Setting Up NFS Server And Client On CentOS 7,NFS服务器搭建链接,主要讲挂载目录的跟的uid权限和NFS的Server端有关。
背景:想搭建一个Gitlab的两台机器进行都访问NAS网盘作为数据共享,而这样的好处是网盘内容是一致的,达到高可用,而同时对这个NAS网盘进行Git命令备份,防止网盘挂了,也能恢复,也是代码数据的高可用。
在阿里云上也申请了一个类似的NFS磁盘,但是挂载时是ROOT权限,我那个/home/git/.ssh想是git权限,于是提起工单:
售后工程师 : 您好,这样不支持,mount后的目录权限有ans服务端决定,目前不支持修改。
2017-07-06 23:42:54
售后工程师 : 您好,技术反馈这个是nas服务端决定的,目前我方设置的权限是777 root:root
经实践:
mkdir -p /home/git/mnt
ll -d /home/git/mnt/
drwxr-xr-x 2 root root 4096 Jul 8 23:52 /home/git/mnt/ #Linux root用户id号是0
挂载NFS:
mount -t nfs -o vers=3,tcp 10.71.15.98:/Vol-01/backup /home/git/mnt
ll -d /home/git/mnt/
drwxr-xr-x 11 1000 1000 114688 Jun 11 20:04 /home/git/mnt/
变成1000了,这个值是NFS服务端设置的,但是阿里云是0,也就不是Git账户的ID了。它是0,root用户id号是0,不敢该RootID值为非0值。
推测其配置如下:
打开/etc/exports文件,在末尾加入:
/home/kevin *(rw,sync,no_root_squash)
注:nfs允许挂载的目录及权限,在文件/etc/exports中进行定义,各字段含义如下:
/home/kevin:要共享的目录
* :允许所有的网段访问
rw :读写权限
sync:资料同步写入内在和硬盘
no_root_squash:nfs客户端共享目录使用者权限
nfs中exports中no_root_squash的意义:
no_root_squash:登入 NFS 主机使用分享目录的使用者,如果是 root 的话,那么对于这个分享的目录来说,他就具有 root 的权限!这个项目『极不安全』,不建议使用!
root_squash:在登入 NFS 主机使用分享之目录的使用者如果是 root 时,那么这个使用者的权限将被压缩成为匿名使用者,通常他的 UID 与 GID 都会变成 nobody 那个系统账号的身份。
增加no_root_squash可以轻松获得NFS主机共享目录读写权限.
showmount -e
Export list for mainboard_virtualbox_docker_10_10_0_106:
/backup 10.10.0.91,10.10.0.90,10.10.0.89,10.10.0.88,10.10.0.77,10.10.0.72,10.10.0.71,10.10.0.70,10.10.0.69,10.10.0.67,10.10.0.66,10.10.0.65,10.10.0.64,10.10.0.63,10.10.0.62,10.10.0.61,10.10.0.60,10.10.0.59,10.10.0.58,10.10.0.57,10.10.0.56,10.10.0.46,10.10.0.45,10.10.0.44,10.10.0.33
配置完需要nfs重启一下
service nfs reload
systemctl restart nfs
=================================================================================
在文章后面有讲如何搭建NFS服务器:http://jackxiang.com/post/8299/
NFS, stands for Network File System, is a server-client protocol used for sharing files between linux/unix to unix/linux systems. NFS enables you to mount a remote share locally. You can then directly access any of the files on that remote share.
Scenario
In this how-to, I will be using two systems which are running with CentOS 7. The same steps are applicable for RHEL and Scientific Linux 7 distributions.
Here are mt testing nodes details.
NFS Server Hostname: server.unixmen.local
NFS Server IP Address: 192.168.1.101/24
NFS Client Hostname: client.unixmen.local
NFS Client IP Address: 192.168.1.102/24
Server Side Configuration
Install NFS packages in your Server system by using the following command:
yum install nfs-utils nfs-utils-lib
Enable and start NFS services:
systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap
systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap
Now, let us create some shared directories in server.
Create a shared directory named ‘/var/unixmen_share’ in server and let the client users to read and write files in that directory.
mkdir /var/unixmen_share
chmod 777 /var/unixmen_share/
Export shared directory on NFS Server:
Edit file /etc/exports,
vi /etc/exports
Add the following line:
/var/unixmen_share/ 192.168.1.0/24(rw,sync,no_root_squash,no_all_squash)
where,
/var/unixmen_share – shared directory
192.168.1.0/24 – IP address range of clients
rw – Writable permission to shared folder
sync – Synchronize shared directory
no_root_squash – Enable root privilege
no_all_squash - Enable user’s authority
Restart the NFS service:
systemctl restart nfs-server
Client Side Configuration
Install NFS packages in your client system by using the following command:
yum install nfs-utils nfs-utils-lib
Enable and start NFS services:
systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap
systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap
Mount NFS shares On clients
Create a mount point to mount the shared folder ‘var/unixmen_share’ which we’ve created before in the server.
mkdir /var/nfs_share
Mount the share from server to client as shown below
mount -t nfs 192.168.1.101:/var/unixmen_share/ /var/nfs_share/
Sample Output:
mount.nfs: Connection timed out
Probably, it will show a connection timed out error which means that the firewall is blocking our NFS server. To access NFS shares from remote clients, we must allow the following nfs ports in the NFS server iptables/firewall.
From:
https://www.unixmen.com/setting-nfs-server-client-centos-7/
在阿里云上也申请了一个类似的NFS磁盘,但是挂载时是ROOT权限,我那个/home/git/.ssh想是git权限,于是提起工单:
售后工程师 : 您好,这样不支持,mount后的目录权限有ans服务端决定,目前不支持修改。
2017-07-06 23:42:54
售后工程师 : 您好,技术反馈这个是nas服务端决定的,目前我方设置的权限是777 root:root
经实践:
mkdir -p /home/git/mnt
ll -d /home/git/mnt/
drwxr-xr-x 2 root root 4096 Jul 8 23:52 /home/git/mnt/ #Linux root用户id号是0
挂载NFS:
mount -t nfs -o vers=3,tcp 10.71.15.98:/Vol-01/backup /home/git/mnt
ll -d /home/git/mnt/
drwxr-xr-x 11 1000 1000 114688 Jun 11 20:04 /home/git/mnt/
变成1000了,这个值是NFS服务端设置的,但是阿里云是0,也就不是Git账户的ID了。它是0,root用户id号是0,不敢该RootID值为非0值。
推测其配置如下:
打开/etc/exports文件,在末尾加入:
/home/kevin *(rw,sync,no_root_squash)
注:nfs允许挂载的目录及权限,在文件/etc/exports中进行定义,各字段含义如下:
/home/kevin:要共享的目录
* :允许所有的网段访问
rw :读写权限
sync:资料同步写入内在和硬盘
no_root_squash:nfs客户端共享目录使用者权限
nfs中exports中no_root_squash的意义:
no_root_squash:登入 NFS 主机使用分享目录的使用者,如果是 root 的话,那么对于这个分享的目录来说,他就具有 root 的权限!这个项目『极不安全』,不建议使用!
root_squash:在登入 NFS 主机使用分享之目录的使用者如果是 root 时,那么这个使用者的权限将被压缩成为匿名使用者,通常他的 UID 与 GID 都会变成 nobody 那个系统账号的身份。
增加no_root_squash可以轻松获得NFS主机共享目录读写权限.
showmount -e
Export list for mainboard_virtualbox_docker_10_10_0_106:
/backup 10.10.0.91,10.10.0.90,10.10.0.89,10.10.0.88,10.10.0.77,10.10.0.72,10.10.0.71,10.10.0.70,10.10.0.69,10.10.0.67,10.10.0.66,10.10.0.65,10.10.0.64,10.10.0.63,10.10.0.62,10.10.0.61,10.10.0.60,10.10.0.59,10.10.0.58,10.10.0.57,10.10.0.56,10.10.0.46,10.10.0.45,10.10.0.44,10.10.0.33
配置完需要nfs重启一下
service nfs reload
systemctl restart nfs
=================================================================================
在文章后面有讲如何搭建NFS服务器:http://jackxiang.com/post/8299/
NFS, stands for Network File System, is a server-client protocol used for sharing files between linux/unix to unix/linux systems. NFS enables you to mount a remote share locally. You can then directly access any of the files on that remote share.
Scenario
In this how-to, I will be using two systems which are running with CentOS 7. The same steps are applicable for RHEL and Scientific Linux 7 distributions.
Here are mt testing nodes details.
NFS Server Hostname: server.unixmen.local
NFS Server IP Address: 192.168.1.101/24
NFS Client Hostname: client.unixmen.local
NFS Client IP Address: 192.168.1.102/24
Server Side Configuration
Install NFS packages in your Server system by using the following command:
yum install nfs-utils nfs-utils-lib
Enable and start NFS services:
systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap
systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap
Now, let us create some shared directories in server.
Create a shared directory named ‘/var/unixmen_share’ in server and let the client users to read and write files in that directory.
mkdir /var/unixmen_share
chmod 777 /var/unixmen_share/
Export shared directory on NFS Server:
Edit file /etc/exports,
vi /etc/exports
Add the following line:
/var/unixmen_share/ 192.168.1.0/24(rw,sync,no_root_squash,no_all_squash)
where,
/var/unixmen_share – shared directory
192.168.1.0/24 – IP address range of clients
rw – Writable permission to shared folder
sync – Synchronize shared directory
no_root_squash – Enable root privilege
no_all_squash - Enable user’s authority
Restart the NFS service:
systemctl restart nfs-server
Client Side Configuration
Install NFS packages in your client system by using the following command:
yum install nfs-utils nfs-utils-lib
Enable and start NFS services:
systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap
systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap
Mount NFS shares On clients
Create a mount point to mount the shared folder ‘var/unixmen_share’ which we’ve created before in the server.
mkdir /var/nfs_share
Mount the share from server to client as shown below
mount -t nfs 192.168.1.101:/var/unixmen_share/ /var/nfs_share/
Sample Output:
mount.nfs: Connection timed out
Probably, it will show a connection timed out error which means that the firewall is blocking our NFS server. To access NFS shares from remote clients, we must allow the following nfs ports in the NFS server iptables/firewall.
From:
https://www.unixmen.com/setting-nfs-server-client-centos-7/
作者:jackxiang@向东博客 专注WEB应用 构架之美 --- 构架之美,在于尽态极妍 | 应用之美,在于药到病除
地址:https://jackxiang.com/post/8889/
版权所有。转载时必须以链接形式注明作者和原始出处及本声明!
最后编辑: jackxiang 编辑于2019-9-8 13:23
[实践OK]Charles在mac上进行抓包分析, mac端的优秀抓包工
Linux修改本机/etc/hosts的hostName后经常不生效评论列表
