NFS服务器搭建与配置

1.要求

2.实现

1.2.1 创立两台服务器

省略

1.2.2配置仓库

在 nfs-server 虚拟机上配置好本地仓库

[root@localhost ~]# vi /etc/yum.repos.d/dnf.repo
[root@localhost ~]# cat /etc/yum.repos.d/dnf.repo 
[BaseOS]
name=BaseOS
baseurl=/mnt/BaseOS
gpgcheck=0
[AppStream]
name=AppStream
baseurl=/mnt/AppStream
gpgcheck=0

[root@localhost ~]# yum repolist
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.

repo id                                            repo name
AppStream                                          AppStream
BaseOS                                             BaseOS
[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@localhost ~]# ls /mnt
AppStream  EFI   extra_files.json  images    media.repo               RPM-GPG-KEY-redhat-release
BaseOS     EULA  GPL               isolinux  RPM-GPG-KEY-redhat-beta

然后将这个仓库复制到 dnf-client 虚拟机中。

[root@localhost ~]# scp /etc/yum.repos.d/dnf.repo root@192.168.72.136:/etc/yum.repos.d/
The authenticity of host '192.168.72.136 (192.168.72.136)' can't be established.
ED25519 key fingerprint is SHA256:IXJJgIYtrMMZ4EALsHR1+6xQNFLC6sUdQWpDW1Ub3fk.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? y
Please type 'yes', 'no' or the fingerprint: yes
Warning: Permanently added '192.168.72.136' (ED25519) to the list of known hosts.
root@192.168.72.136's password: 
dnf.repo                                                            100%  113    71.2KB/s   00:00 

1.2.3 设置主机名

nfs-server

[root@localhost ~]# dnf install net-tools wget curl bash-completion vim -y

[root@localhost ~]# hostnamectl hostname nfs-server

nfs-client
[root@localhost ~]# hostnamectl hostname nfs-client

1.2.4 设置IP

# 配置服务器IP
[root@nfs-server ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.72.113/24 ipv4.dns 223.5.5.5 ipv4.gateway 192.168.72.2 connection.autoconnect yes
[root@nfs-server ~]# nmcli c up ens160

# 配置客户端IP
[root@nfs-client ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.72.114/24 ipv4.dns 223.5.5.5 ipv4.gateway 192.168.72.2 connection.autoconnect yes
[root@nfs-client ~]# nmcli c up ens160

1.2.5 安装nfs服务

[root@nfs-server ~]# systemctl enable --now nfs-server

[root@nfs-client ~]# systemctl enable --now nfs-server

1.2.7 放行防火墙

[root@nfs-server ~]# firewall-cmd --permanent --add-service=nfs
success
[root@nfs-server ~]# firewall-cmd --reload
success

[root@nfs-client ~]# firewall-cmd --permanent --add-service=nfs
success
[root@nfs-client ~]# firewall-cmd --reload
success

验证是否放行成功

[root@nfs-server ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160
  sources: 
  services: cockpit dhcpv6-client nfs ssh
  ports: 
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

[root@nfs-client ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160
  sources: 
  services: cockpit dhcpv6-client nfs ssh
  ports: 
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

1.2.8 关闭Selinux

[root@nfs-server ~]# getenforce
Enforcing
[root@nfs-server ~]# setenforce 0
[root@nfs-server ~]# getenforce
Permissive

[root@nfs-client ~]# getenforce
Enforcing
[root@nfs-client ~]# setenforce 0
[root@nfs-client ~]# getenforce
Permissive

1.2.9 配置NFS

在NFS服务端(nfs-server)完成。

1、首先创建一个用于存储文件目录

[root@nfs-server ~]# mkdir /nfs/data -p

2、将这个目录共享给客户端，编写 /etc/exports 文件，在文件中做如下的配置。

[root@nfs-server ~]# vim /etc/exports
[root@nfs-server ~]# cat /etc/exports
/nfs/data 192.168.72.114(rw)

3、暴露共享服务

# 配置好后，重启服务
[root@nfs-server ~]# systemctl restart nfs-server
# 然后暴露共享服务
[root@nfs-server ~]# showmount -e 192.168.72.113
Export list for 192.168.72.113:
/nfs/data 192.168.72.114

在客户端（nfs-client）完成。

# 1. 创建挂载目录
[root@nfs-client ~]# mkdir /data/nfs -p

# 2. 将创建的目录挂载到服务端的共享目录
[root@nfs-client ~]# mount -t nfs 192.168.72.113:/nfs/data /data/nfs

# 3. 查看是否挂载成功
[root@nfs-client ~]# df /data/nfs
Filesystem               1K-blocks    Used Available Use% Mounted on
192.168.72.113:/nfs/data  46587904 1755648  44832256   4% /data/nfs

1.2.10 功能测试

1.2.10.1 测试客户端读

首先在服务端创建 1.txt 文件

[root@nfs-server ~]# cd /nfs/data/
[root@nfs-server data]# ls
[root@nfs-server data]# touch 1.txt
[root@nfs-server data]# echo 1.txt > 1.txt

然后在客户端查看这个文件

[root@nfs-client ~]# ls /data/nfs/
1.txt
[root@nfs-client ~]# cat /data/nfs/1.txt 
[root@nfs-client ~]# cat /data/nfs/1.txt 
1.txt

1.2.10.2 测试客户端写

[root@nfs-client ~]# echo good night > /data/nfs/nihao.txt
-bash: /data/nfs/nihao.txt: Permission denied

如果我们在客户端写数据时，提示没有权限。如何解决呢？

1.在服务端上执行

[root@nfs-server /]# chmod o+rw /nfs

2.在服务端设置好权限后，再在客户端执行如下的代码：

[root@nfs-client ~]# echo good night > /data/nfs/nihao.txt

3.然后在服务端查看：

[root@nfs-server data]# ls
1.txt  nihao.txt