1. Environment introduction:
Server: centos 192.168.204.136
Client: centos 192.168.204.135
2. Install nfs server and rpcbind:
yum -y install nfs-utils rpcbind The
earlier version of rpcbind needs to be changed to portmap
3. Server-side configuration:
1. Create Shared directory:
mkdir /var/ftp/
2. NFS file configuration:
vi /etc/exports #Add a
line (parameters refer to others at the bottom):
/var/ftp/ 192.168.204.135 (rw,all_squash,sync)
to make the configuration take effect:
exportfs -r
General sites are used to share pictures, so it is best to add user id and group id (usually www users)
/var/ftp 192.168.204.135 (rw,all_squash,anonuid=502,anongid=502)
If the service is not Get up (note the order):
service rpcbind start
service nfs start
Fourth, client processing:
yum -y install nfs-utils
mount -t nfs 192.168.204.136: /var/ftp /usr/local/test
failed to mount? Turn off the server's firewall, success.
Mount to view, you can see the mounted file
to create the file, you can view both sides at the same time. If the permissions are insufficient, first give the server share directory 777 permissions.
This completes the construction, but obviously it is not enough. Optimization:
1. Server
a, self-starting rpcbind and nfs
chkconfig rpcbind on
chkconfig nfs on
b, fixed port (the server does not allow the firewall to be closed)
nfs service needs to open mountd, nfs, nlockmgr, portmapper, rquotad 5 services, nfs and portmapper two The service is on a fixed port, nfs is 2049 and portmapper is 111. The other three services use random ports, so you need to set the ports of these three services to be fixed first.
1. rpcinfo -p
Select any port of the remaining three services and record it
mountd 46750
rquotad 875
nlockmgr 47266
2. Modify the nfs configuration file
vim /etc/sysconfig/nfs
# Port rquotad should listen on.
RQUOTAD_PORT=875
# TCP port rpc.lockd should listen
on.LOCKD_TCPPORT=46997
# UDP port rpc.lockd should listen
on.LOCKD_UDPPORT=47266
# Port rpc.mountd should listen on.
MOUNTD_PORT=46750
3、防火墙开放对应的端口
vim /etc/sysconfig/iptables
-A INPUT -p tcp -m multiport --dport 111,2049,875,46997,47266 -j ACCEPT
二、客户端
设置开机挂载
vim /etc/fstab
#加入下面这句
192.168.204.136:/var/ftp /usr/local/test nfs defaults,soft,intr 0 0
#Nfs是类型
#soft参数是为了向用户输出错误信息
#intr参数为了解决当网络出现故障时,我们可以通过按下ctrl+c组合键来终止操作
其他:
1、nfs参数详解
ro 只读访问
rw 读写访问
sync 所有数据在请求时写入共享(资料同步写入到内存与硬盘中)
async NFS在写入数据前可以相应请求(资料会先暂存于内存中,而非直接写入硬盘)
secure NFS通过1024以下的安全TCP/IP端口发送
insecure NFS通过1024以上的端口发送(允许从这台机器过来的非授权访问)
wdelay 如果多个用户要写入NFS目录,则归组写入(默认)
no_wdelay 如果多个用户要写入NFS目录,则立即写入,当使用async时,无需此设置。
hide 在NFS共享目录中不共享其子目录
no_hide 共享NFS目录的子目录
subtree_check 如果共享/usr/bin之类的子目录时,强制NFS检查父目录的权限(默认)
no_subtree_check 和上面相对,不检查父目录权限
all_squash 共享文件的UID和GID映射匿名用户anonymous,适合公用目录。
no_all_squash 保留共享文件的UID和GID(默认)
root_squash root用户的所有请求映射成如anonymous用户一样的权限(默认)
no_root_squash root用户具有根目录的完全管理访问权限
anonuid=xxx 指定NFS服务器/etc/passwd文件中匿名用户的UID
anongid=xxx 指定NFS服务器/etc/passwd文件中匿名用户的GID
2、如果觉得默认文件权限较低(644)
可以修改unmask的配置(默认022)
/etc/profile
可以支持本文原创博客:http://www.webyang.net/Html/web/article_254.html