centos6.5 nfs-server 配置實例
環境說明: 192.168.128.141 服務器端
192.168.128.140 客戶端
一、配置服務器端(用於內網使用所以我用yum 安裝)
[root@localhost ~]# yum install nfs-utils rpcbind -y ……………………………… python-argparse.noarch 0:1.2.1-2.1.el6 Dependency Updated: keyutils-libs.x86_64 0:1.4-5.el6 Complete!
二、配置nfs文件打開端口
[root@localhost ~]# vim /etc/sysconfig/nfs [root@localhost ~]# cat /etc/sysconfig/nfs RQUOTAD_PORT=50001 LOCKD_TCPPORT=50002 LOCKD_UDPPORT=50002 MOUNTD_PORT=50003 STATD_PORT=50004
三、添加防火牆端口(111、2049、50001:50004)
[root@localhost ~]# vim /etc/sysconfig/iptables [root@localhost ~]# cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.7 on Thu Jan 7 15:56:59 2016 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [24:2624] -A INPUT -p udp -m udp --dport 111 -j ACCEPT -A INPUT -p tcp -m tcp --dport 111 -j ACCEPT -A INPUT -p tcp -m tcp --dport 2049 -j ACCEPT -A INPUT -p udp -m udp --dport 2049 -j ACCEPT -A INPUT -p tcp -m tcp --dport 50001:50004 -j ACCEPT -A INPUT -p udp -m udp --dport 50001:50004 -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Thu Jan 7 15:56:59 2016
[root@localhost ~]#service iptables restart#重啓防火牆
四、創建共享文件
[root@localhost /]#mkdir -p /date/nfs_share
五、編輯etc/exports 文件
[root@localhost /]# vim /etc/exports [root@localhost ~]# cat /etc/exports /date/nfs_share 192.168.128.140(rw,sync,no_root_squash) /date/nfs_share *(ro) 這一行表示只有192.168.128.140客戶端能夠以讀寫權限掛載共享目錄,其他客戶端只能以只讀權限掛載。
[root@localhost /]# exportfs -r #使配置生效
說明下這裏的參數的意思 rw:read-write,可讀寫; ro:read-only,只讀; sync:文件同時寫入硬盤和內存; async:文件暫存於內存,而不是直接寫入內存; no_root_squash:NFS客戶端連接服務端時如果使用的是root的話,那麼對服務端分享的目錄來說,也擁有root權限。顯然開啓這項是不安全的。 root_squash:NFS客戶端連接服務端時如果使用的是root的話,那麼對服務端分享的目錄來說,擁有匿名用戶權限,通常他將使用nobody或nfsnobody身份; all_squash:不論NFS客戶端連接服務端時使用什麼用戶,對服務端分享的目錄來說都是擁有匿名用戶權限; anonuid:匿名用戶的UID值,通常是nobody或nfsnobody,可以在此處自行設定; anongid:匿名用戶的GID值。
六、設置開機啓動
[root@localhost /]# chkconfig nfs on [root@localhost /]# chkconfig rpcbind on [root@localhost /]# service nfs start Starting NFS services: [ OK ] Starting NFS quotas: Cannot register service: RPC: Unable to receive; errno = Connection refused rpc.rquotad: unable to register (RQUOTAPROG, RQUOTAVERS, udp). [FAILED] Starting NFS mountd: [FAILED] Starting NFS daemon: rpc.nfsd: writing fd to kernel failed: errno 111 (Connection refused) rpc.nfsd: unable to set any sockets for nfsd [FAILED]
[root@localhost /]# rpcinfo -p #檢測下出現沒有portmap 服務器和文件,導致這個錯誤的原因是要先啓動rpcbind 服務 rpcinfo: can't contact portmapper: RPC: Remote system error - No such file or directory
[root@localhost /]# service rpcbind start Starting rpcbind: [ OK ] [root@localhost /]# service nfs start Starting NFS services: [ OK ] Starting NFS quotas: [ OK ] Starting NFS mountd: [ OK ] Starting NFS daemon: [ OK ] Starting RPC idmapd: [ OK ]
七、檢測端口是否啓用
[root@localhost /]# service iptables status Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 3 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 4 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:50001:50004 6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:50001:50004
[root@localhost /]# rpcinfo -p program vers proto port service 100000 4 tcp 111 portmapper 100000 3 tcp 111 portmapper 100000 2 tcp 111 portmapper 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper 100011 1 udp 50001 rquotad 100011 2 udp 50001 rquotad 100011 1 tcp 50001 rquotad 100011 2 tcp 50001 rquotad 100005 1 udp 50003 mountd 100005 1 tcp 50003 mountd 100005 2 udp 50003 mountd 100005 2 tcp 50003 mountd 100005 3 udp 50003 mountd 100005 3 tcp 50003 mountd 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100227 2 tcp 2049 nfs_acl 100227 3 tcp 2049 nfs_acl 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100227 2 udp 2049 nfs_acl 100227 3 udp 2049 nfs_acl 100021 1 udp 50002 nlockmgr 100021 3 udp 50002 nlockmgr 100021 4 udp 50002 nlockmgr 100021 1 tcp 50002 nlockmgr 100021 3 tcp 50002 nlockmgr 100021 4 tcp 50002 nlockmgr
第二部客戶端的配置(192.168.128.140)
說明一點:nfs客戶端不需要啓動nfs服務,但是必須安裝nfs-utils服務
[root@naginx /]#yum -y install nfs-utils [root@naginx /]#mkdir /date #創建掛載目錄 [root@naginx /]#showmount -e 192.168.128.141 #檢測共享服務器的共享目錄 Export list for 192.168.128.141: /date/nfs_share (everyone) [root@naginx /]#mount -t nfs 192.168.128.141:/date/nfs_share /date/#掛載共享文件夾 [root@naginx /]#df -h #查看 Filesystem Size Used Avail Use% Mounted on /dev/sda2 18G 4.5G 13G 27% / tmpfs 495M 0 495M 0% /dev/shm /dev/sda1 283M 57M 211M 22% /boot /dev/sdb1 9.8G 23M 9.2G 1% /mnt/sdb1 192.168.128.141:/date/nfs_share 18G 2.5G 15G 15% /date [root@naginx /]# touch /date/test.txt [root@naginx /]# ll /date/ total 0 -rw-r--r-- 1 root root 0 Jan 7 17:28 test.txt -rw-r--r-- 1 root root 0 Jan 7 16:22 tt.txt
在192.168.128.141服務器上查看
[root@localhost ~]# ll /date/nfs_share/ total 0 -rw-r--r--. 1 root root 0 Jan 7 17:28 test.txt -rw-r--r--. 1 root root 0 Jan 7 16:22 tt.txt
開機自動掛載
[root@naginx /]# sed -i -e '$a 192.168.128.141:/date/nfs_share /date nfs defaults 0 0' /etc/fstab [root@naginx /]# cat /etc/fstab # /etc/fstab # Created by anaconda on Wed Aug 26 09:07:44 2015 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # UUID=4051a3e2-3838-4382-9e24-4a225b3676bc / ext4 defaults 1 1 UUID=5ebb3802-296d-4623-8136-a0b63c38b0ee /boot ext4 defaults 1 2 UUID=7e9e358d-51a2-4f92-a2e3-8b8683afda5f swap swap defaults 0 0 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 /dev/sdb1 /eee ext4 defaults 0 0 192.168.128.141:/date/nfs_share /date nfs defaults 0 0
完成!