验证服务是否存在:
[root@xenserver1-NEW ~]# service nfs status
rpc.mountd is stopped
nfsd is stopped
[root@xenserver1-NEW ~]#
[root@xenserver1-NEW ~]# service portmap status
portmap (pid 5584) is running...
[root@xenserver1-NEW ~]#
设置nfs,portmap自动启动:
[root@xenserver1-NEW ~]# chkconfig --level 3 nfs on
[root@xenserver1-NEW ~]# chkconfig --level 3 portmap on
[root@xenserver1-NEW ~]#
将共享的目录写到exports文件中,保存虚拟磁盘的目录使用async (异步方式)是考虑提高性能,会牺牲一些可靠性。
[root@xenserver1-NEW ~]# vi /etc/exports
/newvol/iso 192.168.1.0/24(ro,no_root_squash,sync)
/newvol/vm 192.168.1.232(rw,no_root_squash,async)
/newvol/vm 192.168.1.233(rw,no_root_squash,async)
输出共享目录:
[root@xenserver1-NEW ~]# exportfs -rv
exporting 192.168.1.0/24:/newvol/iso
exporting 192.168.1.232:/newvol/vm
exporting 192.168.1.233:/newvol/vm
[root@xenserver1-NEW ~]#
重启nfs,portmap:
[root@xenserver1-NEW ~]# service nfs restart
[root@xenserver1-NEW ~]# service portmap restart
查看端口号:
[root@xenserver1-NEW ~]# rpcinfo -p
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100021 1 udp 38994 nlockmgr
100021 3 udp 38994 nlockmgr
100021 4 udp 38994 nlockmgr
100021 1 tcp 59675 nlockmgr
100021 3 tcp 59675 nlockmgr
100021 4 tcp 59675 nlockmgr
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100005 1 udp 688 mountd
100005 1 tcp 691 mountd
100005 2 udp 688 mountd
100005 2 tcp 691 mountd
100005 3 udp 688 mountd
100005 3 tcp 691 mountd
[root@xenserver1-NEW ~]#
rquotad服务 不知为何没有出现,但是不影响。
在/etc/services结尾增加两行:
[root@xenserver1-NEW ~]# vi /etc/services
mountd 688/udp # nfs mountd
mountd 691/tcp # nfs mountd
添加iptables防火墙规则:
[root@xenserver1-NEW ~]# vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 111 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 691 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 111 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 688 -j ACCEPT
最好重启一下服务器:
[root@xenserver1-NEW ~]# shutdown -r now
再次验证nfs,portmap服务已经启动,查看服务端口:
[root@xenserver1-NEW ~]# service nfs status
rpc.mountd (pid 6334) is running...
nfsd (pid 6331 6330 6329 6328 6327 6326 6325 6324) is running...
[root@xenserver1-NEW ~]#
[root@xenserver1-NEW ~]# service portmap status
portmap (pid 5580) is running...
[root@xenserver1-NEW ~]#
[root@xenserver1-NEW ~]# rpcinfo -p
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 600 status
100024 1 tcp 600 status
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100021 1 udp 35545 nlockmgr
100021 3 udp 35545 nlockmgr
100021 4 udp 35545 nlockmgr
100021 1 tcp 46506 nlockmgr
100021 3 tcp 46506 nlockmgr
100021 4 tcp 46506 nlockmgr
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100005 1 udp 688 mountd
100005 1 tcp 691 mountd
100005 2 udp 688 mountd
100005 2 tcp 691 mountd
100005 3 udp 688 mountd
100005 3 tcp 691 mountd
[root@xenserver1-NEW ~]#
验证共享目录:
[root@xenserver1-NEW ~]# showmount -e 127.0.0.1
Export list for 127.0.0.1:
/newvol/vm 192.168.1.233,192.168.1.232
/newvol/iso 192.168.1.0/24
[root@xenserver1-NEW ~]#
但是。。。
[root@xenserver1-NEW ~]# showmount -e 192.168.1.233
mount clntudp_create: RPC: Port mapper failure - RPC: Unable to receive
[root@xenserver1-NEW ~]#
也就是说,nfs只接受本机连接请求。百度了,没找到合适的答案;谷歌了,哎,有了。
《Citrix虚拟化实战:Xenserver共享NFS》
2010-01-27 14:32 | 699次阅读 | 已有0条评论发表评论
CSDN 云计算频道 | 作者:刘文君 | 收藏到我的网摘
地址:http://cloud.csdn.net/a/20100127/258587.html
其中提到
cat /etc/sysconfig/network
NETWORKING=yes
PMAP_ARGS=-l
这个配置说明:portmap只监听本地回环,注释掉即可
真是及时雨,好吧,看看:
[root@xenserver1-NEW ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=xenserver
DNSDEV=xenbr0
GATEWAYDEV=xenbr0
[root@xenserver1-NEW ~]#
没有文中提到的PMAP_ARGS=-l呀,我们来找一找:
[root@xenserver1-NEW ~]# grep "PMAP_ARGS=-l" /etc -R
/etc/sysconfig/portmap:PMAP_ARGS=-l
[root@xenserver1-NEW ~]#
找到了,在配置文件 /etc/sysconfig/portmap 里,把PMAP_ARGS=-l 注释掉。
[root@xenserver1-NEW ~]# vi /etc/sysconfig/portmap
#PMAP_ARGS=-l
重启nfs,portmap:
[root@xenserver1-NEW ~]# service nfs restart
Shutting down NFS mountd: [ OK ]
Shutting down NFS daemon: [ OK ]
Shutting down NFS services: [ OK ]
Starting NFS services: [ OK ]
Starting NFS daemon: [ OK ]
Starting NFS mountd: [ OK ]
[root@xenserver1-NEW ~]#
[root@xenserver1-NEW ~]# service portmap restart
Stopping portmap: [ OK ]
Starting portmap: [ OK ]
[root@xenserver1-NEW ~]#
再验证共享目录:
[root@xenserver1-NEW ~]# showmount -e 127.0.0.1
mount clntudp_create: RPC: Program not registered
[root@xenserver1-NEW ~]# showmount -e 192.168.1.233
mount clntudp_create: RPC: Program not registered
???
再重启一次 nfs,portmap 服务:
[root@xenserver1-NEW ~]# service nfs restart
[root@xenserver1-NEW ~]# service portmap restart
[root@xenserver1-NEW ~]# showmount -e 192.168.1.233
Export list for 192.168.1.233:
/newvol/vm 192.168.1.233,192.168.1.232
/newvol/iso 192.168.1.0/24
[root@xenserver1-NEW ~]#
可以了!
现在从 xenserver2测试一下nfs连接。注意,测试的客户机也必须启动pormap服务,否则会收到mount.nfs: Input/output error,默认是启动的。
[root@xenserver2 ~]# mkdir /mnt/nfsiso
[root@xenserver2 ~]# mkdir /mnt/nfsvm
[root@xenserver2 ~]# mount -t nfs 192.168.1.233:/newvol/iso /mnt/nfsiso
[root@xenserver2 ~]# mount -t nfs 192.168.1.233:/newvol/vm /mnt/nfsvm
测试了一下,/mnt/nfsiso是只读的,/mnt/nfsvm是读写的。
从客户机卸载已挂载的nfs共享:
[root@xenserver2 ~]# umount /mnt/nfsiso
[root@xenserver2 ~]# umount /mnt/nfsvm
再重启服务器一次吧,重启后测试一切正常。
至此,XenServer NFS安装完成了。
重新将xenserver1 加入到资源池中,为资源池指定NFS ISO library(192.168.1.233:/newvol/iso), NFS virtual disk storage(192.168.1.233:/newvol/vm /mnt/nfsvm),并且成功把xenserver2上的虚拟机移动到NFS virtual disk storage 中。
========================================================
排错过程中,找到一个办法是用nmap验证端口状态:
[root@xenserver ]# yum install nmap
[root@xenserver ]#
用nmap验证端口状态:
[root@xenserver1-NEW ~]# nmap 192.168.1.233
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2011-12-20 15:48 CST
Interesting ports on 192.168.1.233:
Not shown: 1673 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
443/tcp open https
600/tcp open ipcserver
690/tcp open unknown
2049/tcp open nfs
Nmap finished: 1 IP address (1 host up) scanned in 1.284 seconds
[root@xenserver1-NEW ~]#
有111/tcp open rpcbind,就说明portmap可以对外服务了,而更改/etc/sysconfig/portmap之前,是没有111/tcp open rpcbind这条的。
========================================================