Nfs: Difference between revisions
m 17 revisions |
|||
| (10 intermediate revisions by 2 users not shown) | |||
| Line 3: | Line 3: | ||
=== Prep work === | === Prep work === | ||
Deal with the firewall | ===== Deal with the firewall ===== | ||
This should only be done over a private network if you are using this wiki. | |||
Figure out the nic for their private network, in most cases this will be eth1. Go into the firewalls config file and do the following. | Figure out the nic for their private network, in most cases this will be eth1. Go into the firewalls config file and do the following. | ||
| Line 23: | Line 24: | ||
Restart the firewall. | Restart the firewall. | ||
===== Enable services ===== | |||
Enable the required services | Enable the required services | ||
| Line 30: | Line 32: | ||
portmap | portmap | ||
/etc/init.d/nfs restart | /etc/init.d/nfs restart | ||
===== Making UID/GID match on all servers ===== | |||
{{warning| READ BELOW CAREFULLY}} | |||
Now comes the tricky part, the easiest method for this to work permission wise is for the user on both servers to have the same gid and uid. So we can change these to match however if you are uncertain please ask escalation for help. | |||
Figure out a free guid and uid that we can use, generally pick one of the ids that is above 500 that is available. | |||
cat /etc/passwd | cut -d: -f3,4 | |||
The above will list all of the in use uid/gid's, pick one that is above 500 that is not in use for either. Now we are going to change the users gid/uid to match on the servers. | |||
groupmod -g (new gid) USERNAME | |||
usermod -u (new uid) -g (new gid) USERNAME | |||
When it is together correctly it should look like this. | |||
groupmod -g 520 shooltz | |||
usermod -u 520 -g 520 shooltz | |||
Afterwards check and make sure the changes took by running the id command. | |||
id username | |||
EXAMPLE. | |||
[root@Shooltz.net [~]$ id shooltz | |||
uid=520(shooltz) gid=520(shooltz) groups=520(shooltz) | |||
Once these are done move on. | |||
=== Setting up the server side === | === Setting up the server side === | ||
| Line 35: | Line 64: | ||
vim /etc/exports | vim /etc/exports | ||
Add a line that looks like this, but change to match your needs. | Add a line that looks like this, but change to match your needs. | ||
{{Notice|For anonuid & anongid please put in the users groupid and userid you set above.}} | |||
<pre> | <pre> | ||
Path Server-1-ip(options) server-2-ip(options) etc... | Path Server-1-ip(options) server-2-ip(options) etc... | ||
/ | /path/to/share/ 10.34.39.134(rw,anonuid=520,anongid=520) 10.34.39.133(rw,anonuid=520,anongid=520) | ||
</pre> | </pre> | ||
Save the file, and reload the nfs config as follows. | Save the file, and reload the nfs config as follows. | ||
| Line 47: | Line 77: | ||
=== Setting up the client === | === Setting up the client === | ||
This wont work if you didnt do the [http://shooltz.net/w/index.php?title=Nfs#Prep_work Prep] work | |||
This wont work if you didnt do the [http://shooltz.net/w/index.php?title=Nfs#Prep_work Prep] work. | |||
First make your mount point. | First make your mount point. | ||
mkdir -p /path/to/mnt/point | mkdir -p /path/to/mnt/point | ||
Next mount the NFS share as follows. | Next mount the NFS share as follows. | ||
mount 10.34.39.132:/Remote/share/ /path/to/mnt/point/ | |||
After this you should be able to cd into the mount dir and test. Once you have confirmed you can cd into the directoy and touch a file that shows up on the other server let make this persistent now. | |||
umount /path/to/mnt/point/ | |||
vim /etc/fstab | |||
Add the following line. | |||
10.34.39.132:/path/of/shared /path/mounting/on/ nfs rw 0 0 | |||
Save and wuit the file and test the mount point by running: | |||
mount -a | |||
If it mounts without problems you should be done. | |||
Ask escalations if you need assistance. | |||
Latest revision as of 23:51, 23 October 2014
NFS
First on all server involved there is some prep work.
Prep work
Deal with the firewall
This should only be done over a private network if you are using this wiki.
Figure out the nic for their private network, in most cases this will be eth1. Go into the firewalls config file and do the following.
APF
vim /etc/apf/conf.apf change this IFACE_TRUSTED="" to IFACE_TRUSTED="eth1"
CSFETH_DEVICE_SKIP
vim /etc/csf/csf.conf change this ETH_DEVICE_SKIP="" to ETH_DEVICE_SKIP="eth1"
Restart the firewall.
Enable services
Enable the required services
chkconfig --add portmap chkconfig portmap on chkconfig nfs on portmap /etc/init.d/nfs restart
Making UID/GID match on all servers
Now comes the tricky part, the easiest method for this to work permission wise is for the user on both servers to have the same gid and uid. So we can change these to match however if you are uncertain please ask escalation for help.
Figure out a free guid and uid that we can use, generally pick one of the ids that is above 500 that is available.
cat /etc/passwd | cut -d: -f3,4
The above will list all of the in use uid/gid's, pick one that is above 500 that is not in use for either. Now we are going to change the users gid/uid to match on the servers.
groupmod -g (new gid) USERNAME usermod -u (new uid) -g (new gid) USERNAME
When it is together correctly it should look like this.
groupmod -g 520 shooltz usermod -u 520 -g 520 shooltz
Afterwards check and make sure the changes took by running the id command.
id username
EXAMPLE.
[root@Shooltz.net [~]$ id shooltz uid=520(shooltz) gid=520(shooltz) groups=520(shooltz)
Once these are done move on.
Setting up the server side
To setup the server we need to specify the share in the exports file.
vim /etc/exports
Add a line that looks like this, but change to match your needs.
Path Server-1-ip(options) server-2-ip(options) etc... /path/to/share/ 10.34.39.134(rw,anonuid=520,anongid=520) 10.34.39.133(rw,anonuid=520,anongid=520)
Save the file, and reload the nfs config as follows.
exportfs -ra
You can now also check the current loaded config with the following.
exportfs -v
Also if you want to see what random ports that portmap chose run the following command.
rpcinfo -p
Setting up the client
This wont work if you didnt do the Prep work.
First make your mount point.
mkdir -p /path/to/mnt/point
Next mount the NFS share as follows.
mount 10.34.39.132:/Remote/share/ /path/to/mnt/point/
After this you should be able to cd into the mount dir and test. Once you have confirmed you can cd into the directoy and touch a file that shows up on the other server let make this persistent now.
umount /path/to/mnt/point/ vim /etc/fstab
Add the following line.
10.34.39.132:/path/of/shared /path/mounting/on/ nfs rw 0 0
Save and wuit the file and test the mount point by running:
mount -a
If it mounts without problems you should be done.
Ask escalations if you need assistance.