网络文件系统可以实现存储分离
1、windows文件共享
windows文件共享不做演示
2、如何在linux里访问windows文件共享?
[root@localhost ~]# dnf install samba-client -y 安装客户端
[root@localhost ~]# smbclient -L //172.25.254.94 -U administrator
windows用户为administrator -L表示列出目标主机共享资源
[root@localhost ~]# smbclient //172.25.254.94/westos -U administrator 访问共享目录
3、samba服务的安装及启用
linux共享文件系统的协议叫cifs
windows共享文件系统的协议叫smb
如何用linux将文件共享出去
[root@westos_storage ~]# dnf install samba samba-common.noarch samba-client.x86_64 -y 在服务器上安装 服务主题,服务配置文件,客户端
[root@westos_storage ~]# systemctl enable --now smb.service 启动服务
Created symlink /etc/systemd/system/multi-user.target.wants/smb.service → /usr/lib/systemd/system/smb.service.
[root@westos_storage ~]# firewall-cmd --permanent --add-service=samba
success
[root@westos_storage ~]# firewall-cmd --reload
success
[root@westos_storage ~]# smbclient -L //172.25.254.100 访问列出资源
Enter SAMBA\root's password: 因为没有设置密码直接回车
Anonymous login successful
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
IPC$ IPC IPC Service (Samba 4.11.2)
SMB1 disabled -- no workgroup available
4、smb账号的添加
[root@westos_storage ~]# smbpasswd -a westos 添加smb账号 ,-a表示添加, westos必须是在samb服务器真实存在的用户
New SMB password: samb密码是独立的密码和系统用户westos密码无关
Retype new SMB password:
Added user westos.
[root@westos_storage ~]# id lee 系统中lee用户不存在,需要添加lee用户,才能添加samb账号
id: ‘lee’: no such user
[root@westos_storage ~]# useradd -s /sbin/nologin lee -M 添加lee用户
[root@westos_storage ~]# smbpasswd -a lee 添加smb账号
New SMB password:
Retype new SMB password:
Added user lee.
[root@westos_storage ~]# pdbedit -L 查看samb用户列表
westos:1000:westos
lee:1001:
[root@westos_storage ~]# pdbedit -x lee 删除samb用户
[root@westos_storage ~]# pdbedit -L
westos:1000:westos
[root@westos_storage ~]# smbclient -L //172.25.254.100 -U westos samb用户的访问
Enter SAMBA\westos's password:
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
IPC$ IPC IPC Service (Samba 4.11.2)
westos Disk Home Directories
SMB1 disabled -- no workgroup available
[root@westos_storage ~]# smbclient //172.25.254.100/westos -U westos 访问samb用户里面的资源
Enter SAMBA\westos's password:
Try "help" to get a list of possible commands.
smb: \>
5.samba服务中对于selinux属性的调试
[root@westos_storage ~]# cd /etc/samba/ samb服务的配置目录
[root@westos_storage samba]# ls
lmhosts smb.conf (主配置文件) smb.conf.example(配置文件模板)
[root@westos_storage samba]# cp -p smb.conf.example smb.conf 用配置文件模板将配置文件覆盖,重新生成配置文件
cp: overwrite 'smb.conf'? y
问题:samb用户不能浏览自己的家目录,如何让samb用户浏览自己的家目录
[root@westos_storage samba]# smbclient -L //172.25.254.100 -U westos
Enter MYGROUP\westos's password:
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba Server Version 4.11.2)
westos Disk Home Directories
SMB1 disabled -- no workgroup available
[root@westos_storage samba]# smbclient //172.25.254.100/westos -U westos
Enter MYGROUP\westos's password:
Try "help" to get a list of possible commands.
smb: \> ls
NT_STATUS_ACCESS_DENIED listing \* 报错,因为selinux影响,samb用户不能浏览自己的家目录
[root@westos_storage ~]# vim /etc/samba/smb.conf 查看配置文件
[root@westos_storage samba]# setsebool -P samba_enable_home_dirs on 调整selinux 中smb的波尔直,使用户可以访问家目录
[root@westos_storage samba]# smbclient //172.25.254.100/westos -U westos 调整完毕之后就samb用户可以访问自己家目录
Enter MYGROUP\westos's password:
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Sat Aug 28 10:17:40 2021
.. D 0 Sat Aug 28 10:15:07 2021
.mozilla DH 0 Sat Aug 28 10:00:56 2021
.bash_logout H 18 Fri Aug 30 13:30:21 2019
.bash_profile H 141 Fri Aug 30 13:30:21 2019
.bashrc H 312 Fri Aug 30 13:30:21 2019
.config DH 0 Sat Aug 28 10:21:42 2021
.esd_auth H 16 Sat Aug 28 10:17:36 2021
.ICEauthority H 310 Sat Aug 28 10:17:37 2021
.local DH 0 Sat Aug 28 10:17:37 2021
.cache DH 0 Sat Aug 28 10:21:31 2021
Desktop D 0 Sat Aug 28 10:17:40 2021
Downloads D 0 Sat Aug 28 10:17:40 2021
Templates D 0 Sat Aug 28 10:17:40 2021
Public D 0 Sat Aug 28 10:17:40 2021
Documents D 0 Sat Aug 28 10:17:40 2021
Music D 0 Sat Aug 28 10:17:40 2021
Pictures D 0 Sat Aug 28 10:17:40 2021
Videos D 0 Sat Aug 28 10:17:40 2021
.pki DH 0 Sat Aug 28 10:17:40 2021
7353344 blocks of size 1024. 2947592 blocks available
问题 :samb用户如何共享自己的目录?
[root@westos_storage samba]# mkdir /westos_share 建立文件
[root@westos_storage samba]# ls -ld /westos_share/ 查看权限,对谁可写
drwxr-xr-x. 2 root root 6 Nov 3 11:19 /westos_share/
[root@westos_storage samba]# vim /etc/samba/smb.conf 编辑配置文件,在配置文件最后添加如下参数
314 [westos_share] 共享名词
315 comment = westos share 共享说明
316 path = /westos_share 指定共享的本机目录
[root@westos_storage samba]# systemctl restart smb.service 重启samb服务
[root@westos_storage samba]# smbclient -L //172.25.254.100 -U westos 访问
Enter MYGROUP\westos's password:
Sharename Type Comment
--------- ---- -------
westos_share Disk westos share 共享目录已经出现
IPC$ IPC IPC Service (Samba Server Version 4.11.2)
westos Disk Home Directories
SMB1 disabled -- no workgroup available
root@westos_storage samba]# touch /westos_share/westosfile{1..3} 在共享路径里建立三个共享目录
[root@westos_storage samba]# smbclient //172.25.254.100/westos_share -U westos 访问
Enter MYGROUP\westos's password:
Try "help" to get a list of possible commands.
smb: \> ls
NT_STATUS_ACCESS_DENIED listing \* 报错,如何解决查看配置文件
[root@westos_storage samba]# vim /etc/samba/smb.conf
[root@westos_storage samba]# semanage fcontext -a -t samba_share_t '/westos_share(/.*)?' 修改安全上下文
[root@westos_storage samba]# restorecon -RvvF /westos_share/ 刷新
[root@westos_storage samba]# smbclient //172.25.254.100/westos_share -U westos 访问
Enter MYGROUP\westos's password:
Try "help" to get a list of possible commands. 里面的内容就可以看了
smb: \> ls
. D 0 Wed Nov 3 11:31:10 2021
.. D 0 Wed Nov 3 11:19:33 2021
westosfile1 N 0 Wed Nov 3 11:31:10 2021
westosfile2 N 0 Wed Nov 3 11:31:10 2021
westosfile3 N 0 Wed Nov 3 11:31:10 2021
7353344 blocks of size 1024. 2947696 blocks available
如何共享系统目录?
[root@westos_storage samba]# vim /etc/samba/smb.conf 编辑配置文件,在配置文件最后添加如下参数
321 [etc]
322 comment = etc dir
323 path = /etc
[root@westos_storage samba]# systemctl restart smb.service 重启服务
[root@westos_storage samba]# smbclient -L //172.25.254.100 -U westos 访问
Enter MYGROUP\westos's password:
Sharename Type Comment
--------- ---- -------
westos_share Disk westos share
etc Disk etc dir /etc目录被共享成功
IPC$ IPC IPC Service (Samba Server Version 4.11.2)
westos Disk Home Directories
SMB1 disabled -- no workgroup available
[root@westos_storage samba]# smbclient //172.25.254.100/etc -U westos 访问/etc
Enter MYGROUP\westos's password:
Try "help" to get a list of possible commands. /etc里面的内容可以被访问
smb: \> ls
. D 0 Wed Nov 3 09:58:45 2021
.. D 0 Wed Nov 3 11:19:33 2021
mtab N 0 Wed Nov 3 15:06:31 2021
fstab N 615 Sat Aug 28 09:58:52 2021
crypttab N 0 Sat Aug 28 09:58:52 2021
dnf D 0 Sat Aug 28 10:01:01 2021
fonts D 0 Sat Aug 28 10:03:30 2021
libreport D 0 Sat Aug 28 10:04:21 2021
skel D 0 Sat Aug 28 10:01:35 2021
logrotate.d D 0 Sat Aug 28 10:09:14 2021
X11 D 0 Sat Aug 28 10:06:18 2021
如果在selinux影响下系统目录里面文件不能被访问,该怎么办?
[root@westos_storage samba]# getsebool -a | grep samba
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> on
samba_export_all_ro --> off 将这个功能改为on打开 ,表示selinux将不再对samba服务访问安全上下文进行读限制
samba_export_all_rw --> off 表示selinux将不再对samba服务访问安全上下文写进行限制
samba_load_libgfapi --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
tmpreaper_use_samba --> off
use_samba_home_dirs --> off
virt_use_samba --> off
[root@westos_storage samba]# setsebool -P samba_export_all_ro on 表示打开读的功能
[root@westos_storage samba]# setsebool -P samba_export_all_rw on 表示打开写的功能
6、samba服务中的常用参数剖析
访问控制:白名单(全局)
root@westos_storage samba]# vim /etc/samba/smb.conf 编辑配置文件
89,90行为全局访问控制,可以在90行之后直接添加访问控制
91 hosts allow = 172.25.254.200 表示只允许200主机来访问当前的samb服务器 ,此位置设定的访问控制为全局访问控制,影响本samb服务器的所有共享
root@westos_storage samba]# systemctl restart smb.service 重启服务
[root@localhost ~]# smbclient -L //172.25.254.100 在200主机上访问samb服务器
Enter SAMBA\root's password:
Anonymous login successful 允许访问可以查看
Sharename Type Comment
--------- ---- -------
westos_share Disk westos share
etc Disk etc dir
IPC$ IPC IPC Service (Samba Server Version 4.11.2)
SMB1 disabled -- no workgroup available
[root@westos_storage samba]# vim /etc/samba/smb.conf 编辑配置文件
hosts allow = 172.25.254.200 172.25.254.250 可以允许多个主机访问,中间用空格隔开
访问控制:黑名单(全局)
[root@westos_storage samba]# vim /etc/samba/smb.conf
hosts deny = 172.25.254.200 90行之后添加,表示拒绝200主机访问samba服务器, 此位置设定的访问控制为全局访问控制,影响本samb服务器的所有共享
[root@westos_storage samba]# systemctl restart smb.service 重启服务
[root@localhost ~]# smbclient -L //172.25.254.100 访问
protocol negotiation failed: NT_STATUS_INVALID_NETWORK_RESPONSE 访问被拒绝
如何让200主机,对某个samb服务器共享??
[root@westos_storage samba]# vim /etc/samba/smb.conf 添加,编辑配置文件
317 [westos_share]
318 comment = westos share
319 path = /westos_share
320 hosts allow =172.25.254.200 表示westos_share共享只能允许200主机访问,此访问设定只针对westos_share生效
[root@westos_storage samba]# systemctl restart smb.service 重启
[root@foundation50 Desktop]# smbclient //172.25.254.100/westos_share -U westos 在50主机上访问westos_share共享
Enter SAMBA\westos's password:
tree connect failed: NT_STATUS_ACCESS_DENIED 被拒绝
[root@localhost ~]# smbclient //172.25.254.100/westos_share -U westos 200主机访问westos_share共享
Enter SAMBA\westos's password:
Try "help" to get a list of possible commands. 可以访问
smb: \> ls
. D 0 Wed Nov 3 11:31:10 2021
.. D 0 Wed Nov 3 11:19:33 2021
westosfile1 N 0 Wed Nov 3 11:31:10 2021
westosfile2 N 0 Wed Nov 3 11:31:10 2021
westosfile3 N 0 Wed Nov 3 11:31:10 2021
7353344 blocks of size 1024. 2947624 blocks available
如何让共享隐藏起来??
[root@westos_storage samba]# vim /etc/samba/smb.conf 添加,编辑配置文件
317 [westos_share]
318 comment = westos share
319 path = /westos_share
320 browseable = no 表示可以共享但是列不出来 ,隐藏共享目录
[root@localhost ~]# smbclient -L //172.25.254.100 -U westos 访问列出资源时,可以发现westos_share被硬藏
Enter SAMBA\westos's password:
Sharename Type Comment
--------- ---- -------
etc Disk etc dir
IPC$ IPC IPC Service (Samba Server Version 4.11.2)
westos Disk Home Directories
SMB1 disabled -- no workgroup available
[root@westos_storage samba]# vim /etc/samba/smb.conf 添加,编辑配置文件
317 [westos_share]
318 comment = westos share
319 path = /westos_share
320 browseable = yes 表示列出共享资源列表时显示共享资源
[root@localhost ~]# smbclient -L //172.25.254.100 -U westos 访问列出资源
Enter SAMBA\westos's password:
Sharename Type Comment
--------- ---- -------
westos_share Disk westos share 显示
etc Disk etc dir
IPC$ IPC IPC Service (Samba Server Version 4.11.2)
westos Disk Home Directories
SMB1 disabled -- no workgroup available
[root@westos_storage samba]# vim /etc/samba/smb.conf 添加配置文件
317 [westos_share]
318 comment = westos share
319 path = /westos_share
320 browseable = yes
321 valid users = westos 此共享只能通过samba用户westos登陆
[root@westos_storage samba]# systemctl restart smb.service
[root@localhost ~]# smbclient //172.25.254.100/westos_share -U westos westos用户可以被访问westos_share共享
Enter SAMBA\westos's password:
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Wed Nov 3 11:31:10 2021
.. D 0 Wed Nov 3 11:19:33 2021
westosfile1 N 0 Wed Nov 3 11:31:10 2021
westosfile2 N 0 Wed Nov 3 11:31:10 2021
westosfile3 N 0 Wed Nov 3 11:31:10 2021
7353344 blocks of size 1024. 2947156 blocks available
[root@localhost ~]# smbclient //172.25.254.100/westos_share -U lee lee用户不可以访问westos_share共享
Enter SAMBA\lee's password:
session setup failed: NT_STATUS_LOGON_FAILURE
如何让westos组中的成员可以使用此共享??
[root@westos_storage samba]# vim /etc/samba/smb.conf 添加配置文件
317 [westos_share]
318 comment = westos share
319 path = /westos_share
320 browseable = yes
321 valid users = @westos @或者+表示westos组中的成员可以使用此共享
[root@westos_storage ~]# id lee 可以看出lee 不是westos组成员
uid=1001(lee) gid=1001(lee) groups=1001(lee)
[root@westos_storage ~]# id westos
uid=1000(westos) gid=1000(westos) groups=1000(westos)
[root@localhost~]# smbclient //172.25.254.100/westos_share -U lee lee不是westos组成员,所以不能访问共享
Enter MYGROUP\lee's password:
session setup failed: NT_STATUS_LOGON_FAILURE
[root@westos_storage ~]# usermod -G westos lee 将lee用户添加成westos的组成员
[root@localhost ~]# smbclient //172.25.254.100/westos_share -U lee lee访问此共享
Enter SAMBA\westos's password:
Try "help" to get a list of possible commands. 可以访问
smb: \> ls
. D 0 Wed Nov 3 11:31:10 2021
.. D 0 Wed Nov 3 11:19:33 2021
westosfile1 N 0 Wed Nov 3 11:31:10 2021
westosfile2 N 0 Wed Nov 3 11:31:10 2021
westosfile3 N 0 Wed Nov 3 11:31:10 2021
如何让westos_share以读写的权限共享?
[root@westos_storage ~]# ls -ld /westos_share/
drwxr-xr-x. 2 root root 63 Nov 3 11:31 /westos_share/
[root@westos_storage ~]# chmod 777 /westos_share/ 在文件层面指定目录为满权限对于所有用户都可以写入
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=lee,password=westos 挂载samba共享资源到测试主机mnt目录中,挂载之后在测试主机/mnt目录中建立文件真实存储文件的位置为samba共享服务器共享出来的westos_share
[root@localhost ~]# touch /mnt/file 虽然给westos_share满权限
touch: cannot touch '/mnt/file': Permission denied 但是无法建立文件,因为在samb中设置了共享的westos_share文件不是以写的方式共享出来的
[root@localhost ~]# umount /mnt 卸载掉
[root@westos_storage ~]# vim /etc/samba/smb.conf 添加,编辑配置文件
317 [westos_share]
318 comment = westos share
319 path = /westos_share
320 browseable = yes
322 writable = yes 表示westos_share以读写方式共享
[root@westos_storage ~]# systemctl restart smb.service 重启系统
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=lee,password=westos 冲向将共享挂载到mnt里面
[root@localhost ~]# touch /mnt/file 现在就可以建立文件了
[root@westos_storage ~]# ls -l /westos_share/ 可以看出共享文件里已经有file文件
total 0
-rwxr--r--. 1 lee lee 0 Nov 3 22:55 file
-rw-r--r--. 1 root root 0 Nov 3 11:31 westosfile1
-rw-r--r--. 1 root root 0 Nov 3 11:31 westosfile2
-rw-r--r--. 1 root root 0 Nov 3 11:31 westosfile3
如何对于谁可写,谁不可写??
[root@westos_storage ~]# vim /etc/samba/smb.conf 添加,编辑配置文件
318 comment = westos share
319 path = /westos_share
320 browseable = yes
323 write list = lee 表示共享对lee可写
[root@westos_storage ~]# systemctl restart smb.service
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=lee,password=westos 用westos用户登陆samba共享目录,
[root@localhost ~]# touch /mnt/file1 可以建立文件,可以实现写的功能
[root@localhost ~]# umount /mnt 卸载
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=westos,password=westos 用westos用户登陆samba共享目录
[root@localhost ~]# touch /mnt/file2
touch: cannot touch '/mnt/file2': Permission denied 被拒绝,不能实现写的功能
如何对lee组成员可写??
[root@westos_storage ~]# vim /etc/samba/smb.conf 添加,编辑配置文件
317 [westos_share]
318 comment = westos share
319 path = /westos_share
320 browseable = yes
323 write list = +lee 表示对lee组成员可写
[root@westos_storage ~]# systemctl restart smb.service 重启服务
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=westos,password=westos 用westos用户登陆samba共享目录
[root@localhost mnt]# touch /mnt/file1 被拒绝不能实现写的功能,因为westos不是lee的组成员
touch: cannot touch '/mnt/file1': Permission denied
[root@localhost mnt]# usermod -G lee westos 通过设定westos被添加到lee用户的组中
[root@localhost mnt]# id westos
uid=1000(westos) gid=1000(westos) groups=1000(westos),1001(lee)
root@localhost mnt]# touch /mnt/file4 可以建立文件,有写的功能
如何让共享目录对匿名用户访问??
[root@localhost mnt]# smbclient //172.25.254.100/westos_share 匿名用户访问
Enter SAMBA\root's password:
Anonymous login successful
tree connect failed: NT_STATUS_ACCESS_DENIED 默认情况下匿名用户不能使用samba共享资源
[root@westos_storage ~]# vim /etc/samba/smb.conf 添加,编辑配置文件
119 map to guest = bad user 添加,把没有用户身份的用户都影射为guest账号
317 [westos_share]
318 comment = westos share
319 path = /westos_share
320 browseable = yes
324 guest ok = yes 添加 ,表示此共享允许guest用户访问
[root@localhost mnt]# smbclient //172.25.254.100/westos_share 没有指定用户,就是匿名用户访问
Enter SAMBA\root's password:
Try "help" to get a list of possible commands.
smb: \> ls 可以访问
. D 0 Thu Nov 4 11:05:49 2021
.. D 0 Wed Nov 3 11:19:33 2021
westosfile1 N 0 Wed Nov 3 11:31:10 2021
westosfile2 N 0 Wed Nov 3 11:31:10 2021
westosfile3 N 0 Wed Nov 3 11:31:10 2021
file A 0 Wed Nov 3 22:55:11 2021
file1 A 0 Wed Nov 3 23:07:27 2021
file4 A 0 Thu Nov 4 11:05:50 2021
7353344 blocks of size 1024. 2940808 blocks available
[root@localhost mnt]# mount //172.25.254.100/westos_share /mnt/ -o username=guest 匿名用户的挂载
7、samba服务与客户端的资源挂载优化
[root@localhost mnt]# mount //172.25.254.100/westos_share /mnt/ -o username=guest
如果用手动挂载samba共享目录到客户端的某个目录,当没有向服务器中写入数据或浏览数据时这个挂载依然存在,
那么在闲置时依然使用服务器,这就是浪费资源,我们现在设定客户端使用时自动挂载,不使用时自动卸载,
这样才能最大化利用服务器
[root@localhost ~]# dnf install autofs -y 在客户端安装autofs实现自动挂载和卸载
[root@localhost ~]# vim /etc/auto.master 编写挂载策略文件,添加参数
/westos (最终挂载点的上层目录) /etc/auto.share (子挂载策略文件,此文件名称子定义,并且在系统中默认不存在)
[root@localhost ~]# vim /etc/auto.share 编辑子挂载策略文件
samba -fstype=cifs,username=westos,password=westos ://172.25.254.100/westos_share
samba表示最终挂在点的相对路径
-fstype 挂载资源的文件系统类型
username表示使用samba用户的名称
passwd表示该用户的密码
://172.25.254.100/westos_share 表示挂载服务器上的资源共享
[root@localhost ~]# systemctl enable --now autofs.service 启动服务
Created symlink /etc/systemd/system/multi-user.target.wants/autofs.service → /usr/lib/systemd/system/autofs.service.
[root@localhost westos]# cd /westos/samba 进入以挂载目录
[root@localhost samba]# ls
file file1 file4 westosfile1 westosfile2 westosfile3
[root@localhost samba]# df
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 907616 0 907616 0% /dev
tmpfs 935412 0 935412 0% /dev/shm
tmpfs 935412 9388 926024 2% /run
tmpfs 935412 0 935412 0% /sys/fs/cgroup
/dev/vda3 7353344 4401360 2951984 60% /
/dev/vda1 506528 218600 287928 44% /boot
tmpfs 187080 1180 185900 1% /run/user/42
tmpfs 187080 4 187076 1% /run/user/0
//172.25.254.100/westos_share 7353344 4411876 2941468 60% /westos/samba 已经自动挂载
[root@localhost samba]# cd 退出samba目录,过300秒自动取消挂载,如果不想等300秒这么久,
[root@localhost ~]# vim /etc/autofs.conf 编辑autofs.conf主配置文件
timeout = 5 将300秒更改5秒,表示挂载资源在5秒以上无任何使用那么自动卸载,默认300秒
[root@localhost ~]# systemctl restart autofs.service 重启服务
[root@localhost ~]# df 没有挂载
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 907616 0 907616 0% /dev
tmpfs 935412 0 935412 0% /dev/shm
tmpfs 935412 9388 926024 2% /run
tmpfs 935412 0 935412 0% /sys/fs/cgroup
/dev/vda3 7353344 4401364 2951980 60% /
/dev/vda1 506528 218600 287928 44% /boot
tmpfs 187080 1180 185900 1% /run/user/42
tmpfs 187080 4 187076 1% /run/user/0
[root@localhost ~]# cd /westos/samba 进入挂载目录,自动挂载
[root@localhost samba]# df
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 907616 0 907616 0% /dev
tmpfs 935412 0 935412 0% /dev/shm
tmpfs 935412 9388 926024 2% /run
tmpfs 935412 0 935412 0% /sys/fs/cgroup
/dev/vda3 7353344 4401364 2951980 60% /
/dev/vda1 506528 218600 287928 44% /boot
tmpfs 187080 1180 185900 1% /run/user/42
tmpfs 187080 4 187076 1% /run/user/0
//172.25.254.100/westos_share 7353344 4411896 2941448 60% /westos/samba
[root@localhost samba]# cd 退出目录i
[root@localhost ~]# df 5秒后自动卸载
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 907616 0 907616 0% /dev
tmpfs 935412 0 935412 0% /dev/shm
tmpfs 935412 9388 926024 2% /run
tmpfs 935412 0 935412 0% /sys/fs/cgroup
/dev/vda3 7353344 4401364 2951980 60% /
/dev/vda1 506528 218600 287928 44% /boot
tmpfs 187080 1180 185900 1% /run/user/42
tmpfs 187080 4 187076 1% /run/user/0
8、samba服务的多用户挂载
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=lee,password=westos
在客户端root用户用自己的samba账户挂载了服务器资源,自己是可以浏览和使用的
[root@localhost ~]# ls /mnt/
file file1 file4 westosfile1 westosfile2 westosfile3
[root@localhost ~]# su -- westos
[westos@localhost root]$ ls /mnt/ 客户端westos用户没有通过任何samba认证,也可以浏览samba服务器上的资源,这样客户端就出现了很严重的越级漏洞
file file1 file4 westosfile1 westosfile2 westosfile3
如何让只能通过samba认证才能看资源了??
当用户挂载smb资源时需要书写账号密码如果直接书写那么账号密码可以通过历史被其他人看到所以我 们写到文件中并设定安全权限
[root@localhost ~]# dnf install cifs-utils -y 安装多用户认证安全插件
[root@localhost ~]# man mount.cifs 查看安全插件的用法
[root@localhost ~]# vim /root/smbpass 建立文件
username=lee 添加账号和密码
password=westos
[root@localhost ~]# chmod 600 /root/smbpass 只给自己读写权限,别人看不了
[root@localhost ~]# mount -o credentials=/root/smbpass //172.25.254.100/westos_share /mnt/ 用credentials此参数指定密码文件后密码就被隐藏起来了
[root@localhost ~]# [root@localhost ~]# mount -o credentials=/root/smbpass,multiuser //172.25.254.100/westos_share /mnt/ multiuser表示多用户认证,当添加此参数,没用通过认证的用户是不可以访问samb上的资源
[root@localhost ~]# su -- westos westos用户没有通过samba用户认证不能查看资源
[westos@localhost root]$ ls /mnt
ls: cannot access '/mnt': Permission denied
[root@localhost ~]# mount -o credentials=/root/smbpass,multiuser,sec=ntlmssp //172.25.254.100/westos_share /mnt/ sec=ntlmssp 表示其他用户使用到的认证方式
[westos@localhost root]$ ls /mnt westos用户不能访问共享资源
ls: cannot access '/mnt': Permission denied
[westos@localhost ~]$ cifscreds add -u westos 172.25.254.100 添加westos能共享资源
password: 输入密码
如果输错密码,则执行cifscreds clearall,再次执行cifscreds add -u westos 172.25.254.100 操作
9、nfs的简介和启用
nfs:实现linux与linux,unix与linux,之间的文件共享
nfs启用:
[root@westos_storage ~]# dnf install nfs-utils.x86_64 -y 安装, 客户端和服务端都是此安装包
[root@westos_storage ~]# systemctl enable --now nfs-server.service 启动服务
Created symlink /etc/systemd/system/multi-user.target.wants/nfs-server.service → /usr/lib/systemd/system/nfs-server.service.
nfs的 端口是2049
[root@westos_storage ~]# netstat -antlupe | grep 2049
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN 0 43220 -
tcp6 0 0 :::2049 :::* LISTEN 0 43231 -
[root@localhost ~]# showmount -e 172.25.254.100 列出nfs服务器中的共享资源
clnt_create: RPC: Unable to receive 报错
[root@westos_storage ~]# firewall-cmd --permanent --add-service=nfs
success
[root@westos_storage ~]# firewall-cmd --reload
success
[root@westos_storage ~]# firewall-cmd --permanent --add-service=rpc-bind rpc-bind 作用是给访问请求分配一个端口
success
[root@westos_storage ~]# firewall-cmd --permanent --add-service=mountd mountd控制共享目录的程序
success
[root@westos_storage ~]# firewall-cmd --reload
success
[root@localhost ~]# showmount -e 172.25.254.100 可以访问了
Export list for 172.25.254.100:
共享原理图:
10、nfs共享目录及客户端使用方法
[root@westos_storage ~]# mkdir /westosdir 服务器上建立共享目录
[root@westos_storage ~]# ls -ld /westosdir/
drwxr-xr-x. 2 root root 6 Nov 6 10:49 /westosdir/
[root@westos_storage ~]# chmod 777 /westosdir/ 设定共享权限,设置为777目的是为了实验效果
[root@westos_storage ~]# vim /etc/exports 编辑共享策略文件
/westosdir *(ro,sync) 表示: 只读共享,并在数据真实发生改变后才同步数据到nfs共享目录
sync表示更改生成后同步到服务器, async表示时时同步到服务器 ,ro表示只读,rw表示读写
[root@westos_storage ~]# exportfs -rv 表示使共享策略生效
exporting *:/westosdir
[root@localhost ~]# showmount -e 172.25.254.100 在客户端可以查看到共享
Export list for 172.25.254.100:
/westosdir *
[root@localhost ~]# mount 172.25.254.100:/westosdir /mnt/ 挂载,共享资源的使用方式
[root@westos_storage ~]# touch /westosdir/westosfile{1..3} 在服务器共享 目录里建立文件
[root@localhost ~]# ls /mnt/ 客户端就可以查看
westosfile1 westosfile2 westosfile3
[root@westos_storage ~]# man 5 exports 共享策略方式书写查看
[root@westos_storage ~]# vim /etc/exports 添加,编辑策略文件
1 /westosdir *(ro,sync)
2 /westosdir 172.25.254.200(rw,sync) 1或2表示对于除200主机以外的人只读共享,对于200主机读写
[root@westos_storage ~]# exportfs -rv 重启策略
exporting 172.25.254.200:/westosdir
exporting *:/westosdir
同样也可以如下书写方式:
1 /westosdir *(ro,sync) 172.25.254.200(rw,sync) 同样表示对除200以外的主机共享,对200主机读写
[root@westos_storage ~]# exportfs -rv 重启策略,一样的效果
exporting 172.25.254.200:/westosdir
exporting *:/westosdir
也可以对某个网段可以读写;
1 /westosdir *(ro,sync) 172.25.254.0/24(rw,sync)
[root@localhost ~]# mount 172.25.254.100://westosdir /mnt/ 挂载,当客户端挂载到本地目录后,使用到的用户身份是服务器上的nobody
[root@localhost ~]# touch /mnt/westosfile4 可以建立
[root@westos_storage ~]# ls -l /westosdir/ 在客户端查看
total 0
-rw-r--r--. 1 root root 0 Nov 6 11:13 westosfile1
-rw-r--r--. 1 root root 0 Nov 6 11:13 westosfile2
-rw-r--r--. 1 root root 0 Nov 6 11:13 westosfile3
-rw-r--r--. 1 nobody nobody 0 Nov 6 11:46 westosfile4 用户身份nodbody
如何更改用户身份
[root@westos_storage ~]# vim /etc/exports 编辑策略文件
1 /westosdir *(ro,sync) 172.25.254.200(rw,sync,anonuid=1000,anongid=1000) 指定客户端在挂载时使用的用户为100,不是默认的nobody
exporting 172.25.254.200:/westosdir
exporting *:/westosdir
[root@localhost ~]# umount /mnt 之前的挂载卸载掉
[root@localhost ~]# mount 172.25.254.100://westosdir /mnt/ 重新挂载
[root@localhost ~]# touch /mnt/westosfile5 建立文件
[root@westos_storage ~]# ls -l /westosdir/
total 0
-rw-r--r--. 1 root root 0 Nov 6 11:13 westosfile1
-rw-r--r--. 1 root root 0 Nov 6 11:13 westosfile2
-rw-r--r--. 1 root root 0 Nov 6 11:13 westosfile3
-rw-r--r--. 1 westos westos 0 Nov 6 12:22 westosfile5 可以看出建立的文件用户就变成westos了
默认情况下客户端用的是超级用户挂载,所到服务器中用户身份会转成nobody,如何延用超级用户身份了?
[root@westos_storage ~]# vim /etc/exports 编辑策略文件
1 /westosdir *(ro,sync) 172.25.254.200(rw,sync,no_root_squash) no_root_squash表示:客户端使用超级用户身份进行nfs资源挂载后延用自己的root身份到服务器中
[root@westos_storage ~]# exportfs -rv 重启策略
exporting 172.25.254.200:/westosdir
exporting *:/westosdir
[root@localhost ~]# umount /mnt
[root@localhost ~]# mount 172.25.254.100://westosdir /mnt/ 重新挂载
[root@localhost ~]# touch /mnt/westosfile6 建立文件
[root@westos_storage ~]# ls -l /westosdir/
total 0
-rw-r--r--. 1 root root 0 Nov 6 11:13 westosfile1
-rw-r--r--. 1 root root 0 Nov 6 11:13 westosfile2
-rw-r--r--. 1 root root 0 Nov 6 11:13 westosfile3
-rw-r--r--. 1 nobody nobody 0 Nov 6 11:46 westosfile4
-rw-r--r--. 1 westos westos 0 Nov 6 12:22 westosfile5
-rw-r--r--. 1 root root 0 Nov 6 12:36 westosfile6 延用自己的root身份
11、nfs和autofs的自动挂载优化
[root@localhost ~]# dnf install autofs -y 在客户端安装自动挂载服务autofs
[root@localhost ~]# vim /etc/auto.master 添加参数, 编辑主挂载策略文件
/westos (最仲挂载点上层目录) /etc/auto.nfs(子策略文件)
[root@localhost ~]# vim /etc/auto.nfs 添加,编辑子策略文件
nfs -rw 172.25.254.100:/westosdir
nfs 表示最终挂载点相对路径
-rw表示挂载参数 读写
172.25.254.100:/westosdir 表示nfs服务器共享出来的资源
[root@localhost ~]# systemctl restart autofs.service 重启服务
[root@localhost ~]# cd /westos/nfs 进入挂载目录
[root@localhost nfs]# df
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 907616 0 907616 0% /dev
tmpfs 935412 0 935412 0% /dev/shm
tmpfs 935412 9392 926020 2% /run
tmpfs 935412 0 935412 0% /sys/fs/cgroup
/dev/vda3 7353344 4377740 2975604 60% /
/dev/vda1 506528 218600 287928 44% /boot
tmpfs 187080 1180 185900 1% /run/user/42
tmpfs 187080 4 187076 1% /run/user/0
172.25.254.100:/westosdir 7353344 4382208 2971136 60% /mnt 自动挂载,退出挂载目录自动卸载
12、iscsi简介启用及客户端激活设备过程
在服务器上添加一块设备,共享设备
[root@westos_storage ~]# fdisk -l
Disk /dev/vda: 8 GiB, 8589934592 bytes, 16777216 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x657e7edc
Device Boot Start End Sectors Size Id Type
/dev/vda1 * 2048 1026047 1024000 500M 83 Linux
/dev/vda2 1026048 2050047 1024000 500M 82 Linux swap / Solaris
/dev/vda3 2050048 16777215 14727168 7G 83 Linux
Disk /dev/vdb: 5 GiB, 5368709120 bytes, 10485760 sectors 新添加5G设备
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
[root@westos_storage ~]# fdisk /dev/vdb 划分设备
Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x81b83167.
Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)
Select (default p): p
Partition number (1-4, default 1):
First sector (2048-10485759, default 2048):
Last sector, +sectors or +size{K,M,G,T,P} (2048-10485759, default 10485759): +2G
Created a new partition 1 of type 'Linux' and of size 2 GiB.
Command (m for help): p
Disk /dev/vdb: 5 GiB, 5368709120 bytes, 10485760 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x81b83167
Device Boot Start End Sectors Size Id Type
/dev/vdb1 2048 4196351 4194304 2G 83 Linux 建立一个2G的设备
Command (m for help): wq
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.g
[root@westos_storage ~]# dnf install targetcli 安装共享策略管理软件
[root@westos_storage ~]# systemctl enable --now target 启动服务
Created symlink /etc/systemd/system/multi-user.target.wants/target.service → /usr/lib/systemd/system/target.service.
[root@westos_storage ~]# targetcli 用此命令编写共享策略
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.51
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> /backstores/block create westos:storage1 /dev/vdb1 westos:storage1表示在此软件中设备的别名
/dev/vdb1 表示系统中真实设备
Created block storage object westos:storage1 using /dev/vdb1. 内部指定设备
/> /iscsi create iqn.2021-08.org.westos:storage1 建立对外共享名称,iqn的命名方式iscs限定名称,格式为iqn.YYYY-MM.域名反写:别名
Created target iqn.2021-08.org.westos:storage1.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/> iscsi/iqn.2021-08.org.westos:storage1/tpg1/luns create /backstores/block/westos:storage1 把共享名称和内部指定设备关联
Created LUN 0.
/> iscsi/iqn.2021-08.org.westos:storage1/tpg1/acls create iqn.2021-08.org.westos:westoskey 为共享设定访问key ,westoskey表示加密字符
Created Node ACL for iqn.2021-08.org.westos:westoskey
Created mapped LUN 0.
/> exit 退出,共享完成
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json
在客户端:
[root@localhost nfs]# dnf install iscsi-initiator-utils.x86_64 -y 安装客户端软件
[root@localhost nfs]# systemctl status iscsid 对客户端控制配置服务
[root@localhost nfs]# systemctl status iscsi 客户端对资源利用服务
[root@localhost nfs]# iscsiadm -m discovery -t st -p 172.25.254.100
-m 表示类型
-t指定识别的设备类型
-p 表示指定资源主机ip(服务器)
iscsiadm: cannot make connection to 172.25.254.100: No route to host 表示连接100服务器失败需要设定火墙
iscsiadm: cannot make connection to 172.25.254.100: No route to host
iscsiadm: cannot make connection to 172.25.254.100: No route to host
[root@westos_storage ~]# firewall-cmd --permanent --add-port=3260/tcp 开放服务的端口让客户端可以访问
success
[root@westos_storage ~]# firewall-cmd --reload
success
[root@localhost nfs]# iscsiadm -m discovery -t st -p 172.25.254.100 共享信息可以查询
172.25.254.100:3260,1 iqn.2021-08.org.westos:storage1
[root@localhost nfs]# iscsiadm -m node -T iqn.2021-08.org.westos:storage1 -p 172.25.254.100 -l 挂载,-T表示指定共享设备名称 -l表示登陆共享设备
Logging in to [iface: default, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260]
iscsiadm: Could not login to [iface: default, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260].
iscsiadm: initiator reported error (24 - iSCSI login failed due to authorization failure) 认证失败,因为在客户端中未指定服务端的共享key所以无法登陆
iscsiadm: Could not log into all portals
[root@localhost nfs]# vim /etc/iscsi/initiatorname.iscsi 需要在客户端的此文件指定key
InitiatorName=iqn.2021-08.org.westos:westoskey 服务器中的共享key
[root@localhost nfs]# systemctl restart iscsid.service 重启服务
[root@localhost nfs]# iscsiadm -m node -T iqn.2021-08.org.westos:storage1 -p 172.25.254.100 -l 再次挂载,挂载成功
Logging in to [iface: default, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260]
Login to [iface: default, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260] successful.
[root@localhost nfs]#
[root@localhost nfs]# fdisk -l
Disk /dev/vda: 8 GiB, 8589934592 bytes, 16777216 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x657e7edc
Device Boot Start End Sectors Size Id Type
/dev/vda1 * 2048 1026047 1024000 500M 83 Linux
/dev/vda2 1026048 2050047 1024000 500M 82 Linux swap / Solaris
/dev/vda3 2050048 16777215 14727168 7G 83 Linux
Disk /dev/sda: 2 GiB, 2147483648 bytes, 4194304 sectors 在客户端系统中会出现一个新的硬盘,大小为服务器共享的设备大小
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
[root@localhost nfs]# fdisk /dev/sda
Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0xc7c17f0d.
Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)
Select (default p): p
Partition number (1-4, default 1):
First sector (2048-4194303, default 2048):
Last sector, +sectors or +size{K,M,G,T,P} (2048-4194303, default 4194303):
Created a new partition 1 of type 'Linux' and of size 2 GiB.
Command (m for help): p
Disk /dev/sda: 2 GiB, 2147483648 bytes, 4194304 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xc7c17f0d
Device Boot Start End Sectors Size Id Type
/dev/sda1 2048 4194303 4192256 2G 83 Linux
Command (m for help): wq
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
[root@localhost nfs]# mkfs.xfs /dev/sda1 格式化
meta-data=/dev/sda1 isize=512 agcount=4, agsize=131008 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=1, rmapbt=0
= reflink=1
data = bsize=4096 blocks=524032, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0, ftype=1
log =internal log bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@localhost nfs]# mount /dev/sda1 /mnt/ 挂载
设备就可以使用了 ,iscs直接把服务器中的设备共享出来了
13.客户端永久挂载设备方法
[root@localhost nfs]# blkid 查看设备id
/dev/vda1: UUID="3cc65186-5c1a-4b64-937d-76fa3feec0c8" TYPE="xfs" PARTUUID="657e7edc-01"
/dev/vda2: UUID="a0f0361a-8846-4d19-ac39-653b0b79aff8" TYPE="swap" PARTUUID="657e7edc-02"
/dev/vda3: UUID="0eb49537-4c55-4a43-986f-98bd31d7cfd2" TYPE="xfs" PARTUUID="657e7edc-03"
/dev/sda1: UUID="24a0d435-2066-4d1c-9d8a-3c216d74089d" TYPE="xfs" PARTUUID="c7c17f0d-01"
网络设备因网络通信的缘故可能发生名称变化所以推荐挂载时使用设备的id进行设备的指定
[root@localhost nfs]# vim /etc/fstab 编辑永久挂载文件,添加参数
UUID=24a0d435-2066-4d1c-9d8a-3c216d74089d /mnt xfs defaults 0 0
[root@localhost nfs]# reboot 重启系统,会导致系统启动失败
如何解决此问题:
[root@localhost nfs]# vim /etc/fstab 编辑永久挂载文件,添加参数
UUID=24a0d435-2066-4d1c-9d8a-3c216d74089d /mnt xfs defaults,_netdev 0 0
_netdev表示指定此设备在挂载时先启动网络iscs服务后在生效
[root@localhost ~]# reboot 重启系统,系统就可以正常启动
[root@localhost ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 907616 0 907616 0% /dev
tmpfs 935412 0 935412 0% /dev/shm
tmpfs 935412 9452 925960 2% /run
tmpfs 935412 0 935412 0% /sys/fs/cgroup
/dev/vda3 7353344 4426496 2926848 61% /
/dev/vda1 506528 218600 287928 44% /boot
/dev/sda1 2085888 47580 2038308 3% /mnt 开机自动挂载
tmpfs 187080 1180 185900 1% /run/user/42
tmpfs 187080 4 187076 1% /run/user/0
14、iscsi的删除
客户端:
[root@localhost ~]# vim /etc/fstab 删除网络设备自动挂载信息
UUID=24a0d435-2066-4d1c-9d8a-3c216d74089d /mnt xfs defaults,_netdev 0 0 这一条信息删除
[root@localhost ~]# umount /mnt 卸载掉设备
[root@localhost ~]# tree /var/lib/iscsi/ 在客户端读取到的服务器的所有数据存放目录
/var/lib/iscsi/
├── ifaces
├── isns
├── nodes
│ └── iqn.2021-08.org.westos:storage1
│ └── 172.25.254.100,3260,1
│ └── default
├── send_targets
│ └── 172.25.254.100,3260
│ ├── iqn.2021-08.org.westos:storage1,172.25.254.100,3260,1,default -> /var/lib/iscsi/nodes/iqn.2021-08.org.westos:storage1/172.25.254.100,3260,1
│ └── st_config
├── slp
└── static
[root@localhost ~]# iscsiadm -m node -T iqn.2021-08.org.westos:storage1 -p 172.25.254.100 -u -u表示退出登陆
Logging out of session [sid: 1, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260]
Logout of [sid: 1, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260] successful.
[root@localhost ~]# fdisk -l 退出登陆后设备消失,但是数据还在重启iscs设备服务器后设备会自动出现
Disk /dev/vda: 8 GiB, 8589934592 bytes, 16777216 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x657e7edc
Device Boot Start End Sectors Size Id Type
/dev/vda1 * 2048 1026047 1024000 500M 83 Linux
/dev/vda2 1026048 2050047 1024000 500M 82 Linux swap / Solaris
/dev/vda3 2050048 16777215 14727168 7G 83 Linux
[root@localhost ~]# systemctl restart iscsi 重启iscs服务
[root@localhost ~]# fdisk -l 查看设备,设备又回来了
Disk /dev/vda: 8 GiB, 8589934592 bytes, 16777216 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x657e7edc
Device Boot Start End Sectors Size Id Type
/dev/vda1 * 2048 1026047 1024000 500M 83 Linux
/dev/vda2 1026048 2050047 1024000 500M 82 Linux swap / Solaris
/dev/vda3 2050048 16777215 14727168 7G 83 Linux
Disk /dev/sda: 2 GiB, 2147483648 bytes, 4194304 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xc7c17f0d
Device Boot Start End Sectors Size Id Type
/dev/sda1 2048 4194303 4192256 2G 83 Linux 设备又回来了
如何永久删掉 ??
[root@localhost ~]# iscsiadm -m node -T iqn.2021-08.org.westos:storage1 -p 172.25.254.100 -u 登出
Logging out of session [sid: 2, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260]
Logout of [sid: 2, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260] successful.
[root@localhost ~]# iscsiadm -m node -T iqn.2021-08.org.westos:storage1 -p 172.25.254.100 -o delete ,delete作用:删除客户主机此网络设备的数据
[root@localhost ~]# tree /var/lib/iscsi/ 可以发现数据信息不见了
/var/lib/iscsi/
├── ifaces
├── isns
├── nodes
├── send_targets
│ └── 172.25.254.100,3260
│ └── st_config
├── slp
└── static
[root@localhost ~]# systemctl restart iscsi 重启iscs服务
[root@localhost ~]# tree /var/lib/iscsi/ 还是么有数据信息,这次就彻底删除了
/var/lib/iscsi/
├── ifaces
├── isns
├── nodes
├── send_targets
│ └── 172.25.254.100,3260
│ └── st_config
├── slp
└── static
服务端如何删除:
[root@westos_storage ~]# targetcli
targetcli shell version 2.1.51
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> ls
o- / ................................................................................................... [...]
o- backstores ........................................................................................ [...]
| o- block ............................................................................ [Storage Objects: 1]
| | o- westos:storage1 ........................................... [/dev/vdb1 (2.0GiB) write-thru activated]
| | o- alua ............................................................................. [ALUA Groups: 1]
| | o- default_tg_pt_gp ................................................. [ALUA state: Active/optimized]
| o- fileio ........................................................................... [Storage Objects: 0]
| o- pscsi ............................................................................ [Storage Objects: 0]
| o- ramdisk .......................................................................... [Storage Objects: 0]
o- iscsi ...................................................................................... [Targets: 1]
| o- iqn.2021-08.org.westos:storage1 ............................................................. [TPGs: 1]
| o- tpg1 ......................................................................... [no-gen-acls, no-auth]
| o- acls .................................................................................... [ACLs: 1]
| | o- iqn.2021-08.org.westos:westoskey ............................................... [Mapped LUNs: 1]
| | o- mapped_lun0 ................................................. [lun0 block/westos:storage1 (rw)]
| o- luns .................................................................................... [LUNs: 1]
| | o- lun0 ..................................... [block/westos:storage1 (/dev/vdb1) (default_tg_pt_gp)]
| o- portals .............................................................................. [Portals: 1]
| o- 0.0.0.0:3260 ............................................................................... [OK]
o- loopback ................................................................................... [Targets: 0]
/> clearconfig confirm=True 表示清空服务器中的共享数据
All configuration cleared
/> ls 查看,已经删除了
o- / ................................................................................................... [...]
o- backstores ........................................................................................ [...]
| o- block ............................................................................ [Storage Objects: 0]
| o- fileio ........................................................................... [Storage Objects: 0]
| o- pscsi ............................................................................ [Storage Objects: 0]
| o- ramdisk .......................................................................... [Storage Objects: 0]
o- iscsi ...................................................................................... [Targets: 0]
o- loopback ...................................................................................
/> exit
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json