUT -m state --state NEW -p udp \ -m multiport --dport 111,892,2049,32769 -s 192.168.0.0/24 -j ACCEPT
CentOS 6 NFSv3 portmap 已經不存,已經被rpcbind替代
chkconfig rpcbind on service rpcbind start
test nfs
mount 172.16.1.10:/exports /mnt
NFSv4
mount -t nfs4 -o ro,intr 172.16.1.10:/ /mnt
umount /mnt
過程 71.3. On the *CLIENT* side
Mounting NFS File Systems using /etc/fstab
The general syntax for the line in /etc/fstab is as follows:
server:/usr/local/pub /pub nfs rsize=8192,wsize=8192,timeo=14,intr
NFSv4
server:/ /mount/point nfs4 rw,hard,intr,proto=tcp,port=2049,auto 0 0
mount all stuff from /etc/fstab
# mount -a
rpcinfo
rpcinfo -p program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 707 status 100024 1 tcp 710 status 100021 1 udp 48233 nlockmgr 100021 3 udp 48233 nlockmgr 100021 4 udp 48233 nlockmgr 100021 1 tcp 58065 nlockmgr 100021 3 tcp 58065 nlockmgr 100021 4 tcp 58065 nlockmgr
start required services
centos 5.x
chkconfig portmap on service portmap start
centos 6
chkconfig rpcbind on service rpcbind start
/etc/exports為: /tmp *(rw,no_root_squash) /home/public 192.168.0.*(rw) *(ro) /home/test 192.168.0.100(rw) /home/linux *.example.com(rw,all_squash,anonuid=40,anongid=40)
General Options
ro 只讀訪問 rw 讀寫訪問 rsize 同時傳輸(讀 )的數據塊大小 wsize 同時傳輸(寫)的數據塊大小 sync 所有數據在請求時寫入共享 async NFS在寫入數據前可以相應請求 secure NFS通過1024以下的安全TCP/IP連接埠發送 insecure NFS通過1024以上的連接埠發送 wdelay 如果多個用戶要寫入NFS目錄,則歸組寫入(預設) no_wdelay 如果多個用戶要寫入NFS目錄,則立即寫入,當使用async時,無需此設置。 hide 在NFS共享目錄中不共享其子目錄 no_hide 共享NFS目錄的子目錄 subtree_check 如果共享/usr/bin之類的子目錄時,強制NFS檢查父目錄的權限(預設) no_subtree_check 和上面相對,不檢查父目錄權限
User ID Mapping
all_squash 共享檔案的UID和GID映射匿名用戶anonymous,適合公用目錄。 no_all_squash 保留共享檔案的UID和GID(預設) root_squash root用戶的所有請求映射成如anonymous用戶一樣的權限(預設) no_root_squas root用戶具有根目錄的完全管理訪問權限 anonuid=xxx 指定NFS伺服器/etc/passwd檔案中匿名用戶的UID anongid=xxx 指定NFS伺服器/etc/passwd檔案中匿名用戶的GID
安裝NFS服務,進入“控製麵板”,點擊“打開或關閉Windows功能”,再勾選“NFS 服務”,最後確定
啟動NFS服務,控製麵板\管理工具\Network File System 服務(NFS)
或者通過命令啟動NFS服務
nfsadmin client [ComputerName] start
指定掛在用戶ID,開始“運行”輸入“regedit”回車,然後找到 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default,右鍵“新建”選擇“DWORD(32為)值” 添加 AnonymousUid,AnonymousGid,然後雙擊 AnonymousUid,AnonymousGid編輯,選擇十進制並輸入用戶ID。
重新啟動NFS 服務,不需要重新啟動計算機。
掛載檔案系統
C:\Users\neo>mount \\192.168.2.15\www x:\
卸載檔案系統
C:\Users\neo>umount x: 正在斷開 x: \\192.168.2.15\www 連接上存在打開的檔案和/或未完成的目錄搜索。 要繼續此操作嗎? (Y/N) [N]:Y 命令已成功完成。
提示 | |
---|---|
很不幸Microsoft Windows 目前尚不支持UTF-8字符集。 |
# exportfs -o rw,all_squash,sync,anonuid=500,anongid=500 172.16.0.0/24:/www # exportfs /www 172.16.0.0/24 # cat /var/lib/nfs/etab /www 172.16.0.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,anonuid=500,anongid=500)
reload /etc/exports
/usr/sbin/exportfs -r
To unexport the /usr/tmp directory:
# exportfs -u netkiller.github.com:/usr/tmp
To unexport all exports listed in /etc/exports:
# exportfs -au
#!/bin/bash RETVAL=0 start() { /usr/sbin/exportfs -o rw,all_squash,sync,anonuid=500,anongid=500 172.16.0.0/24:/backup mount /dev/sdb1 /backup RETVAL=$? echo } stop() { exportfs -u 172.16.0.0/24:/backup umount /backup RETVAL=$? }
sudo vi /etc/exports /Users/neo/Documents -alldirs -rw -maproot=neo:staff -network 192.168.3.0 -mask 255.255.255.0 /Users/neo/Downloads -alldirs -rw -maproot=root:wheel -network 192.168.3.0 -mask 255.255.255.0
啟動 NFS 服務
iMac:~ neo$ sudo nfsd start The nfsd service is already running. iMac:~ neo$ sudo nfsd status nfsd service is enabled nfsd is running (pid 11344, 8 threads)
查看共享目錄
iMac:~ neo$ showmount -e Exports list on localhost: /Users/neo/Documents 192.168.0.0
sudo mkdir /mnt/share sudo mount -t nfs4 -o nolock 192.168.0.1:/Users/neo/Documents /mnt/share
操作演示
iMac:~ neo$ mkdir -p tmp iMac:~ neo$ sudo mount -t nfs 192.168.3.85:/Users/neo/Documents/ tmp iMac:~ neo$ mount -t nfs 192.168.3.85:/Users/neo/Documents on /Users/neo/tmp (nfs) iMac:~ neo$ sudo umount /Users/neo/tmp
sudo nfsd enable sudo nfsd disable sudo nfsd start sudo nfsd stop sudo nfsd restart sudo nfsd status sudo nfsd update
系統啟動後自動啟動NFS
sudo nfsd enable
修改 /etc/exports 後使用 update 更新
iMac:~ neo$ sudo nfsd update iMac:~ neo$ showmount -e Exports list on localhost: /Users/neo/Downloads 192.168.3.0 /Users/neo/Documents 192.168.3.0