{"id":6702,"date":"2017-05-08T14:27:32","date_gmt":"2017-05-08T06:27:32","guid":{"rendered":"http:\/\/rmohan.com\/?p=6702"},"modified":"2017-05-08T14:27:32","modified_gmt":"2017-05-08T06:27:32","slug":"centos-rhel-7-configuring-an-nfs-server-and-nfs-client","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=6702","title":{"rendered":"CentOS \/ RHEL 7 : Configuring an NFS server and NFS client"},"content":{"rendered":"<p>NFS allows a linux server to share directories with other UNIX clients over network. NFS server exports a directory and NFS client mounts this directory. RHEL 7 supports two version of NFS \u2013 NFSv3 and NFSv4.<\/p>\n<p>NFS server and RPC processes<\/p>\n<p>starting the nfs-server process starts the NFS server and other RPC processes. RPC processes includes:<br \/>\n\u2013 rpc.statd : implements monitoring protocol (NSM) between NFS client and NFS server<br \/>\n\u2013 rpc.mountd : NFS mount daemon that implements the server side of the mount requests from NFSv3 clients.<br \/>\n\u2013 rpc.idmapd : Maps NFSv4 names and local UIDs and GIDs<br \/>\n\u2013 rpc.rquotad : provides user quota information for remote users.<\/p>\n<p>Configuring NFS server<\/p>\n<p>1. Install the required nfs packages if not already installed on the server :<\/p>\n<p># rpm -qa | grep nfs-utils<br \/>\n# yum install nfs-utils rpcbind<br \/>\n2. Enable the services at boot time:<\/p>\n<p>#  systemctl enable nfs-server<br \/>\n#  systemctl enable rpcbind<br \/>\n#  systemctl enable nfs-lock<br \/>\nIn RHEL7.1 (nfs-utils-1.3.0-8.el7) enabling nfs-lock does not work (No such file or directory). it does not need to be enabled since rpc-statd.service is static.<\/p>\n<p>#  systemctl enable nfs-idmap<br \/>\nIn RHEL7.1 (nfs-utils-1.3.0-8.el7) this does not work (No such file or directory). it does not need to be enabled since nfs-idmapd.service is static.<\/p>\n<p>3. Start the NFS services:<\/p>\n<p>#  systemctl start rpcbind<br \/>\n#  systemctl start nfs-server<br \/>\n#  systemctl start nfs-lock<br \/>\n#  systemctl start nfs-idmap<br \/>\n4. Check the status of NFS service:<\/p>\n<p># systemctl status nfs<br \/>\n5. Create a shared directory:<\/p>\n<p># mkdir \/test<br \/>\n6. Export the directory. The format of the \/etc\/exports file is :<\/p>\n<p>dir client1 (options) [client2(options)&#8230;]<br \/>\nClient options include (defaults are listed first) :<br \/>\nro \/ rw :<br \/>\na) ro : allow clients read only access to the share.<br \/>\nb) rw : allow clients read write access to the share.<br \/>\nsync \/ async :<br \/>\na) sync : NFS server replies to request only after changes made by previous request are written to disk.<br \/>\nb) async : specifies that the server does not have to wait.<br \/>\nwdelay \/ no_wdelay<br \/>\na) wdelay : NFS server delays committing write requests when it suspects another write request is imminent.<br \/>\nb) no_wdelay : use this option to disable to the delay. no_wdelay option can only be enabled if default sync option is enabled.<br \/>\nno_all_squash \/ all_squash :<br \/>\na) no_all_squash : does not change the mapping of remote users.<br \/>\nb) all_squash : to squash all remote users including root.<br \/>\nroot_squash \/ no_root_squash :<br \/>\na) root_squash : prevent root users connected remotely from having root access. Effectively squashing remote root privileges.<br \/>\nb) no_root_squash : disable root squashing.<\/p>\n<p>Example :<\/p>\n<p># vi \/etc\/exports<br \/>\n\/test *(rw)<br \/>\n7. Exporting the share :<\/p>\n<p># exportfs -r<br \/>\n-r re-exports entries in \/etc\/exports and sync \/var\/lib\/nfs\/etab with \/etc\/exports. The \/var\/lib\/nfs\/etab is the master export table. Other options that can be used with exportfs command are :<\/p>\n<p>-a : exports entries in \/etc\/exports but do not synchronize with \/var\/lib\/nfs\/etab<br \/>\n-i : ignore entries in \/etc\/exports and uses command line arguments.<br \/>\n-u : un-export one or more directories<br \/>\n-o : specify client options on command line<br \/>\n8. Restart the NFS service:<\/p>\n<p># systemctl restart nfs-server<br \/>\nConfiguring NFS client<\/p>\n<p>1. Install the required nfs packages if not already installed on the server :<\/p>\n<p># rpm -qa | grep nfs-utils<br \/>\n# yum install nfs-utils<br \/>\n2. Use the mount command to mount exported file systems. Syntax for the command:<\/p>\n<p> mount -t nfs -o options host:\/remote\/export \/local\/directory<br \/>\nEample :<\/p>\n<p># mount -t nfs -o ro,nosuid remote_host:\/home \/remote_home<br \/>\nThis example does the following:<br \/>\n\u2013 It mounts \/home from remote host (remote_host) on local mount point \/remote_home.<br \/>\n\u2013 File system is mounted read-only and users are prevented from running a setuid program (-o ro,nosuid options).<\/p>\n<p>3. Update \/etc\/fstab to mount NFS shares at boot time.<\/p>\n<p># vi \/etc\/fstab<br \/>\nremote_host:\/home \t\/remote_home\t nfs \tro,nosuid \t0 \t0<br \/>\nFirewalld services to be active on NFS server<\/p>\n<p>For the NFS server to work, enable the nfs, mountd, and rpc-bind services in the relevant zone in the firewall-config application or using firewall-cmd :<\/p>\n<p># firewall-cmd &#8211;add-service=nfs &#8211;zone=internal &#8211;permanent<br \/>\n# firewall-cmd &#8211;add-service=mountd &#8211;zone=internal &#8211;permanent<br \/>\n# firewall-cmd &#8211;add-service=rpc-bind &#8211;zone=internal &#8211;permanent<\/p>\n","protected":false},"excerpt":{"rendered":"<p>NFS allows a linux server to share directories with other UNIX clients over network. NFS server exports a directory and NFS client mounts this directory. RHEL 7 supports two version of NFS \u2013 NFSv3 and NFSv4.<\/p>\n<p>NFS server and RPC processes<\/p>\n<p>starting the nfs-server process starts the NFS server and other RPC processes. RPC processes [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[73],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/6702"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6702"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/6702\/revisions"}],"predecessor-version":[{"id":6703,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/6702\/revisions\/6703"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6702"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6702"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6702"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}