RHEL 7配置NFS服務筆記

NFS是一個Linux下的經典網絡共享方案，由Server段提供共享，由客戶端實施掛載。RHEL 7支持NFSv3和NFSv4。

NFS服務與RPC進程

啓動nfs-server進程後，會帶起NFS服務和PRC進程。RPC進程包括四個組件:
如下是英文原文介紹
– rpc.statd : implements monitoring protocol (NSM) between NFS client and NFS server
– rpc.mountd : NFS mount daemon that implements the server side of the mount requests from NFSv3 clients.
– rpc.idmapd : Maps NFSv4 names and local UIDs and GIDs
– rpc.rquotad : provides user quota information for remote users.

配置NFS server服務端

1. 安裝nfs包

# rpm -qa | grep nfs-utils
# yum install nfs-utils rpcbind

2. 設置nfs及相關服務自啓動

#  systemctl enable nfs-server
#  systemctl enable rpcbind

#  systemctl enable nfs-lock

因爲nfs程序包版本不一樣，nfs-lock在RHEL7.1版本（nfs-utils-1.3.0-8.el7）及如下無效，能夠忽略（rpc-statd.service已是靜態了）。

#  systemctl enable nfs-idmap

因爲nfs程序包版本不一樣，nfs-idmap在RHEL7.1版本（nfs-utils-1.3.0-8.el7）及如下無效，能夠忽略（nfs-idmap.service已是靜態了）。

3. 啓動NFS服務

#  systemctl start rpcbind
#  systemctl start nfs-server
#  systemctl start nfs-lock
#  systemctl start nfs-idmap

4. 檢查NFS服務狀態:

# systemctl status nfs

5. 建立須要共享的目錄

# mkdir /test

6. 配置屬組

# chgrp nfsnobody /test

7. 配置權限:

# chmod -R 775 /test

8. Export共享目錄

參照格式修改/etc/exports文件

dir client1 (options) [client2(options)...]

如下是Option設置說明，第一項是默認值
ro / rw :
a) ro : allow clients read only access to the share.
b) rw : allow clients read write access to the share.
sync / async :
a) sync : NFS server replies to request only after changes made by previous request are written to disk.
b) async : specifies that the server does not have to wait.
wdelay / no_wdelay
a) wdelay : NFS server delays committing write requests when it suspects another write request is imminent.
b) no_wdelay : use this option to disable to the delay. no_wdelay option can only be enabled if default sync option is enabled.
no_all_squash / all_squash :
a) no_all_squash : does not change the mapping of remote users.
b) all_squash : to squash all remote users including root.
root_squash / no_root_squash :
a) root_squash : prevent root users connected remotely from having root access. Effectively squashing remote root privileges.
b) no_root_squash : disable root squashing.
示例：

# vi /etc/exports

/test *(rw)
/nfs 192.168.1.12(ro)

9. 生效配置

# exportfs -r

-r 從新刷新nfs配置，同步至/var/lib/nfs/etab。
其餘參數以下

-a : exports entries in /etc/exports but do not synchronize with /var/lib/nfs/etab
-i : ignore entries in /etc/exports and uses command line arguments.
-u : un-export one or more directories
-o : specify client options on command line

10. 重啓nfs服務:

# systemctl restart nfs-server

NFS客戶端配置

1. 安裝nfs客戶端包

# rpm -qa | grep nfs-utils
# yum install nfs-utils

2. 手工掛載

 mount -t nfs -o options host:/remote/export /local/directory

示例 :

# mount -t nfs -o ro,nosuid remote_host:/home /remote_home

3. 配置/etc/fstab實現系統啓動時自動掛載

# vi /etc/fstab

remote_host:/home     /remote_home     nfs     rw,nosuid,_netdev     0     0

NFS相關防火牆配置

服務器端防火牆加上進站容許策略

# firewall-cmd --add-service=nfs --zone=internal --permanent
# firewall-cmd --add-service=mountd --zone=internal --permanent
# firewall-cmd --add-service=rpc-bind --zone=internal --permanent