1.安装NFS服务软件包
sudo apt update
sudo apt install nfs-kernel-server
##安装客户端,非必要##
sudo apt install nfs-common
2.创建nfs的文件夹,修改权限
mkdir -p /home/lin/nfs
chmod 777 /home/lin/nfs
3.配置nfs目录
sudo vi /etc/exports
##在文件后面添加内容##
# /etc/exports: the access control list for filesystems which may be exported
# to NFS clients. See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
#
# Example for NFSv4:
# /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
# /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check)
#
/home/lin/nfs *(rw,sync,no_subtree_check)
调用命令使其生效
sudo exportfs -ra
4.修改固定端口
使用rpcinfo来查看nfs服务中所使用的端口
rpcinfo -p localhost
nfs使用到的端口中,2049,111是固定的端口号,但是status,mountd,nolockmgr使用的是动态的端口,对于配置ufw不方便,所在把这把端口号修改为固定的,方便配置ufw。
A.修改/etc/default/nfs-common
文件,配置status服务端口为4000
# Options for rpc.statd.
# Should rpc.statd listen on a specific port? This is especially useful
# when you have a port-based firewall. To use a fixed port, set this
# this variable to a statd argument like: "--port 4000 --outgoing-port 4001".
# For more information, see rpc.statd(8) or http://wiki.debian.org/SecuringNFS
STATDOPTS="--port 4000"
B.修改/etc/default/nfs-kernel-server
文件,配置mountd
服务端口为4001
由于板子端用的协议nfs协议比较老旧,需要在nfs服务配置v2,v3版本生效
在末端加上
# Number of servers to start up
RPCNFSDCOUNT=8
# Runtime priority of server (see nice(1))
RPCNFSDPRIORITY=0
# Options for rpc.mountd.
# If you have a port-based firewall, you might want to set up
# a fixed port here using the --port option. For more information,
# see rpc.mountd(8) or http://wiki.debian.org/SecuringNFS
# To disable NFSv4 on the server, specify '--no-nfs-version 4' here
RPCMOUNTDOPTS="--manage-gids -p 4001"
# Do you want to start the svcgssd daemon? It is only required for Kerberos
# exports. Valid alternatives are "yes" and "no"; the default is "no".
NEED_SVCGSSD=""
# Options for rpc.svcgssd.
RPCSVCGSSDOPTS=""
RPCNFSDOPTS="--nfs-version 2,3,4 --debug --syslog"
C.创建/etc/modprobe.d/options.conf
文件,添加如下内容,配置nlockmgr
端口为4002
options lockd nlm_udpport=4002 nlm_tcpport=4002
然后在/etc/modules
文件中添加lockd,
# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
lockd
参考博文:https://blog.csdn.net/bryanwang_3099/article/details/114702374
5.设置防火墙放行规则
sudo ufw allow 111/tcp
sudo ufw allow 111/udp
sudo ufw allow 2049/tcp
sudo ufw allow 2049/udp
sudo ufw allow 4000/tcp
sudo ufw allow 4000/udp
sudo ufw allow 4001/tcp
sudo ufw allow 4001/udp
sudo ufw allow 4002/tcp
sudo ufw allow 4002/udp
6.设置nfs服务生效
sudo systemctl start nfs-kernel-server
sudo systemctl enable nfs-kernel-server
由于修改了固定端口号,需要重启一下ubuntu