centos6.5 nfs-server 配置实例
centos6.5 nfs-server 配置实例
环境说明: 192.168.128.141 服务器端
192.168.128.140 客户端
一、配置服务器端(用于内网使用所以我用yum 安装)
[root@localhost ~]# yum install nfs-utils rpcbind -y
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirror.neu.edu.cn
* extras: mirror.bit.edu.cn
* updates: mirror.oasis.onnetcorp.com
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package nfs-utils.x86_64 1:1.2.3-64.el6 will be installed
--> Processing Dependency: nfs-utils-lib >= 1.1.0-3 for package: 1:nfs-utils-1.2.3-64.el6.x86_64
--> Processing Dependency: keyutils >= 1.4-4 for package: 1:nfs-utils-1.2.3-64.el6.x86_64
--> Processing Dependency: python-argparse for package: 1:nfs-utils-1.2.3-64.el6.x86_64
--> Processing Dependency: libtirpc for package: 1:nfs-utils-1.2.3-64.el6.x86_64
--> Processing Dependency: libgssglue.so.1(libgssapi_CITI_2)(64bit) for package: 1:nfs-utils-1.2.3-64.el6.x86_64
--> Processing Dependency: libgssglue for package: 1:nfs-utils-1.2.3-64.el6.x86_64
--> Processing Dependency: libevent for package: 1:nfs-utils-1.2.3-64.el6.x86_64
--> Processing Dependency: libtirpc.so.1()(64bit) for package: 1:nfs-utils-1.2.3-64.el6.x86_64
--> Processing Dependency: libnfsidmap.so.0()(64bit) for package: 1:nfs-utils-1.2.3-64.el6.x86_64
--> Processing Dependency: libgssglue.so.1()(64bit) for package: 1:nfs-utils-1.2.3-64.el6.x86_64
--> Processing Dependency: libevent-1.4.so.2()(64bit) for package: 1:nfs-utils-1.2.3-64.el6.x86_64
---> Package rpcbind.x86_64 0:0.2.0-11.el6 will be installed
--> Running transaction check
---> Package keyutils.x86_64 0:1.4-5.el6 will be installed
--> Processing Dependency: keyutils-libs = 1.4-5.el6 for package: keyutils-1.4-5.el6.x86_64
---> Package libevent.x86_64 0:1.4.13-4.el6 will be installed
---> Package libgssglue.x86_64 0:0.1-11.el6 will be installed
---> Package libtirpc.x86_64 0:0.2.1-10.el6 will be installed
---> Package nfs-utils-lib.x86_64 0:1.1.5-11.el6 will be installed
---> Package python-argparse.noarch 0:1.2.1-2.1.el6 will be installed
--> Running transaction check
---> Package keyutils-libs.x86_64 0:1.4-4.el6 will be updated
---> Package keyutils-libs.x86_64 0:1.4-5.el6 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================================================================================
Installing:
nfs-utils x86_64 1:1.2.3-64.el6 base 331 k
rpcbind x86_64 0.2.0-11.el6 base 51 k
Installing for dependencies:
keyutils x86_64 1.4-5.el6 base 39 k
libevent x86_64 1.4.13-4.el6 base 66 k
libgssglue x86_64 0.1-11.el6 base 23 k
libtirpc x86_64 0.2.1-10.el6 base 79 k
nfs-utils-lib x86_64 1.1.5-11.el6 base 68 k
python-argparse noarch 1.2.1-2.1.el6 base 48 k
Updating for dependencies:
keyutils-libs x86_64 1.4-5.el6 base 20 k
Transaction Summary
=============================================================================================================================================================================================
Install 8 Package(s)
Upgrade 1 Package(s)
Total download size: 725 k
Downloading Packages:
(1/9): keyutils-1.4-5.el6.x86_64.rpm | 39 kB 00:00
(2/9): keyutils-libs-1.4-5.el6.x86_64.rpm | 20 kB 00:00
(3/9): libevent-1.4.13-4.el6.x86_64.rpm | 66 kB 00:01
(4/9): libgssglue-0.1-11.el6.x86_64.rpm | 23 kB 00:01
(5/9): libtirpc-0.2.1-10.el6.x86_64.rpm | 79 kB 00:01
(6/9): nfs-utils-1.2.3-64.el6.x86_64.rpm | 331 kB 00:11
(7/9): nfs-utils-lib-1.1.5-11.el6.x86_64.rpm | 68 kB 00:02
(8/9): python-argparse-1.2.1-2.1.el6.noarch.rpm | 48 kB 00:00
(9/9): rpcbind-0.2.0-11.el6.x86_64.rpm | 51 kB 00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 29 kB/s | 725 kB 00:25
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Importing GPG key 0xC105B9DE:
Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <[email protected]>
Package: centos-release-6-5.el6.centos.11.1.x86_64 (@anaconda-CentOS-201311272149.x86_64/6.5)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : libgssglue-0.1-11.el6.x86_64 1/10
Installing : libtirpc-0.2.1-10.el6.x86_64 2/10
Updating : keyutils-libs-1.4-5.el6.x86_64 3/10
Installing : keyutils-1.4-5.el6.x86_64 4/10
Installing : rpcbind-0.2.0-11.el6.x86_64 5/10
Installing : python-argparse-1.2.1-2.1.el6.noarch 6/10
Installing : libevent-1.4.13-4.el6.x86_64 7/10
Installing : nfs-utils-lib-1.1.5-11.el6.x86_64 8/10
Installing : 1:nfs-utils-1.2.3-64.el6.x86_64 9/10
Cleanup : keyutils-libs-1.4-4.el6.x86_64 10/10
Verifying : keyutils-libs-1.4-5.el6.x86_64 1/10
Verifying : rpcbind-0.2.0-11.el6.x86_64 2/10
Verifying : keyutils-1.4-5.el6.x86_64 3/10
Verifying : libevent-1.4.13-4.el6.x86_64 4/10
Verifying : nfs-utils-lib-1.1.5-11.el6.x86_64 5/10
Verifying : libtirpc-0.2.1-10.el6.x86_64 6/10
Verifying : 1:nfs-utils-1.2.3-64.el6.x86_64 7/10
Verifying : libgssglue-0.1-11.el6.x86_64 8/10
Verifying : python-argparse-1.2.1-2.1.el6.noarch 9/10
Verifying : keyutils-libs-1.4-4.el6.x86_64 10/10
Installed:
nfs-utils.x86_64 1:1.2.3-64.el6 rpcbind.x86_64 0:0.2.0-11.el6
Dependency Installed:
keyutils.x86_64 0:1.4-5.el6 libevent.x86_64 0:1.4.13-4.el6 libgssglue.x86_64 0:0.1-11.el6 libtirpc.x86_64 0:0.2.1-10.el6 nfs-utils-lib.x86_64 0:1.1.5-11.el6
python-argparse.noarch 0:1.2.1-2.1.el6
Dependency Updated:
keyutils-libs.x86_64 0:1.4-5.el6
Complete!
二、配置nfs文件打开端口
[root@localhost ~]# vim /etc/sysconfig/nfs
[root@localhost ~]# cat /etc/sysconfig/nfs
RQUOTAD_PORT=50001
LOCKD_TCPPORT=50002
LOCKD_UDPPORT=50002
MOUNTD_PORT=50003
STATD_PORT=50004
三、添加防火墙端口
[root@localhost ~]# vim /etc/sysconfig/iptables
[root@localhost ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Thu Jan 7 15:56:59 2016
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [24:2624]
-A INPUT -p udp -m udp --dport 111 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 111 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2049 -j ACCEPT
-A INPUT -p udp -m udp --dport 2049 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 50001:50004 -j ACCEPT
-A INPUT -p udp -m udp --dport 50001:50004 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Thu Jan 7 15:56:59 2016
[root@localhost ~]# service iptables restart #重启防火墙
四、创建共享文件
[root@localhost /]# mkdir -p /date/nfs_share
五、编辑etc/exports 文件
[root@localhost /]# vim /etc/exports
[root@localhost ~]# cat /etc/exports
/date/nfs_share 192.168.128.140(rw,sync,no_root_squash)
/date/nfs_share *(ro)
这一行表示只有192.168.128.140客户端能够以读写权限挂载共享目录,其他客户端只能以只读权限挂载。
[root@localhost /]# exportfs -r #使配置生效
#######################################################################
说明下这里的参数的意思
rw:read-write,可读写;
ro:read-only,只读;
sync:文件同时写入硬盘和内存;
async:文件暂存于内存,而不是直接写入内存;
no_root_squash:NFS客户端连接服务端时如果使用的是root的话,那么对服务端分享的目录来说,也拥有root权限。显然开启这项是不安全的。
root_squash:NFS客户端连接服务端时如果使用的是root的话,那么对服务端分享的目录来说,拥有匿名用户权限,通常他将使用nobody或nfsnobody身份;
all_squash:不论NFS客户端连接服务端时使用什么用户,对服务端分享的目录来说都是拥有匿名用户权限;
anonuid:匿名用户的UID值,通常是nobody或nfsnobody,可以在此处自行设定;
anongid:匿名用户的GID值。
############################################################################
六、设置开机启动
[root@localhost /]# chkconfig nfs on
[root@localhost /]# chkconfig rpcbind on
[root@localhost /]# service nfs start
Starting NFS services: [ OK ]
Starting NFS quotas: Cannot register service: RPC: Unable to receive; errno = Connection refused
rpc.rquotad: unable to register (RQUOTAPROG, RQUOTAVERS, udp). [FAILED]
Starting NFS mountd: [FAILED]
Starting NFS daemon: rpc.nfsd: writing fd to kernel failed: errno 111 (Connection refused)
rpc.nfsd: unable to set any sockets for nfsd [FAILED]
[root@localhost /]# rpcinfo -p #检测下出现没有portmap 服务器和文件,导致这个错误的原因是要先启动rpcbind 服务
rpcinfo: can't contact portmapper: RPC: Remote system error - No such file or directory
[root@localhost /]# service rpcbind start
Starting rpcbind: [ OK ]
[root@localhost /]# service nfs start
Starting NFS services: [ OK ]
Starting NFS quotas: [ OK ]
Starting NFS mountd: [ OK ]
Starting NFS daemon: [ OK ]
Starting RPC idmapd: [ OK ]
七、检测端口是否启用
[root@localhost /]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
3 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049
4 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:2049
5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:50001:50004
6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:50001:50004
7 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
9 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
11 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
[root@localhost /]# rpcinfo -p
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100011 1 udp 50001 rquotad
100011 2 udp 50001 rquotad
100011 1 tcp 50001 rquotad
100011 2 tcp 50001 rquotad
100005 1 udp 50003 mountd
100005 1 tcp 50003 mountd
100005 2 udp 50003 mountd
100005 2 tcp 50003 mountd
100005 3 udp 50003 mountd
100005 3 tcp 50003 mountd
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 2 tcp 2049 nfs_acl
100227 3 tcp 2049 nfs_acl
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100227 2 udp 2049 nfs_acl
100227 3 udp 2049 nfs_acl
100021 1 udp 50002 nlockmgr
100021 3 udp 50002 nlockmgr
100021 4 udp 50002 nlockmgr
100021 1 tcp 50002 nlockmgr
100021 3 tcp 50002 nlockmgr
100021 4 tcp 50002 nlockmgr
第二部客户端的配置(192.168.128.140)
说明一点:nfs客户端不需要启动nfs服务,但是必须安装nfs-utils服务
[root@naginx /]# yum -y install nfs-utils
[root@naginx /]# mkdir /date #创建挂载目录
[root@naginx /]# showmount -e 192.168.128.141 #检测共享服务器的共享目录
Export list for 192.168.128.141:
/date/nfs_share (everyone)
[root@naginx /]# mount -t nfs 192.168.128.141:/date/nfs_share /date/ #挂载共享文件夹
[root@naginx /]# df -h #查看
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 18G 4.5G 13G 27% /
tmpfs 495M 0 495M 0% /dev/shm
/dev/sda1 283M 57M 211M 22% /boot
/dev/sdb1 9.8G 23M 9.2G 1% /mnt/sdb1
192.168.128.141:/date/nfs_share
18G 2.5G 15G 15% /date
[root@naginx /]# touch /date/test.txt
[root@naginx /]# ll /date/
total 0
-rw-r--r-- 1 root root 0 Jan 7 17:28 test.txt
-rw-r--r-- 1 root root 0 Jan 7 16:22 tt.txt
在192.168.128.141服务器上查看
[root@localhost ~]# ll /date/nfs_share/
total 0
-rw-r--r--. 1 root root 0 Jan 7 17:28 test.txt
-rw-r--r--. 1 root root 0 Jan 7 16:22 tt.txt
开机自动挂载
[root@naginx /]# sed -i -e '$a 192.168.128.141:/date/nfs_share /date nfs defaults 0 0' /etc/fstab
[root@naginx /]# cat /etc/fstab
# /etc/fstab
# Created by anaconda on Wed Aug 26 09:07:44 2015
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=4051a3e2-3838-4382-9e24-4a225b3676bc / ext4 defaults 1 1
UUID=5ebb3802-296d-4623-8136-a0b63c38b0ee /boot ext4 defaults 1 2
UUID=7e9e358d-51a2-4f92-a2e3-8b8683afda5f swap swap defaults 0 0
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/dev/sdb1 /eee ext4 defaults 0 0
192.168.128.141:/date/nfs_share /date nfs defaults 0 0
完成!