Shulou(Shulou.com)06/02 Report--

Brief introduction

NFS is the abbreviation of Network File System, that is, the network file system. A protocol used in distributed file systems. The function is to enable different machines and different operating systems to share individual data with each other through the network so that the application program can access the data in the server disk through the network. It is a method to realize disk file sharing among Unix-like systems. The basic principle of NFS is to "allow different clients and servers to share the same file system through a set of RPC". It is independent of the operating system and allows systems with different hardware and operating systems to share files together. NFS relies on RPC protocol in the process of file transfer or information transfer. RPC, remote procedure call (Remote Procedure Call) is a mechanism that enables clients to execute programs in other systems. NFS itself does not provide protocols and functions for information transmission, but NFS allows us to share data through the network, because NFS uses some other transport protocols. And these transport protocols use this RPC function. It can be said that NFS itself is a program using RPC. Or NFS is also a RPC SERVER. So start the RPC service wherever NFS is used, whether it's NFSSERVER or NFS CLIENT. In this way, SERVER and CLIENT can correspond to PROGRAM PORT through RPC. The relationship between RPC and NFS can be understood this way: NFS is a file system, while RPC is responsible for the transfer of information.

two。 Deployment 2.1 deployment environment

Operating system: CentOS Linux release 7.3.1611 (Core)

Server: 10.0.1.16

Client: 10.0.1.1 10.0.1.2

2.2 install the server 2.2.1 install the nfs-utils service on the server side using yum

The command is as follows:

# yum list | grep nfs-utils # check whether there is a rpm package for nfs-utils

# yum install nfs-utils.x86_64-y # install nfs-utils

2.2.2 create related users and specify user id and user group id, and then set the owner and user group of the directory

# groupadd-g 1005 rick

# useradd-g 1005-u 1005murm M rick

# mkdir-p / share/data

# chown-R rick:rick / share/data

Note: 1005 is user id and user group id, this experiment I use custom; you can also use the default, use

Cat / etc/passwd | grep rick command line view, for example

Rick:x:1001:1001::/home/rick:/bin/bash

With colons as delimiters, the first field is the user name; the second field is the password, which is hidden; the third field is the user id;; the fourth field is the user group id;; the fifth field is the description; the sixth field is the user's home directory; and the seventh field is the shell available to the user.

2.2.3 configure the shared directory and set permissions, edit the nfs configuration file / etc/exports

Command: vim / etc/exports

Add / share/data * (rw,sync,all_squash,anonuid=1005,anongid=1005)

Shared directory permission settings. * means all ip access is allowed. For other permissions, see Section 2.4.

Note: in order to facilitate the use of * to set the ip that can access the shared directory, for the sake of security, it is recommended to specify a single ip or a network segment that can be accessed during deployment.

For example

/ share/data 10.0.1.1 (rw,sync,all_squash,anonuid=1005,anongid=1005)

# specify a single ip accessible shared file directory

/ share/data 10.0.1.0 Compact 24 (rw,sync,all_squash,anonuid=1005,anongid=1005)

# specify that a network segment can access the shared file directory

Or

/ share/data 10.0.1.1 (rw,sync,all_squash,anonuid=1005,anongid=1005)

10.0.1.2 (rw,sync,all_squash,anonuid=1005,anongid=1005)

# the above two lines are connected, oh, ip () space ip (), and multiple ip are separated by spaces

# specify a shared file directory accessible by multiple ip

2.2.4 start rpc (maybe the system is already started) and nfs services

Systemctl start rpcbind.service

Systemctl start nfs-server.service

2.2.5 Firewall opens 111 (rpc port) and 2049 (nfs port)

# firewall-cmd-permanent-add-port=111/tcp

# firewall-cmd-permanent-add-port=2049/tcp

# firewall-cmd-reload

2.3 to install client 2.3.1 you need to install the nfs service, and then mount the shared directory on the nfs server side

Yum install nfs-utils.x86_64-y

Mount-t nfs 10.0.1.16:/share/data / opt

Note: the / opt directory is custom, and will be created automatically if it is not available locally

2.3.2 Boot Auto-mount

Vim / etc/fstab

Add 10.0.1.16:/share/data / opt nfs defaults 0 0

2.4 reference table for permission parameter settings

Parameter value

The content is clear

Rw

Ro

The permissions for directory sharing are read-write or read-only, but the most important thing is whether you can write or not, which is related to the rwx and identity of the file system.

Sync

Async

Sync represents that data will be synchronously loaded into the memory system and the hard drive, while async means that the data will be stored in the memory system first, rather than directly into the hard drive!

No_root_squash

Root_squash

If the account of the client using the NFS file system is root, how should the system identify the account? By default, the identity of the client root will be changed to nfsnobody by the settings of root_squash, which will guarantee the system of the server. But if you want to open a file system that uses the client's root identity to operate the server, then you have to open no_root_squash here!

All_squash

Regardless of the identity of the user who logs in to NFS, his identity will be identified as an anonymous user, usually nobody (nfsnobody)!

Anonuid

Anongid

Anon refers to the UID setting of anonymous (Anonymous) for anonymous users mentioned by * _ squash, usually nobody (nfsnobody), but you can set the value of this UID yourself! Of course, this UID must exist in your / etc/passwd! Anonuid refers to UID and anongid is the GID of a group.

This article is an experiment conducted with reference to Brother Bird's private dish-server, and this article is not as detailed as Brother Bird wrote.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.