搭建nfs服务器

搭建nfs服务器

在服务端中安装nfs，并启动

[root@liu ~]# yum -y install nfs-utils
Last metadata expiration check: 0:13:16 ago on Thu 22 Dec 2022 07:16:32 PM CST.
Dependencies resolved.
=====================================================================================================================
 Package                           Architecture           Version                         Repository            Size
===================================================================================================================
... 
Complete!

创建共享目录和文件

[root@liu ~]# mkdir -p /nfs/shared
[root@liu ~]# mkdir -p /nfs/upload
[root@liu ~]# cd /nfs/
[root@liu nfs]# ls
shared  upload
[root@liu nfs]# 
[root@liu shared]# touch read.txt
[root@liu shared]# echo 'Can only see' >> read.txt
[root@liu shared]# cat read.txt 
Can only see

关闭防火墙

[root@liu shared]# systemctl stop firewalld
[root@liu shared]# setenforce 0

配置nfs共享设置为只读，非root用户访问为匿名

[root@liu shared]# vi /etc/exports
[root@liu shared]# cat /etc/exports
/nfs/shared *(ro,all_squash)
[root@liu shared]# 

启动nfs服务和rpcbind

[root@liu shared]# systemctl start nfs-server rpcbind
[root@liu shared]# ss -antl
State        Recv-Q       Send-Q             Local Address:Port                Peer Address:Port       Process       
LISTEN       0            64                       0.0.0.0:2049                     0.0.0.0:*                        
LISTEN       0            128                      0.0.0.0:111                      0.0.0.0:*                        
LISTEN       0            128                      0.0.0.0:20048                    0.0.0.0:*                        
LISTEN       0            128                      0.0.0.0:22                       0.0.0.0:*                        
LISTEN       0            128                      0.0.0.0:58775                    0.0.0.0:*                        
LISTEN       0            64                       0.0.0.0:36477                    0.0.0.0:*                        
LISTEN       0            64                          [::]:2049                        [::]:*                        
LISTEN       0            128                         [::]:40449                       [::]:*                        
LISTEN       0            128                         [::]:111                         [::]:*                        
LISTEN       0            128                         [::]:20048                       [::]:*                        
LISTEN       0            64                          [::]:44977                       [::]:*                        
LISTEN       0            128                         [::]:22                          [::]:*                        
[root@liu shared]# 

挂载

[root@liu ~]# mount -t nfs 192.168.29.128:/nfs/shared /opt 
[root@liu ~]# df -h|grep nfs 
192.168.29.128:/nfs/shared     17G  1.8G   16G  11% /opt 

开放/nfs/upload目录为172.16.12.0/24网段的数据上传目录，并将所有用户及所属的用户组都映射为nfs-upload，其UID与GID均为300

[root@liu ~]# groupadd  -g 300 nfs-upload
[root@liu ~]# useradd -u 300 -g 300 nfs-upload
[root@liu ~]# id nfs-upload
uid=300(nfs-upload) gid=300(nfs-upload) groups=300(nfs-upload)
[root@liu ~]# 

将upload目录更贵属组主为nfs-upload

[root@liu ~]# chown -R 'nfs-upload'.'nfs-upload' /nfs/upload/
[root@liu ~]# chmod g+s /nfs/upload/
[root@liu ~]#

指定所有用户访问都为匿名用户且uid，gid均为300，exportfs重新加载exports文件

[root@liu ~]# vi /etc/exports
[root@liu ~]# cat /etc/exports
/nfs/shared *(ro,all_squash)
/nfs/upload 192.168.29.0/24(rw,all_squash,root_squash,anonuid=300,anongid=300)
[root@liu ~]# exportfs -r

查看导出

[root@liu ~]# showmount -e 192.168.29.128
Export list for 192.168.29.128:
[root@liu ~]# 

创建目录xixi，将nfs 192.168.29.128:/nfs/upload挂载到xixi目录上

[root@liu ~]# mkdir /xixi
[root@liu ~]# mount -t nfs 192.168.29.128:/nfs/upload /xixi/
[root@localhost ~]# df -h|grep nfs
192.168.29.128:/nfs/shared     17G  1.8G   16G  11% /opt
192.168.29.128:/nfs/upload     17G  1.8G   16G  11% /xixi

验证

[root@liu xixi]# touch a
[root@liu xixi]# ll
total 0
-rw-r--r--. 1 300 300 0 Dec 22 19:04 a

[root@liu xixi]# ll /nfs/upload/
total 0
-rw-r--r--. 1 nfs-upload nfs-upload 0 Dec 22 19:04 a