Linux-08-NFS网络文件系统

NFS(Network File System)网络文件系统，用于在系统之间共享文件使用

由于NFS服务需要RPC(Remote Procedure Call)服务维护NFS服务端与客户端的端口信息，因此在启动NFS之前，要启动RPC服务（Centos5.8下是portmap服务，Centos6.4是rpcbind），否则NFS服务就无法向RPC服务注册。另外，如果RPC服务重启，园原先已经注册好的NFS端口数据就会丢失，因此RPC服务管理的NFS程序也需要重新启动，以便重新向RPC注册。一般修改NFS配置文件后，是不需要重启NFS的，直接在命令行执行/etc/init.d/nfs reload或exportfs -rv即可使修改的/etc/exports生效。

下面我们进行配置

查看系统信息，这里面Centos6-C是NFS客户端，Centos6-S是NFS服务器端

[test@Centos6-C ~]$ cat /etc/redhat-release 
CentOS release 6.10 (Final)
[test@Centos6-C ~]$ uname -r
2.6.32-754.2.1.el6.x86_64
[test@Centos6-C ~]$ uname -m
x86_64

[test@Centos6-S ~]$ cat /etc/redhat-release 
CentOS release 6.10 (Final)
[test@Centos6-S ~]$ uname -r
2.6.32-754.2.1.el6.x86_64
[test@Centos6-S ~]$ uname -m
x86_64
[test@Centos6-S ~]$ un

查看IP地址

[test@Centos6-C ~]$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0C:29:BA:45:99  
          inet addr:2.2.2.6  Bcast:2.2.2.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:feba:4599/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:874 errors:0 dropped:0 overruns:0 frame:0
          TX packets:195 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:62753 (61.2 KiB)  TX bytes:22856 (22.3 KiB)

[test@Centos6-S ~]$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0C:29:CA:07:AA  
          inet addr:2.2.2.5  Bcast:2.2.2.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:feca:7aa/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2554 errors:0 dropped:0 overruns:0 frame:0
          TX packets:202 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:162775 (158.9 KiB)  TX bytes:23378 (22.8 KiB)

查看NFS及RPC软件安装情况

[test@Centos6-C ~]$ rpm -aq nfs-utils portmap rpcbind
nfs-utils-1.2.3-78.el6.x86_64
rpcbind-0.2.0-16.el6.x86_64

[test@Centos6-S ~]$ rpm -aq nfs-utils portmap rpcbind
nfs-utils-1.2.3-78.el6.x86_64
rpcbind-0.2.0-16.el6.x86_64

如果没有安装上述的程序包，可以使用yum源进行安装

[root@CentOS6 ~]# yum install nfs-utils rpcbind -y

 

服务器端：

安装完程序包后我们查看下软件运行状态

[root@CentOS6-S ~]# /etc/init.d/rpcbind status
rpcbind is stopped

服务并没有启动，因为我们之前在做优化的时候并没有让服务随计算机启动

[root@CentOS6-S ~]# chkconfig --list|grep 3:on
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
rsyslog         0:off   1:off   2:on    3:on    4:on    5:on    6:off
sendmail        0:off   1:off   2:on    3:on    4:on    5:on    6:off
sshd            0:off   1:off   2:off   3:on    4:off   5:off   6:off

我们启动rpc服务

[root@CentOS6-S ~]# /etc/init.d/rpcbind start
Starting rpcbind: [  OK  ]

[root@CentOS6-S ~]# /etc/init.d/rpcbind status
rpcbind (pid  1405) is running...

查看rpc服务信息

[root@CentOS6-S ~]# rpcinfo -p localhost
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper

接下来我们看NFS服务状态

[root@CentOS6-S ~]# /etc/init.d/nfs status
rpc.svcgssd is stopped
rpc.mountd is stopped
nfsd is stopped
rpc.rquotad is stopped

启动NFS程序

[root@CentOS6-S ~]# /etc/init.d/nfs start
Starting NFS services:  [  OK  ]
Starting NFS quotas: [  OK  ]
Starting NFS mountd: [  OK  ]
Starting NFS daemon: [  OK  ]
Starting RPC idmapd: [  OK  ]

[root@CentOS6-S ~]# /etc/init.d/nfs status
rpc.svcgssd is stopped
rpc.mountd (pid 1540) is running...
nfsd (pid 1556 1555 1554 1553 1552 1551 1550 1549) is running...
rpc.rquotad (pid 1535) is running...

启动NFS服务后，查看它是否会向rpc服务注册

[root@CentOS6-S ~]# rpcinfo -p localhost
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100011    1   udp    875  rquotad
    100011    2   udp    875  rquotad
    100011    1   tcp    875  rquotad
    100011    2   tcp    875  rquotad
    100005    1   udp  56195  mountd
    100005    1   tcp  37218  mountd
    100005    2   udp  35611  mountd
    100005    2   tcp  55328  mountd
    100005    3   udp  59714  mountd
    100005    3   tcp  56106  mountd
    100003    2   tcp   2049  nfs
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100227    2   tcp   2049  nfs_acl
    100227    3   tcp   2049  nfs_acl
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100003    4   udp   2049  nfs
    100227    2   udp   2049  nfs_acl
    100227    3   udp   2049  nfs_acl
    100021    1   udp  56742  nlockmgr
    100021    3   udp  56742  nlockmgr
    100021    4   udp  56742  nlockmgr
    100021    1   tcp  46117  nlockmgr
    100021    3   tcp  46117  nlockmgr
    100021    4   tcp  46117  nlockmgr

我们查看NFS和RPC进程是否存在

[root@CentOS6-S ~]# ps -ef |egrep "nfs|rpc"
rpc       1405     1  0 16:06 ?        00:00:00 rpcbind
root      1526     2  0 16:09 ?        00:00:00 [rpciod/0]
root      1535     1  0 16:09 ?        00:00:00 rpc.rquotad
root      1540     1  0 16:09 ?        00:00:00 rpc.mountd
root      1547     2  0 16:09 ?        00:00:00 [nfsd4]
root      1548     2  0 16:09 ?        00:00:00 [nfsd4_callbacks]
root      1549     2  0 16:09 ?        00:00:00 [nfsd]
root      1550     2  0 16:09 ?        00:00:00 [nfsd]
root      1551     2  0 16:09 ?        00:00:00 [nfsd]
root      1552     2  0 16:09 ?        00:00:00 [nfsd]
root      1553     2  0 16:09 ?        00:00:00 [nfsd]
root      1554     2  0 16:09 ?        00:00:00 [nfsd]
root      1555     2  0 16:09 ?        00:00:00 [nfsd]
root      1556     2  0 16:09 ?        00:00:00 [nfsd]
root      1587     1  0 16:09 ?        00:00:00 rpc.idmapd
root      1730  1336  0 16:16 pts/0    00:00:00 egrep nfs|rpc

将NFS和RPC服务设置为开机自启动

[root@CentOS6-S ~]# chkconfig nfs on
[root@CentOS6-S ~]# chkconfig rpcbind on

[root@CentOS6-S ~]# chkconfig --list|grep 3:on
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
nfs             0:off   1:off   2:on    3:on    4:on    5:on    6:off
rpcbind         0:off   1:off   2:on    3:on    4:on    5:on    6:off
rsyslog         0:off   1:off   2:on    3:on    4:on    5:on    6:off
sendmail        0:off   1:off   2:on    3:on    4:on    5:on    6:off
sshd            0:off   1:off   2:off   3:on    4:off   5:off   6:off

我们将这两个服务的期的启动命令放到配置文件中，严格控制两个服务的启动顺序

[root@CentOS6-S ~]# vi /etc/rc.local 

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local
#NFS and RPC services config by test 20180910
/etc/init.d/rpcbind start
/etc/init.d/nfs start
~
~
~
~
~

修改后检查配置是否正确

[root@CentOS6-S ~]# tail -3 /etc/rc.local 
#NFS and RPC services config by test 20180910
/etc/init.d/rpcbind start
/etc/init.d/nfs start
[root@CentOS6-S ~]# 

服务正常启动后，我们开始配置NFS服务

首先查看下配置文件

[root@CentOS6-S ~]# cat /etc/exports 

创建需要共享的目录

[root@CentOS6-S /]# mkdir /data/share -p

 

编辑exports文件

[root@CentOS6-S /]# vi /etc/exports 

#NFS confiure for share directory by test 20180919
/data/share 2.2.2.0/24(rw,sync)

配置文件中配置表示：共享/data/share目录，并对2.2.2.0网段（3字节掩码）开放，有读写权限，并且同步到磁盘（防止由于断电导致数据丢失）

重新加载配置文件（这里我们不重启服务）

[root@CentOS6-S ~]# /etc/init.d/nfs reload

服务器端我们配置好了，下面配置客户端

配置RPC服务

[root@CentOS6-C ~]# /etc/init.d/rpcbind start
[root@CentOS6-C ~]# chkconfig rpcbind on

[root@CentOS6-C ~]# vi /etc/rc.local 

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local
#NFS configure by test 20180910
/etc/init.d/rpcbind start
~
~

[root@CentOS6-C ~]# chkconfig --list rpcbind
rpcbind         0:off   1:off   2:on    3:on    4:on    5:on    6:off

客户端我们就配置好了，接下来我们查看挂载权限

查看服务器端IP

[test@CentOS6-S ~]$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0C:29:CA:07:AA  
          inet addr:2.2.2.5  Bcast:2.2.2.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:feca:7aa/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6007 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1326 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:454997 (444.3 KiB)  TX bytes:143527 (140.1 KiB)

 客户端机器查看

[root@CentOS6-C ~]# showmount -e 2.2.2.5
Export list for 2.2.2.5:
/data/share 2.2.2.0/24

查询到了以后我们挂载到/mnt下

[root@CentOS6-C ~]# mount -t nfs 2.2.2.5:/data/share /mnt

[root@CentOS6-C ~]# df -h
Filesystem           Size  Used Avail Use% Mounted on
/dev/sda3            7.1G  2.1G  4.7G  32% /
tmpfs                937M     0  937M   0% /dev/shm
/dev/sda1            190M   65M  115M  37% /boot
2.2.2.5:/data/share  7.1G  2.1G  4.7G  32% /mnt

 在服务器端目录下新建文件

[root@CentOS6-S ~]# touch /data/share/test.txt

在客户端机器上查看

[root@CentOS6-C ~]# ls /mnt
test.txt

默认情况下，客户端在登录NFS服务器时是以nfsnobody身份登录到NFS服务器上的

[root@CentOS6-S share]# grep nfsnobody /etc/passwd
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin

我们在服务器端将权限放大，在客户端创建文件后再看一下权限

[root@CentOS6-S share]# ls -ld /data/share
drwxr-xr-x 2 root root 4096 Sep 10 18:43 /data/share

[root@CentOS6-S share]# chmod o+w /data/share
[root@CentOS6-S share]# 
[root@CentOS6-S share]# ls -ld /data/share
drwxr-xrwx 2 root root 4096 Sep 10 18:43 /data/share

在客户端机器删除新建文件

[root@CentOS6-C ~]# cd /mnt
[root@CentOS6-C mnt]# ll
total 0
-rw-r--r-- 1 root root 0 Sep 10 18:43 test.txt

[root@CentOS6-C mnt]# rm -f test.txt 

[root@CentOS6-C mnt]# touch test.txt
[root@CentOS6-C mnt]# ll
total 0
-rw-r--r-- 1 nfsnobody nfsnobody 0 Sep 10 18:55 test.txt

在服务器端查看完整权限信息

[root@CentOS6-S share]# cat /var/lib/nfs/etab 
/data/share     2.2.2.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,no_all_squash,no_subtree_check,secure_locks,acl,anonuid=65534,anongid=65534,sec=sys,rw,root_squash,no_all_squash)