CentOS6.9 NFS service Installation configuration tutorial
- 2020-06-15 11:01:23
- OfStack
Server environment: CentOS6.9 Linux 2.6.32-696. el6.x86_64
Install the NFS service
The nfs client and server only need to install the nfs-ES12en package, and the yum installation is accompanied by the installation of rpcbind services
# yum -y install nfs-utils
Powered up
# chkconfig rpcbind on
# chkconfig nfs on
For the needs of operation and maintenance management, it can quickly find relevant startup services, configure chkconfig and append startup scripts
# tail -2 /etc/rc.local
/etc/init.d/rpcbind start
/etc/init.d/nfs start
Configure port
In addition to port 2049 for the main program and Port 111 for rpcbind being fixed, nfs USES 1 random port, which will be defined in the following configuration to configure the firewall
# vim /etc/sysconfig/nfs
# Append port configuration
MOUNT_PORT=4001
STATD_PORT=4002
LOCKD_TCPPORT=4003
LOCKD_UDPPORT=4004
RQUOTAD_PORT=4005
Configure the directory to share
# mkdir -p /var/nfs/simple-nfs # Directories to share
# vim /etc/exports # Configure access permissions
/var/nfs/simple-nfs 192.168.100.0/24(rw,async,root_squash)
Access rights:
rw: ES39en-ES40en, read-write; Note that the client will not be able to write properly if it is only set to read and write, and that the permissions for the Shared directory should also be set correctly, as shown in Question 7
ro: ES43en-ES44en, read only;
sync: Files are written to both disk and memory;
async: Files are stored in memory instead of being written directly to memory;
no_root_squash: NFS also has root permissions for directories Shared by the server if the client is using root when connecting to the server. Obviously it's not safe to turn this on.
root_squash: NFS if the client is using root to connect to the server, it will have anonymous user permissions for the directory Shared by the server, and it will usually use nobody or nfsnobody identity.
all_squash: No matter what user the NFS client USES when connecting to the server, it has anonymous user rights to the directory Shared by the server.
anonuid: The value of UID for anonymous users, usually nobody or nfsnobody, can be set here.
anongid: The GID value for an anonymous user.
Configure the firewall
# vim /etc/sysconfig/iptables
-A INPUT -p tcp -m tcp --dport 111 -j ACCEPT
-A INPUT -p udp -m udp --dport 111 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2049 -j ACCEPT
-A INPUT -p udp -m udp --dport 2049 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 4001:4005 -j ACCEPT
-A INPUT -p udp -m udp --dport 4001:4005 -j ACCEPT
Restart the service and firewall
# service nfs restart
# service iptables restart # or reload
The Linux client is mounted
# mount -t nfs 192.168.100.110:/var/nfs/simple-nfs /mnt
You can also write the mount configuration to an fstab file, just like a normal disk mount, where permissions can also be specified, but of type nfs.