Scribd
Upload
12 views18 pages

NFS Server Configuration Guide for Linux

NFS data

Uploaded by

Reddy1993
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
12 views18 pages

NFS Server Configuration Guide for Linux

NFS data

Uploaded by

Reddy1993
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd

Network File System is a nfs server client protocol used for sharing files and

directories between Linux / Unix to Unix/Linux systems vise versa. It is a popular


distributed filesystem protocol that enables users to mount remote directories on
their server. NFS enables you to mount a remote share locally. NFS was
developed by Sun Micro Systems in the year 1984

NFS allows a Linux server to share directories with other UNIX clients over
network. NFS server exports a directory and NFS client mounts this directory.
RHEL 7 supports two version of NFS – NFSv3 and NFSv4.

RHEL7 provides the support for NFS versions 3, 4.0, and 4.1(latest version)
NFS default port number is 2049
NFS share we can mount Manually, Automatically using AutoFS 1
 Important Services

 rpcbind : The rpcbind server converts RPC program numbers into universal
addresses.

 nfs-server : It enables the clients to access NFS shares.

 nfs-lock / rpc-statd : NFS file locking. Implement file lock recovery when an NFS
server crashes and reboots.

 nfs-idmap : It translates user and group ids into names, and to translate user and
group names
2
into ids
• Remote Procedure Call (RPC)
• RPC, defined by RFC 1057, is a set of function calls used by a client program to call functions in a
remote server program. The port mapper program is the program used to keep track of which ports
programs supporting RPC functions use. The port mappers port is 111. In Redhat Linux the
portmapper daemon is started in the /etc/rc.d/init.d/portmap and the daemon program is called
"portmap".
The rpcinfo command
The command "rpcinfo -p" will show the port numbers that are assigned to the RPC services.

program vers proto port


100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100011 1 udp 747 rquotad
100011 2 udp 747 rquotad
100005 1 udp 757 mountd
100005 1 tcp 759 mountd
100005 2 udp 762 mountd
100005 2 tcp 764 mountd 3

100003 2 udp 2049 nfs


The rpcbind utility maps RPC services to the ports on which they listen. RPC processes notify
rpcbind when they start, registering the ports they are listening on and the RPC program numbers
they expect to serve. The client system then contacts rpcbind on the server with a particular RPC
program number. The rpcbind service redirects the client to the proper port number so it can
communicate with the requested service

Because RPC-based services rely on rpcbind to make all connections with incoming client
requests, rpcbind must be available before any of these services start. Command - rpcinfo -p

Starting the nfs-server process starts the NFS server and other RPC processes. RPC
processes includes:

– [Link] : implements monitoring protocol (NSM) between NFS client and NFS server
– [Link] : NFS mount daemon that implements the server side of the mount requests from
NFSv3 clients.
4
– [Link] : Maps NFSv4 names and local UIDs and GIDs
– [Link] : provides user quota information for remote users.
5
6
7
Let's have a look now at how NFS works:

A client may request to mount a directory from a remote host on a local directory
just the same way it can mount a physical device. However, the syntax used to
specify the remote directory is different. For example, to mount /home from host
vlager to /users on vale, the administrator would issue the following command on
vale:

mount will then try to connect to the mountd mount daemon on vlager via RPC. The
server will check if vale is permitted to mount the directory in question, and if so,
return it a file handle. This file handle will be used in all subsequent requests to files
below /users.

When someone accesses a file over NFS, the kernel places an RPC call to nfsd (the
NFS daemon) on the server machine. This call takes the file handle, the name of the
file to be accessed, and the user's user and group id as parameters. These are used in
determining access rights to the specified file. In order to prevent unauthorized users8
from reading or modifying files, user and group ids must be the same on both hosts.
Let's have a look now at how NFS works:

In computing, a stateless protocol is a communications protocol in which no


information is retained by either sender or receiver, meaning that they are
agnostic of the state of one another. The sender transmits a packet to the
receiver and does not expect an acknowledgment of receipt. A UDP
connectionless session is a stateless connection because the system doesn't
maintain information about the session during its life.

A stateless protocol does not require the server to retain session information
or status about each communicating partner for the duration of multiple
requests. In contrast, a protocol that requires keeping of the internal state on
the server is known as a stateful protocol. A TCP connection-oriented session is
a 'stateful' connection because both systems maintain information about the
9
session itself during its life.
10
Features:
File / Folder sharing between *nix systems
Allows to mount remote filesystems locally
Can be acted as Centralized Storage system
It can be used as a Storage Domain ( Datastore) for VMware and other Virtualization
Platform.
Allows applications to share configuration and data files with multiple nodes.
Allows to have updated files across the share.
Server Profile:
 Packages: nfs-utils rpcbind
 Daemon Name: nfs-service
 Port Number: 2049
 Config file path: /etc/exports, /etc/sysconfig/nfs 11
 NFS server side configuration
Step 1 :Install nfs packages through yum command.

# yum install nfs-utils rpcbind libnfsidmap

Step 2 : Start the NFS services and enable the services to work even after reboots

systemctl start rpcbind


systemctl enable rpcbind
systemctl start nfs-server
systemctl enable nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap 12
Important Configuration Files:
You would be working mainly on below configuration files, to setup NFS server and
Clients.

/etc/exports : It is a main configuration file, controls which file systems are exported
to remote hosts and specifies options.

rw : Writable permission to shared folder

sync : all changes to the according filesystem are immediately flushed to disk; the
respective write operations are being waited for.

13
Important Configuration Files:

•no_root_squash : By default, any file request made by user root on the client
machine is treated as by user nobody on the server. (Exactly which UID the
request is mapped to depends on the UID of user “nobody” on the server, not the
client.) If no_root_squash is selected, then root on the client machine will have
the same level of access to the files on the system as root on the server.

•/etc/fstab : This file is used to control what file systems including NFS directories
are mounted when the system boots.

•/etc/sysconfig/nfs : This file is used to control which ports the required RPC
services run on.
14
 Few Commands

• exportfs -v : Displays a list of shares files and export options on a server


• exportfs -a : Exports all directories listed in /etc/exports
• exportfs -u : Unexport one or more directories
• exportfs -r : Reexport all directories after modifying /etc/exports

15
 Soft Mounting in NFS

Suppose you have once process on your client machine, say for example, an
Apache web server is accessing a mounted share and files in it. But due to some
problem on the NFS server, the request made by Apache for a file on the NFS
share cannot be completed. In this case the NFS client will reply to the process
(Apache in our case), with an error message.
Most of the processes will accept the error. But it all depends on how the process
is designed to handle these errors. Sometimes it can cause unwanted behavior
and even can corrupt the files.

A soft mount can be done by the following method.


[Link]:/data /mnt nfs rw,soft 00 16
 Hard Mounting in NFS
Hard mounting works a little different than soft mounting. If a process that requires a
file from the nfs share, cant access it due to some problem at the nfs server, the
process will wait (kind of get's hang) till the nfs server becomes proper and
completes its request. And the process will resume from the point where it was
stopped when NFS server responds back properly.

The process that is waiting for the operation to get completed, cannot be interrupted.
Yeah sure you can kill the process with a kill -9 command, and can also be
interrupted with the help of an option called intr.

A hard mounting can be done by adding the options as shown below in fstab.

17
[Link]:/data /mnt nfs rw,hard,intr 00
END of this Course Module.

Thanks
18

Common questions

Powered by AI

RPC in NFS allows client programs to execute functions on remote server programs. It uses the rpcbind utility to map these RPC services to the correct ports. When a service starts, it registers with rpcbind, which then facilitates communication between the client and the correct service port. This enables seamless interaction with NFS shares by establishing necessary connections for data transfer .

'rpc.mountd' operates primarily with NFSv3 clients by implementing the server side of the mount requests. In NFSv4, while some responsibilities of 'rpc.mountd' are retained, such as handling of mount requests, many of its functions have been integrated directly into the NFS protocol itself, reducing complexity and potential points of failure in establishing mounts .

Soft mounting allows operations accessing files on a NFS share to return an error if the server is unavailable, which can prevent client applications from hanging but may cause data corruption if not handled correctly. Hard mounting, however, makes the client wait indefinitely for the server to become available again, ensuring data integrity as processes resume once the connection is re-established. Hard mounting can also be interrupted manually with specific options such as 'intr' .

NFS functions as a centralized storage system for virtualization platforms by allowing multiple virtual instances to access a shared storage location. This is advantageous as it simplifies storage management, offers flexibility in scaling resources, and ensures consistent access to shared data. By centralizing storage, NFS reduces redundancy and improves the efficiency of managing updates to shared configuration and data files .

NFS enables file sharing between Unix/Linux systems by allowing a server to export directories that clients can mount locally. Key components include the nfs-server, rpcbind, nfs-lock, and nfs-idmap services. The nfs-server daemon facilitates access to the NFS shares, while rpcbind maps RPC services to their ports and is required for RPC-based services to operate. Additionally, nfs-lock manages file locking, ensuring recovery after a server crash, and nfs-idmap translates user and group IDs to names and vice versa .

Stateless protocols, like those using UDP, do not retain session information, making them agnostic to the state of receiving ends. Conversely, stateful protocols, such as TCP, maintain session information. NFS typically operates as a stateless protocol, which simplifies the server's design by not requiring it to track client requests but at the expense of potentially handling some additional overhead in client requests for state management .

The '/etc/exports' file controls which file systems the NFS server exports to remote hosts and specifies their access permissions. Key options include 'rw' for read-write access, 'sync' to ensure changes are immediately flushed to disk, and 'no_root_squash' to allow client root users the same level of access as root on the server. This setup ensures secure and efficient file sharing across a network .

The 'no_root_squash' option in NFS allows root users on client machines to have root-level access to the NFS server, which can enhance administrative convenience but pose significant security risks. It can lead to unauthorized access or escalation of privileges if a client machine is compromised. Hence, it is critical to use 'no_root_squash' in trusted environments only, balancing convenience with security protocols to mitigate potential risks .

The 'rpcinfo -p' command is significant for managing RPC services as it provides a list of active RPC services along with their port numbers and protocol types. This list is essential for administrators to verify the correct operation of RPC services and ensure that each service is mapped correctly by rpcbind, which is crucial for NFS and other RPC-based services to function properly .

The synchronization ('sync') feature in NFS enhances data integrity by ensuring that all write operations are immediately flushed to disk, reducing the risk of data loss during system failures. However, it can also introduce performance challenges, as it requires acknowledgment of data writing completion before proceeding, potentially leading to bottlenecks. This trade-off necessitates a careful balance between data safety and system performance requirements .

You might also like