Linux NFS Installation: Difference between revisions
Jump to navigation
Jump to search
| Line 87: | Line 87: | ||
</blockquote> | </blockquote> | ||
==Start NFS== | |||
===RHEL 6=== | |||
<pre> | |||
service rpcbind start | service rpcbind start | ||
service nfs start | service nfs start | ||
</pre> | |||
===RHEL 7=== | |||
<pre> | |||
service nfs-server start | service nfs-server start | ||
</pre> | |||
==Start at Boot== | |||
===init.d=== | |||
Also add these to | Also add these to <tt>chkconfig</tt> if needed on reboot.: | ||
<pre> | |||
chkconfig --add rpcbind | chkconfig --add rpcbind | ||
chkconfig --add nfs | chkconfig --add nfs | ||
chkconfig --level 2345 rpcbind on | chkconfig --level 2345 rpcbind on | ||
chkconfig --level 2345 nfs on | chkconfig --level 2345 nfs on | ||
</pre> | |||
More details on chkconfig: | More details on chkconfig: | ||
<blockquote style="background-color: #f9f9f9; border: solid thin lightgrey;"> | |||
:[[chkconfig]] | |||
</blockquote> | |||
===systemd=== | |||
<pre> | |||
systemctl enable nfs-server.service | systemctl enable nfs-server.service | ||
systemctl list-unit-files | grep nfs-server | systemctl list-unit-files | grep nfs-server | ||
</pre> | |||
More details on | More details on systemd: | ||
<blockquote style="background-color: #f9f9f9; border: solid thin lightgrey;"> | |||
:[[systemd]] | |||
</blockquote> | |||
=Client Installation= | =Client Installation= | ||
Revision as of 06:33, 21 August 2016
Internal
Relevance
- Updated for Amazon EC2
Server Installation
Install Packages
sudo su - yum install rpcbind nfs-utils
On some system we also need to install "nfs-utils-lib".
Setup Security
iptables
Normally, a specific list of ports should be provided to iptables. I tried the following, but it did not work:
... -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 111 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 111 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 2049 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 32803 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 32769 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 892 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 892 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 875 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 875 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p tcp --dport 662 -j ACCEPT -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -m state --state NEW -p udp --dport 662 -j ACCEPT -A SSH -s 192.168.0.0/255.255.0.0 -j ACCEPT ...
then
service iptables restart
I ended up allowing everything from 192.168.0.0/255.255.0.0 for the duration of using the NFS.
... -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -j ACCEPT ...
Amazon EC2
1. Create the directory:
mkdir /opt/shared
2. Give it the right permissions that make sense across your entire client set.
3. Share it /etc/exports.
Best if you specify only the subnet that must have access to it:
... /opt/shared 192.168.0.0/255.255.255.0(rw,sync,no_root_squash,no_subtree_check) ...
More details on export options can be found here:
Start NFS
RHEL 6
service rpcbind start service nfs start
RHEL 7
service nfs-server start
Start at Boot
init.d
Also add these to chkconfig if needed on reboot.:
chkconfig --add rpcbind chkconfig --add nfs chkconfig --level 2345 rpcbind on chkconfig --level 2345 nfs on
More details on chkconfig:
systemd
systemctl enable nfs-server.service systemctl list-unit-files | grep nfs-server
More details on systemd: