centos6.5 nfs-server 配置实例
环境说明: 192.168.128.141 服务器端 192.168.128.140 客户端
一、配置服务器端(用于内网使用所以我用yum 安装)
[root@localhost ~]# yum install nfs-utils rpcbind -y………………………………python-argparse.noarch 0:1.2.1-2.1.el6 Dependency Updated:keyutils-libs.x86_64 0:1.4-5.el6 Complete!
二、配置nfs文件打开端口
[root@localhost ~]# vim /etc/sysconfig/nfs [root@localhost ~]# cat /etc/sysconfig/nfs RQUOTAD_PORT=50001LOCKD_TCPPORT=50002LOCKD_UDPPORT=50002MOUNTD_PORT=50003STATD_PORT=50004
三、添加防火墙端口(111、2049、50001:50004)
[root@localhost ~]# vim /etc/sysconfig/iptables[root@localhost ~]# cat /etc/sysconfig/iptables# Generated by iptables-save v1.4.7 on Thu Jan 7 15:56:59 2016*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [24:2624]-A INPUT -p udp -m udp --dport 111 -j ACCEPT -A INPUT -p tcp -m tcp --dport 111 -j ACCEPT -A INPUT -p tcp -m tcp --dport 2049 -j ACCEPT -A INPUT -p udp -m udp --dport 2049 -j ACCEPT -A INPUT -p tcp -m tcp --dport 50001:50004 -j ACCEPT -A INPUT -p udp -m udp --dport 50001:50004 -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT# Completed on Thu Jan 7 15:56:59 2016
[root@localhost ~]#service iptables restart#重启防火墙
四、创建共享文件
[root@localhost /]#mkdir -p /date/nfs_share
五、编辑etc/exports 文件
[root@localhost /]# vim /etc/exports[root@localhost ~]# cat /etc/exports /date/nfs_share 192.168.128.140(rw,sync,no_root_squash)/date/nfs_share *(ro)这一行表示只有192.168.128.140客户端能够以读写权限挂载共享目录,其他客户端只能以只读权限挂载。
[root@localhost /]# exportfs -r #使配置生效
说明下这里的参数的意思rw:read-write,可读写;ro:read-only,只读;sync:文件同时写入硬盘和内存;async:文件暂存于内存,而不是直接写入内存;no_root_squash:NFS客户端连接服务端时如果使用的是root的话,那么对服务端分享的目录来说,也拥有root权限。显然开启这项是不安全的。root_squash:NFS客户端连接服务端时如果使用的是root的话,那么对服务端分享的目录来说,拥有匿名用户权限,通常他将使用nobody或nfsnobody身份;all_squash:不论NFS客户端连接服务端时使用什么用户,对服务端分享的目录来说都是拥有匿名用户权限;anonuid:匿名用户的UID值,通常是nobody或nfsnobody,可以在此处自行设定;anongid:匿名用户的GID值。
六、设置开机启动
[root@localhost /]# chkconfig nfs on[root@localhost /]# chkconfig rpcbind on[root@localhost /]# service nfs startStarting NFS services: [ OK ]Starting NFS quotas: Cannot register service: RPC: Unable to receive; errno = Connection refusedrpc.rquotad: unable to register (RQUOTAPROG, RQUOTAVERS, udp). [FAILED]Starting NFS mountd: [FAILED]Starting NFS daemon: rpc.nfsd: writing fd to kernel failed: errno 111 (Connection refused)rpc.nfsd: unable to set any sockets for nfsd [FAILED]
[root@localhost /]# rpcinfo -p #检测下出现没有portmap 服务器和文件,导致这个错误的原因是要先启动rpcbind 服务rpcinfo: can't contact portmapper: RPC: Remote system error - No such file or directory
[root@localhost /]# service rpcbind startStarting rpcbind: [ OK ][root@localhost /]# service nfs startStarting NFS services: [ OK ]Starting NFS quotas: [ OK ]Starting NFS mountd: [ OK ]Starting NFS daemon: [ OK ]Starting RPC idmapd: [ OK ]
七、检测端口是否启用
[root@localhost /]# service iptables statusTable: filterChain INPUT (policy ACCEPT)num target prot opt source destination 1 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 3 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 4 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:50001:50004 6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:50001:50004
[root@localhost /]# rpcinfo -p program vers proto port service 100000 4 tcp 111 portmapper 100000 3 tcp 111 portmapper 100000 2 tcp 111 portmapper 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper 100011 1 udp 50001 rquotad 100011 2 udp 50001 rquotad 100011 1 tcp 50001 rquotad 100011 2 tcp 50001 rquotad 100005 1 udp 50003 mountd 100005 1 tcp 50003 mountd 100005 2 udp 50003 mountd 100005 2 tcp 50003 mountd 100005 3 udp 50003 mountd 100005 3 tcp 50003 mountd 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100227 2 tcp 2049 nfs_acl 100227 3 tcp 2049 nfs_acl 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100227 2 udp 2049 nfs_acl 100227 3 udp 2049 nfs_acl 100021 1 udp 50002 nlockmgr 100021 3 udp 50002 nlockmgr 100021 4 udp 50002 nlockmgr 100021 1 tcp 50002 nlockmgr 100021 3 tcp 50002 nlockmgr 100021 4 tcp 50002 nlockmgr
第二部客户端的配置(192.168.128.140)
说明一点:nfs客户端不需要启动nfs服务,但是必须安装nfs-utils服务
[root@naginx /]#yum -y install nfs-utils[root@naginx /]#mkdir /date #创建挂载目录[root@naginx /]#showmount -e 192.168.128.141 #检测共享服务器的共享目录Export list for 192.168.128.141:/date/nfs_share (everyone)[root@naginx /]#mount -t nfs 192.168.128.141:/date/nfs_share /date/#挂载共享文件夹[root@naginx /]#df -h #查看Filesystem Size Used Avail Use% Mounted on/dev/sda2 18G 4.5G 13G 27% /tmpfs 495M 0 495M 0% /dev/shm/dev/sda1 283M 57M 211M 22% /boot/dev/sdb1 9.8G 23M 9.2G 1% /mnt/sdb1192.168.128.141:/date/nfs_share 18G 2.5G 15G 15% /date[root@naginx /]# touch /date/test.txt[root@naginx /]# ll /date/total 0-rw-r--r-- 1 root root 0 Jan 7 17:28 test.txt-rw-r--r-- 1 root root 0 Jan 7 16:22 tt.txt
在192.168.128.141服务器上查看
[root@localhost ~]# ll /date/nfs_share/total 0-rw-r--r--. 1 root root 0 Jan 7 17:28 test.txt-rw-r--r--. 1 root root 0 Jan 7 16:22 tt.txt
开机自动挂载
[root@naginx /]# sed -i -e '$a 192.168.128.141:/date/nfs_share /date nfs defaults 0 0' /etc/fstab[root@naginx /]# cat /etc/fstab # /etc/fstab# Created by anaconda on Wed Aug 26 09:07:44 2015## Accessible filesystems, by reference, are maintained under '/dev/disk'# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info#UUID=4051a3e2-3838-4382-9e24-4a225b3676bc / ext4 defaults 1 1UUID=5ebb3802-296d-4623-8136-a0b63c38b0ee /boot ext4 defaults 1 2UUID=7e9e358d-51a2-4f92-a2e3-8b8683afda5f swap swap defaults 0 0tmpfs /dev/shm tmpfs defaults 0 0devpts /dev/pts devpts gid=5,mode=620 0 0sysfs /sys sysfs defaults 0 0proc /proc proc defaults 0 0/dev/sdb1 /eee ext4 defaults 0 0192.168.128.141:/date/nfs_share /date nfs defaults 0 0
完成!