linux:network_nfs
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
linux:network_nfs [2023/03/14 14:34] manu |
linux:network_nfs [2025/04/28 15:44] (current) manu [On the client NFSv4] |
||
|---|---|---|---|
| Line 50: | Line 50: | ||
| # cat /var/lib/nfs/etab | # cat /var/lib/nfs/etab | ||
| /data 190.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,no_root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,secure,no_root_squash,no_all_squash) | /data 190.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,no_root_squash,no_all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,secure,no_root_squash,no_all_squash) | ||
| + | </cli> | ||
| + | |||
| + | ==== Setup for server NFS V4 Spectrum Scale ==== | ||
| + | |||
| + | <cli prompt='#'> | ||
| + | [root@gpfs01 ~]# mmnfs config list | ||
| + | ... | ||
| + | Idmapd Configuration | ||
| + | ========================== | ||
| + | LOCAL-REALMS: localdomain | ||
| + | DOMAIN: localdomain | ||
| + | ========================== | ||
| </cli> | </cli> | ||
| Line 66: | Line 78: | ||
| **Note**\\ | **Note**\\ | ||
| For NFSv3 you need additionnal steps | For NFSv3 you need additionnal steps | ||
| + | |||
| + | |||
| + | Setting Up The Client | ||
| + | With NFSv4, all of the shares are located under one main export. Therefore, the client only needs a single mount point. We now need to create the mount point for our connection. For this Trail, we'll use the name of the NFS server as the mount point name. | ||
| + | |||
| + | |||
| + | The client mount configuration is set in the /etc/fstab file. Although all of the exports on the server are located under "/exports", the configuration needs to specify the root connection of "nfs1:/" and not "nfs1:/exports". Using the "/" (root) mount instructs the client to connect to the root share which was earlier configured on the server with the "fsid=0" option. Note that we are using the "sec=krb5p" option, to mount using Kerberos credentials. | ||
| + | |||
| + | <cli prompt='#'> | ||
| + | [DIRxSRVx10:root@client ~]# mkdir /mnt/nfs1 | ||
| + | [DIRxSRVx10:root@client ~]# vi /etc/fstab | ||
| + | |||
| + | nfs1:/ /mnt/nfs1 nfs4 sec=krb5p,auto,rw,nodev,sync,_netdev,proto=tcp,retry=10,rsize=32768,wsize=32768,hard,intr 0 0 | ||
| + | </cli> | ||
| + | |||
| + | Now that the connection is configured on the client, the mount can be established with the following command. | ||
| + | <cli prompt='#'> | ||
| + | [DIRxSRVx10:root@client ~]# mount /mnt/nfs1 | ||
| + | </cli> | ||
| + | |||
| + | The share can also be mounted on the command-line. Note that we are providing the "-o sec=krb5p" option, to mount using Kerberos credentials. | ||
| + | <cli prompt='#'> | ||
| + | [DIRxSRVx10:root@client ~]# mount -t nfs4 nfs1:/ /mnt/nfs1 -o sec=krb5p,async,auto,exec,_netdev,nodev,rw,retry=5,rsize=32768,wsize=32768,proto=tcp,hard,intr | ||
| + | A listing of the mounted share shows whether the connection was successful. | ||
| + | |||
| + | [DIRxSRVx10:root@client ~]# mount -l | ||
| + | nfs1:/ on /mnt/nfs1 type nfs4 (rw,addr=10.0.0.2) | ||
| + | </cli> | ||
| https://computingforgeeks.com/configure-nfsv3-and-nfsv4-on-centos-7/ | https://computingforgeeks.com/configure-nfsv3-and-nfsv4-on-centos-7/ | ||
| https://www.stephenrlang.com/2016/01/setup-nfsv4-on-centos/ | https://www.stephenrlang.com/2016/01/setup-nfsv4-on-centos/ | ||
| + | |||
| ===== NFSv4 idmapping ===== | ===== NFSv4 idmapping ===== | ||
| Line 87: | Line 128: | ||
| Method = nsswitch | Method = nsswitch | ||
| </cli> | </cli> | ||
| + | |||
| + | Or map local user with NFS server | ||
| + | <code> | ||
| + | [Translation] | ||
| + | Method = static | ||
| + | |||
| + | [Static] | ||
| + | test@nfsserver.example.com = testmf | ||
| + | test@192.168.0.1 = testmf | ||
| + | test@nfsserver = testmf | ||
| + | </code> | ||
| Clean the idmapd cache | Clean the idmapd cache | ||
| Line 134: | Line 186: | ||
| </cli> | </cli> | ||
| + | On recent kernels, only the server uses rpc.idmapd (documented in man rpc.idmapd). When using idmap, the user names are transmitted in user@domain format. Unless a domain name is configured in /etc/idmapd.conf, idmapd uses the system's DNS domain name. For idmap to map the users correctly, the domain name needs to be same on the client and on the server. | ||
| + | |||
| + | |||
| + | |||
| + | # UID/GID mapping for local users | ||
| + | idmap config * : backend = tdb | ||
| + | idmap config * : range = 3000-7999 | ||
| + | |||
| + | |||
| + | https://serverfault.com/questions/535809/nfsv4-with-idmap | ||
| + | https://serverfault.com/questions/915119/nfsv4-mapping-uid-and-gid-on-debian-stretch | ||
| + | https://help.ubuntu.com/community/NFSv4Howto | ||
linux/network_nfs.1678800889.txt.gz · Last modified: 2023/03/14 14:34 by manu
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
