Linux nfs server oracle

Linux nfs server oracle

This chapter includes information about managing the Network File System (NFS) in Oracle Linux 9 , including tasks for configuring, administering, and using NFS.

For information about local file system management in Oracle Linux, see Oracle Linux 9: Managing Local File Systems.

About NFS

NFS (Network File System) is a distributed file system that enables a client system to access files over a network as though the files were on local storage.

An NFS server can share directory hierarchies in its local file systems with remote client systems over an IP-based network. After an NFS server exports a directory, NFS clients mount this directory, provided that the clients have been granted the appropriate permissions. To the client systems, the directory appears as if it were a local directory. The benefits of using NFS include centralized storage provisioning, improved data consistency, and reliability.

Supported Versions of NFS

The following versions of NFS are supported in Oracle Linux 9 :

  • NFS version 3 (NFSv3), specified in RFC 1813.
  • NFS version 4 (NFSv4), specified in RFC 7530.
  • NFS version 4 minor version 1 (NFSv4.1), specified in RFC 5661.
  • NFS version 4 minor version 2 (NFSv4.2), specified in RFC 7862 .

NFSv3 provides safe, asynchronous writes and efficient error handling. NFSv3 also supports 64-bit file sizes and offsets, which enable clients to access more than 2 GB of file data.

NFSv3 relies on Remote Procedure Call (RPC) services, which are controlled by the rpcbind service. The rpcbind service responds to requests for an RPC service and then sets up connections for the requested service. In addition, separate services are used to handle locking and mounting protocols, as configuring a firewall to cope with the various ports that are used by all these services can be complex and error-prone.

In previous Oracle Linux releases, NFSv3 was able to also use the User Datagram Protocol (UDP). However, beginning from Oracle Linux 8, NFS over UDP is no longer supported. Further, UDP is disabled in the NFS server by default in this release.

NFSv4 is capable of working through firewalls, as well as the Internet. Also, NFSv4 does not require the rpcbind service. In addition, NFSv4 supports access Control Lists (ACLs), and uses stateful operations.

NFSv4 requires the Transmission Control Protocol (TCP) running over an IP network. As mentioned, NFSv4 does not use rpcbind ; as such, the NFS server listens on TCP port 2049 for service requests. The mounting and locking protocols are also integrated into the NFSv4 protocol, which means that separate services are also not required for these protocols. These refinements make firewall configuration for NFSv4 no more difficult than for a service such as HTTP.

Читайте также:  Кали linux на флешку

Note that in Oracle Linux 9 , NFS clients attempt to mount by using NFSv4.2 (the default version), but fall back to NFSv4.1 when the server does not support NFSv4.2. The mount later falls back to NFSv4.0 and then to NFSv3.

About NFS Services

In Oracle Linux 9 , NFS versions rely on Remote Procedure Calls (RPC) between clients and servers. To share or mount NFS file systems, the following required services work together, depending on which version of NFS is implemented. Note that all of these services are started automatically:

Server kernel module that services requests for shared NFS file systems.

Service that accepts port reservations from local RPC services, which are made available or advertised so that the corresponding remote RPC services can access them and also hat the client is allowed to access it.

Process that is used by an NFS server to process mount requests from NFSv3 clients. The service checks that the requested NFS share is currently exported by the NFS server.

Process that enables explicit NFS versions and protocols the server advertises to be defined.

Kernel thread that runs on both clients and servers. The lockd process implements the Network Lock Manager (NLM) protocol, which enables NFSv3 clients to lock files on the server. The daemon is started automatically whenever the NFS server is run and whenever an NFS file system is mounted.

Process that implements the Network Status Monitor (NSM) RPC protocol, which notifies NFS clients when an NFS server is restarted without being gracefully brought down. The rpc-statd service is automatically started by the nfs-server service. This service does not require configuration by the user and is not used with NFSv4.

Process that provides NFSv4 client and server upcalls, which map between on-the-wire NFSv4 names (strings in the form of user@domain) and local UIDs and GIDs. Note that for the idmapd process to function with NFSv4, you must configure the /etc/idmapd.conf file. Note that only NFSv4 uses the rpc-idmapd process.

The mounting and locking protocols are incorporated into the NFSv4 protocol. Also, the server listens on TCP port 2049. For this reason, NFSv4 does not need to interact with the rpcbind , lockd , and rpc-statd services. However, the nfs-mountd service is still required to set up exports on the NFS server; but, the service is not involved in any over-the-wire operations.

The rpc-idmapd service only handles upcalls from the kernel and is not itself directly involved in any over-the-wire operations. The service, however, might make naming service calls, which do result in over-the-wire lookups.

Configuring an NFS Server

You can configure an NFS server in Oracle Linux in the following ways:

  • By editing the /etc/exports file manually. Exports can also be added to files that you create in the /etc/exports.d directory.
  • By using the exportfs command.
Читайте также:  Linux tail команда grep

Configuring an NFS Server by Editing the /etc/exports File

The following steps describe how to configure an NFS server by editing the /etc/exports file.

You can also add exports to files that you create in the /etc/exports.d directory in a similar fashion.

sudo dnf install nfs-utils
/var/folder 192.0.2.102(rw,async) /usr/local/apps *(all_squash,anonuid=501,anongid=501,ro) /var/projects/proj1 192.168.1.0/24(ro) mgmtpc(rw)
  • Only the client system with the IP address 192.0.2.102 can mount the /var/folder directory with read and write permissions. All writes to the disk are asynchronous. Therefore, the server does not wait for write requests to be written to disk before responding to further requests from the client.
  • As indicated by the wildcard (*), all of the clients can mount the /usr/local/apps directory as read-only. All connecting users, including root users, are mapped to the local, unprivileged user with UID 501 and GID 501.
  • All of the clients on the 192.168.1.0/24 subnet can mount the /var/projects/proj1 directory as read-only. However, the client system named mgmtpc can mount the directory with read-write permissions.

For more information, see the exports(5) manual page.

sudo firewall-cmd --permanent --zone=zone --add-service=nfs
    Edit the /etc/nfs.conf file to create port settings for handling network mount requests and status monitoring. Additionally, set the TCP port on which the network lock manager should listen, for example:
# Ports that various services should listen on. [mountd] port = 892 [statd] port = 662 [lockd] port = 32803
sudo firewall-cmd --permanent --zone=zone --add-port=2049/tcp --add-port=111/tcp --add-port=32803/tcp --add-port=892/tcp --add-port=662/tcp
sudo systemctl enable --now nfs-server
Export list for host01.mydom.com /var/folder 192.0.2.102 /usr/local/apps * /var/projects/proj1 192.168.1.0/24 mgmtpc

The showmount -a command displays all of the current clients and all of the file systems that the clients have mounted.

Note: To enable use of the showmount command from NFSv4 clients, specify a port number to the MOUNTD_PORT parameter in /etc/nfs.conf . Then, create a firewall rule to enable access to this TCP port.

Configuring an NFS Server by Using the exportfs Command

The exportfs command enables the administrator to export or unexport directories selectively, and eliminates the need to restart the NFS service. By providing the appropriate options, the exportfs command writes the exported file systems to the /var/lib/nfs/etab file. Changes to the list of exported file systems are effective immediately because the nfs-mountd service refers to the etab file for determining access privileges to a file system.

If used without any options, exportfs displays a list of currently exported file systems.

Options that you can specify with the exportfs command include the following:

Refreshes the list of exported directories in the /var/lib/nfs/etab file by incorporating any changes that were made to the list in the /etc/exports file.

Exports all of the file systems that are specified in the /etc/exports file. This option can be combined with other options, which determines the action the command performs.

Читайте также:  Редактор кода linux mint

Unexports all of the shared directories.

The exportfs -ua command suspends NFS file sharing, but keeps all NFS services running. To re-enable NFS sharing, use the exportfs -r command.

Specifies a verbose logging, which displays information about the file systems that are being exported or unexported in greater detail.

For more information, see the exportfs(8) , exports(5) , and showmount(8) manual pages.

Mounting an NFS File System

sudo dnf install nfs-utils
sudo showmount -e host01.mydom.com
Export list for host01.mydom.com /var/folder 192.0.2.102 /usr/local/apps * /var/projects/proj1 192.168.1.0/24 mgmtpc
sudo mount -t nfs -r -o nosuid host01.mydoc.com:/usr/local/apps /apps
host01.mydoc.com:/usr/local/apps /apps nfs ro,nosuid 0 0

For more information, see the mount(8) , nfs(5) , and showmount(8) manual pages.

Источник

Linux nfs server oracle

  • Preface
  • Pre-installation Configuration
    • System Requirements
    • Obtaining Oracle Linux 6 Installation Media
    • Planning the Installation
    • Configuring a Network Installation Server
      • Setting up a New NFS Server
      • Configuring an Existing NFS Server
      • Setting up a New HTTP Server
      • Configuring an Existing HTTP Server
      • Setting up a Network Installation Server
      • Modifying a Full DVD Image to Support Btrfs root File System Installation
      • Configuring DHCP and TFTP Services to Support PXE Clients
      • Configuring Dnsmasq to Support PXE Clients
      • About Boot-Loader Configuration Files
      • Configuring DHCP to Support iPXE Clients
      • Installation Overview
        • Starting the Installation
        • Continuing the Installation
        • Configuring Disk Partitions
        • Selecting Software Packages
        • Performing FirstBoot Configuration Tasks
        • Installing a Btrfs root File System
        • Creating a Kickstart File
          • Installation Options Section
          • Packages Section
          • Pre-installation Configuration Section
          • Post-installation Configuration Section
          • Registering with the Unbreakable Linux Network
          • Obtaining Errata and Updates from the Oracle Linux Yum Server
          • Obtaining Packages from the Oracle Linux Installation Media
          • Applying Updates
          • Installing the Unbreakable Enterprise Kernel
          • Upgrading the Unbreakable Enterprise Kernel
          • Configuring the System Firewall
          • Changing the SELinux Mode

          The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
          Oracle recommends that you upgrade the software described by this documentation as soon as possible.

          1.4.1 Setting up a New NFS Server

          This procedure assumes that you are setting up an Oracle Linux 6 system as an NFS version 4 server. Using NFSv4 greatly simplifies firewall configuration as you need only configure a single rule for TCP port 2049.

          # yum install nfs-utils
          # mkdir -p /var/OSimage/OL6.6
          1. Add an entry for the directory where you will copy the DVD image. The following example allows read-only access to the directory /var/OSimage/OL6.6 for any NFS client on the 192.168.1 subnet:
          /var/OSimage/OL6.6 192.168.1.0/24(ro)
          # service rpcbind start # service nfs start # service nfslock start # chkconfig rpcbind on # chkconfig nfs on # chkconfig nfslock on
          # iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT # service iptables save

          Copyright © 2013, 2021, Oracle and/or its affiliates. Legal Notices

          Источник

Оцените статью
Adblock
detector