NFS4 server i automount (autofs) klijenti

Bez odgovora
DrLove73
Slika korisnika DrLove73
Offline
User
Član od: 29/05/2006

Post je na engleskom posto sam ga napisao za LinuxQuestions forume. Gledacu da sto pre prepravim na srpski.
Originalni post: http://www.linuxquestions.org/questions/fedora-35/about-nfs-automount-81...

Primer je radjen na CentOS 5.5 i serveru i klijentu.

I will explain in details how to create NFS4 Server to be used with Automount (autofs) clients.

Server:
Special folder where you will mount/export all of your folders can be placed where ever you want.
My setup has 6 subfolders to export so I will not change anything. You use as much folders you need.

Create /nfs4exports with subfolders:
etc, extra, home, ostalo, usr, var.

mkdir /nfs4exports; mkdir /nfs4exports/extra; mkdir /nfs4exports/home; mkdir /nfs4exports/etc
mkdir /nfs4exports/ostalo; mkdir /nfs4exports/usr; mkdir /nfs4exports/var
Put in /etc/fstab:
/extra                  /nfs4exports/extra      bind    bind            0 0
/ostalo                 /nfs4exports/ostalo     bind    bind            0 0
/etc                 /nfs4exports/system/etc     bind    bind            0 0
/home                 /nfs4exports/system/home     bind    bind            0 0
/var                 /nfs4exports/system/var     bind    bind            0 0
/usr                 /nfs4exports/system/usr     bind    bind            0 0

Put in /etc/exports:
/nfs4exports ccc.vvv.219.88/255.255.255.248(rw,fsid=0,sync,no_root_squash,no_subtree_check)
/nfs4exports/extra ccc.vvv.219.88/255.255.255.248(rw,no_subtree_check,nohide,sync,no_root_squash)
/nfs4exports/ostalo ccc.vvv.219.88/255.255.255.248(rw,no_subtree_check,nohide,sync,no_root_squash)
/nfs4exports/system/etc ccc.vvv.219.88/255.255.255.248(rw,no_subtree_check,nohide,sync,no_root_squash)
/nfs4exports/system/home ccc.vvv.219.88/255.255.255.248(rw,no_subtree_check,nohide,sync,no_root_squash)
/nfs4exports/system/usr ccc.vvv.219.88/255.255.255.248(rw,no_subtree_check,nohide,sync,no_root_squash)
/nfs4exports/system/var ccc.vvv.219.88/255.255.255.248(rw,no_subtree_check,nohide,sync,no_root_squash)  192.168.219.0/24(rw,no_subtree_check,nohide,sync,no_root_squash) xx.yyy.208.130(rw,no_subtree_check,nohide,sync)

You might want to change some of the options, like "no_root_squash". Research and decide for your self.  
"ccc.vvv" and "xx.yyy" are part of my public IP's

Put in /etc/sysconfig/nfs:
LOCKD_TCPPORT=32803
# UDP port rpc.lockd should listen on.
LOCKD_UDPPORT=32769
RPCNFSDARGS="-N 2 -N 3"
MOUNTD_PORT=892
STATD_PORT=662
# Outgoing port statd should used. The default is port
# is random
STATD_OUTGOING_PORT=2020
# Specify callout program

So you can leave open only ports 32803,32769,892,662,2020 in your firewall. I leave them open only for those selected IP's.

/etc/idmapd.conf:
[General]

Verbosity = 0
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = <your domain here>

[Mapping]

Nobody-User = <your desired user here>
Nobody-Group = <your desired user here>

[Translation]
Method = nsswitch

Domain is necessary to be same on both Server and Clients, user can be left alone.
You MUST have your hostnames sorted out, Server MUST know on what IP he can find the Client that tries to access him. I use DNS Server for that.

The last thing is to restart some services. I believe only "nfs" and "portmap" should be restarted:

service portmap restart; service nfs restart

Client:

To test is NFS4 server is exporting folders and to what IP's:
test : showmount -e

Add this to /etc/auto.master:
/autofsmounts/kancelarija  /etc/auto.kancelarija  --timeout=10

"kancelarija" is hostname of my NFS server. "/autofsmounts" is where I chose to place my autofs folders and then create symlinks to the place I want to directly access those folders.
"ccc.vvv.219.92" is IP of my NFS server.

Create /etc/auto.kancelarija with:
etc -fstype=nfs4,rw,proto=tcp ccc.vvv.219.92:/etc
extra -fstype=nfs4,rw,proto=tcp ccc.vvv.219.92:/extra
home -fstype=nfs4,rw,proto=tcp ccc.vvv.219.92:/home
ostalo -fstype=nfs4,rw,proto=tcp ccc.vvv.219.92:/ostalo
usr -fstype=nfs4,rw,proto=tcp ccc.vvv.219.92:/usr
var -fstype=nfs4,rw,proto=tcp ccc.vvv.219.92:/var

/etc/idmapd.conf:
[General]

Verbosity = 0
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = <your domain here>

[Mapping]

Nobody-User = <your desired user here>
Nobody-Group = <your desired user here>

[Translation]
Method = nsswitch

Create folder /autofsmounts/kancelarija
mkdir /autofsmounts/kancelarija
then restart autofs (as root):
service autofs restart

Create folder /kancelarija
mkdir /kancelarija

and inside place symlinks for:
Quote:

/autofsmounts/kancelarija/etc
/autofsmounts/kancelarija/extra
/autofsmounts/kancelarija/home
/autofsmounts/kancelarija/ostalo
/autofsmounts/kancelarija/usr
/autofsmounts/kancelarija/var

by first entering those folders so they would show inside "/autofsmounts/kancelarija/" folder. If not use, they will timeout in 10 seconds (in my example)

cd /autofsmounts/kancelarija/
cd etc; ln -s /autofsmounts/kancelarija/etc /kancelarija/; cd ..
cd extra; ln -s /autofsmounts/kancelarija/extra /kancelarija/; cd ..
cd home; ln -s /autofsmounts/kancelarija/home /kancelarija/; cd ..
cd ostalo; ln -s /autofsmounts/kancelarija/ostalo /kancelarija/; cd ..
cd usr; ln -s /autofsmounts/kancelarija/usr /kancelarija/; cd ..
cd var; ln -s /autofsmounts/kancelarija/var /kancelarija/; cd ..

I hope I have not made any mistakes. If I have, please point them out to me so i can fixed them.

0