November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

Categories

November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

SETTING UP A LOCAL NFS SERVER

On the NFS Server, we will need to install the following packages:

yum -y install portreserve quota rpcbind nfs4-acl-tools.x86_64 nfs-utils.x86_64
# service rpcbind start
# chkconfig rpcbind on
# service nfs start
# chkconfig nfs on
The next step is to make the physical mount point (in this example, it’s /ilovecoco). We then need to update the /etc/exports file. Add the physical mount point we just created, and then add the IP address of the remote machine with any mapping options (in this example, we added rw,sync as mount options).

[root@memberserver ~]# mkdir /ilovecoco
[root@memberserver ~]# vi /etc/exports
[root@memberserver ~]# cat /etc/exports
/ilovecoco 192.168.56.102(rw,sync)
Make the export file active by issuing the following commands:

[root@memberserver ~]# exportfs -r
[root@memberserver ~]# exportfs -a
On the server, we can now verify that the NFS mount is active by issuing the following command:

[root@memberserver ~]# showmount -e
Export list for memberserver:
/ilovecoco 192.168.56.102
We can now try and access this NFS share from a remote host.

[root@master ~]# showmount -e 192.168.56.103
clnt_create: RPC: Port mapper failure – Unable to receive: errno 113 (No route to host)
The above error message is a result of the firewall blocking access. Firewall access now needs to be setup. For the purposes of testing, I enabled ALL ports on the firewall.

[root@localhost ~]# iptables -F
[root@localhost ~]# iptables -A INPUT -j ACCEPT
[root@localhost ~]# iptables-save
# Generated by iptables-save v1.4.21 on Wed Oct 22 19:29:57 2014
*nat
:PREROUTING ACCEPT [984:75513]
:INPUT ACCEPT [4:234]
:OUTPUT ACCEPT [1209:57593]
:POSTROUTING ACCEPT [1209:57593]
:OUTPUT_direct – [0:0]
:POSTROUTING_ZONES – [0:0]
:POSTROUTING_ZONES_SOURCE – [0:0]
:POSTROUTING_direct – [0:0]
:POST_public – [0:0]
:POST_public_allow – [0:0]
:POST_public_deny – [0:0]
:POST_public_log – [0:0]
:PREROUTING_ZONES – [0:0]
:PREROUTING_ZONES_SOURCE – [0:0]
:PREROUTING_direct – [0:0]
:PRE_public – [0:0]
:PRE_public_allow – [0:0]
:PRE_public_deny – [0:0]
:PRE_public_log – [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A OUTPUT -j OUTPUT_direct
-A POSTROUTING -j POSTROUTING_direct
-A POSTROUTING -j POSTROUTING_ZONES_SOURCE
-A POSTROUTING -j POSTROUTING_ZONES
-A POSTROUTING_ZONES -o enp0s8 -g POST_public
-A POSTROUTING_ZONES -o enp0s3 -g POST_public
-A POSTROUTING_ZONES -g POST_public
-A POST_public -j POST_public_log
-A POST_public -j POST_public_deny
-A POST_public -j POST_public_allow
-A PREROUTING_ZONES -i enp0s8 -g PRE_public
-A PREROUTING_ZONES -i enp0s3 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Wed Oct 22 19:29:57 2014
# Generated by iptables-save v1.4.21 on Wed Oct 22 19:29:57 2014
*mangle
:PREROUTING ACCEPT [7214:4652078]
:INPUT ACCEPT [7212:4650926]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [5282:434260]
:POSTROUTING ACCEPT [5312:439910]
:FORWARD_direct – [0:0]
:INPUT_direct – [0:0]
:OUTPUT_direct – [0:0]
:POSTROUTING_direct – [0:0]
:PREROUTING_ZONES – [0:0]
:PREROUTING_ZONES_SOURCE – [0:0]
:PREROUTING_direct – [0:0]
:PRE_public – [0:0]
:PRE_public_allow – [0:0]
:PRE_public_deny – [0:0]
:PRE_public_log – [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A INPUT -j INPUT_direct
-A FORWARD -j FORWARD_direct
-A OUTPUT -j OUTPUT_direct
-A POSTROUTING -j POSTROUTING_direct
-A PREROUTING_ZONES -i enp0s8 -g PRE_public
-A PREROUTING_ZONES -i enp0s3 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Wed Oct 22 19:29:57 2014
# Generated by iptables-save v1.4.21 on Wed Oct 22 19:29:57 2014
*security
:INPUT ACCEPT [6204:4571149]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [5282:434260]
:FORWARD_direct – [0:0]
:INPUT_direct – [0:0]
:OUTPUT_direct – [0:0]
-A INPUT -j INPUT_direct
-A FORWARD -j FORWARD_direct
-A OUTPUT -j OUTPUT_direct
COMMIT
# Completed on Wed Oct 22 19:29:57 2014
# Generated by iptables-save v1.4.21 on Wed Oct 22 19:29:57 2014
*raw
:PREROUTING ACCEPT [7241:4653776]
:OUTPUT ACCEPT [5282:434260]
:OUTPUT_direct – [0:0]
:PREROUTING_direct – [0:0]
-A PREROUTING -j PREROUTING_direct
-A OUTPUT -j OUTPUT_direct
COMMIT
# Completed on Wed Oct 22 19:29:57 2014
# Generated by iptables-save v1.4.21 on Wed Oct 22 19:29:57 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [17:1800]
:FORWARD_IN_ZONES – [0:0]
:FORWARD_IN_ZONES_SOURCE – [0:0]
:FORWARD_OUT_ZONES – [0:0]
:FORWARD_OUT_ZONES_SOURCE – [0:0]
:FORWARD_direct – [0:0]
:FWDI_public – [0:0]
:FWDI_public_allow – [0:0]
:FWDI_public_deny – [0:0]
:FWDI_public_log – [0:0]
:FWDO_public – [0:0]
:FWDO_public_allow – [0:0]
:FWDO_public_deny – [0:0]
:FWDO_public_log – [0:0]
:INPUT_ZONES – [0:0]
:INPUT_ZONES_SOURCE – [0:0]
:INPUT_direct – [0:0]
:IN_public – [0:0]
:IN_public_allow – [0:0]
:IN_public_deny – [0:0]
:IN_public_log – [0:0]
:OUTPUT_direct – [0:0]
-A INPUT -j ACCEPT
COMMIT
# Completed on Wed Oct 22 19:29:57 2014
[root@master ~]# showmount -e 192.168.56.103
Export list for 192.168.56.103:
/ilovecoco 192.168.56.102
Lets now try manually mapping up this mount using the mount command.

[root@master ~]# mkdir /ialsolovesnooki
[root@master ~]# mount 192.168.56.103:/ilovecoco /ialsolovesnooki
[root@master ~]# df -hk | grep /ialsolovesnooki
192.168.56.103:/ilovecoco 7022592 1447680 5574912 21% /ialsolovesnooki
[root@master ~]# ls -lrt /ialsolovesnooki
total 0
-rw-r–r–. 1 root root 0 Oct 23 2014 mycatsarethebest
Lets now get fancy and map this mount on demand using the autofs auto mounting daemon service. We’ll need to install autofs first.

[root@master ~]# yum -y install autofs
[root@master ~]# service autofs start
Redirecting to /bin/systemctl start autofs.service
[root@master ~]# chkconfig autofs on
Note: Forwarding request to ‘systemctl enable autofs.service’.
We also need to install nfs-utils and nfs4-acl-tools on the client host:

[root@localhost ~]# yum -y install nfs-utils.x86_64 nfs4-acl-tools.x86_64
/etc/auto.misc has several helpful examples which we will draw inspiration from to mount our NFS share. The line which we are interested in is the #linux line.

[root@slave /]# cat /etc/auto.misc
#
# This is an automounter map and it has the following format
# key [ -mount-options-separated-by-comma ] location
# Details may be found in the autofs(5) manpage
cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
# the following entries are samples to pique your imagination
#linux -ro,soft,intr ftp.example.org:/pub/linux
#boot -fstype=ext2 :/dev/hda1
#floppy -fstype=auto :/dev/fd0
#floppy -fstype=ext2 :/dev/fd0
#e2floppy -fstype=ext2 :/dev/fd0
#jaz -fstype=ext2 :/dev/sdc1
#removable -fstype=ext2 :/dev/hdd
Lets now edit the master mapping file.

[root@slave /]# vi /etc/auto.master
/meow /etc/auto.coco
It’s important to ensure that the filename begins in auto. It can end in anything, i.e. auto.duck.

[root@localhost meow]# vi /etc/auto.coco
reow -ro,soft,intr 192.168.56.103:/ilovecoco
Restart autofs.

[root@localhost meow]# service autofs restart
Redirecting to /bin/systemctl restart autofs.service
Now try and access the mount:

[root@localhost meow]# cd /
[root@localhost /]# cd meow
[root@localhost meow]# cd reow
[root@localhost reow]# ls -lrt
total 0
-rwxrwxrwx. 1 root root 0 Oct 22 19:57 mycatsarethebest

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>