Configuring NFS on Ubuntu


How NFS works:
Typically, NFS allows a client machine (quark) to require transparent access to data stored on a server machine (dirak).
For this to take place successfully:
  1. The server (dirak) runs NFS daemon processes (nfsd and mountd) in order to make its data available to clients.
  2. The sysadmin determines what to make available, and exports names and parameters of directories to be shared, normally using the /etc/exports configuration file and the exportfs command.
  3. The sysadmin configures the server (using hosts.deny, hosts.allow) so that it can recognize and approve validated clients.
  4. The client machine requests access to exported data, typically by issuing a mount command.

Client quark mounts the /usr/home directory from host dirac on the local directory /home
# mount -t nfs dirac:/usr/home/ /home
To mount the remote directory:
  1. mount connects to mountd daemon, running on dirac.
  2. mountd checks whether quark has permission to mount /usr/home. If so, it returns a file handle.
  3. When someone tries to access the file /home/jdoe/login.sh in quark, the kernel places an RPC call to nfsd on the NFS server (dirac):
    • rpc_call(file handle, file name, UID, GID) - User and Group IDs must be the same on both hosts.














  1. If all goes well, users on the client machine can then view and interact with mounted filesystems on the server within the parameters permitted.

  • Client and server NFS functionality is implemented as kernel-level daemons that are started from user space at system boot.
  • These NFS daemons are normally started at boot time and register themselves with the portmapper, a service that manages the access to TCP ports of programs involved in remote procedure calls.
    • mountd - Runs on the NFS Server. Processes client's NFS requests.
    • nfsd (NFS daemon) - Runs on the NFS Server. Service the client's request.


Installing and Configuring NFS Server:
(Step 1): Check whether your kernel has NFS support compiled in. One way to do this is to query the kernel interface on the proc filesystem.
$ cat /proc/filesystems | grep nfs
nodev   nfs
nodev   nfs4
nodev   nfsd

-- If Kernel support for NFS is installed, you should see the lines above. 
-- If no results are displayed, you need to install NFS Server support:

$ sudo apt-get install portmap nfs-kernel-server

(Step 2): Configure NFS Server: define shared directories
  • Now you need to tell the NFS server which directories should be available for mounting, and which parameters should control client access to them.
  • You do this by exporting the files, that is, listing filesystems and access controls in the /etc/exports file.
# exports file for dirac. 
# Each line defines a directory and the hosts allowed to mount it

/home      quark.math.usm.edu(rw, sync)  proton.math.usm.edu(rw, sync)
/usr/TeX   *.math.usm.edu
/home/ftp  *(ro)
In the exports file above:
  • *.math.usm.edu -- matches all hosts in teh domain math.usm.edu
  • Security options:
  • rw - allow read/write in the exported file. Disallowed by default.
  • sync - Reply to requests only after changes have been committed to stable storage.

(Step 3): export the shares.
After modifying /etc/exports, run the command
$ sudo exportfs -ra 

(Step 4): Edit /etc/default/portmap to enable access to portmap from remote machines.
By default, portmap listens only for RPC calls coming from the loopback interface (127.0.0.1). For this,
(a) comment the "-i 127.0.0.1" entry in the file;
(b) restart portmap; and
(c) restart the NFS kernel server:
edit /etc/default/portmap
S sudo /etc/init.d/portmap restart
$ sudo /etc/init.d/nfs-kernel-server restart


Configuring NFS Clients

(Step 1): Install NSF Client
$ sudo apt-get intsall portmap nfs-common

(Step 2 - optional): Configure portmap to allow connections to the NFS server.

/etc/hosts.deny - list of hosts that are not allowed to access the system. Edit the file to block all clients. In this sense, only those that you explicitly authorize (in /etc/hosts.allow) will be able to connect the server.
portmap: ALL
/etc/hosts.allow - list of hosts authorized to access the server
portmap: <nfs Server IP address>

Mounting a remote filesystem manually:
From the client:
$ sudo mount dirac.math.usm.edu:/users/home /home

Configure auto mounting during startup:
  • You can set up automatic nfs mounting by including entries in /etc/fstab.
  • The /etc/fstab file is used to statically define the file systems that will be automatically mounted at boot time.
  • It contains a list of all available disks and disk partitions, and indicates how they are to be initialized into the overall system's file system
  • During machine startup, the mount program reads /etc/fstab file to determine which options should be used when mounting the specified device.
# device name   mount point     fs-type      options       dump-freq pass-num                                          
# servername:dir /mntpoint        nfs          rw,hard,intr   0         0

dirac:/users/home  /home  nfs  rw, hard, intr  0  0 
Just like other /etc/fstab mounts, NFS mounts in /etc/fstab have 6 columns, listed in order as follows:
  • The filesystem to be mounted (dirac.math.usm.edu:/users/home/)
  • The mountpoint (/home)
  • The filesystem type (nfs)
  • The options (rw, hard, intr)
  • Frequency to be dumped (a backup method) (0)
  • Order in which to be fsck'ed at boot time. (0) - dont perform fsck.

Options:
  • rw - read/write
  • hard - share mounted so that if the server becomes unavailable, the program will wait until the server is available again.
See more details on man mount

No comments:

Post a Comment