rhel7-NFS服务搭建

Posted 2020-10-27 Dapeng-W

 

检查服务：

[[email protected] ~]# systemctl status nfs
● nfs-server.service - NFS server and services
   Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor preset: disabled)
   Active: inactive (dead)
[[email protected] ~]# systemctl start nfs
[[email protected] ~]# systemctl status nfs
● nfs-server.service - NFS server and services
   Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor preset: disabled)
   Active: active (exited) since 一 2018-03-12 10:34:39 CST; 1s ago
  Process: 3776 ExecStopPost=/usr/sbin/exportfs -f (code=exited, status=0/SUCCESS)
  Process: 3773 ExecStopPost=/usr/sbin/exportfs -au (code=exited, status=0/SUCCESS)
  Process: 3770 ExecStop=/usr/sbin/rpc.nfsd 0 (code=exited, status=0/SUCCESS)
  Process: 4002 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS)
  Process: 3999 ExecStartPre=/bin/sh -c /bin/kill -HUP `cat /run/gssproxy.pid` (code=exited, status=0/SUCCESS)
  Process: 3996 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
 Main PID: 4002 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/nfs-server.service
3月 12 10:34:39 localhost.localdomain systemd[1]: Starting NFS server and services...
3月 12 10:34:39 localhost.localdomain systemd[1]: Started NFS server and services.
[[email protected] ~]# systemctl stop nfs
[[email protected] ~]# systemctl status nfs
● nfs-server.service - NFS server and services
   Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor preset: disabled)
   Active: inactive (dead) since 一 2018-03-12 10:34:44 CST; 1s ago
  Process: 4048 ExecStopPost=/usr/sbin/exportfs -f (code=exited, status=0/SUCCESS)
  Process: 4045 ExecStopPost=/usr/sbin/exportfs -au (code=exited, status=0/SUCCESS)
  Process: 4042 ExecStop=/usr/sbin/rpc.nfsd 0 (code=exited, status=0/SUCCESS)
  Process: 4002 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS)
  Process: 3999 ExecStartPre=/bin/sh -c /bin/kill -HUP `cat /run/gssproxy.pid` (code=exited, status=0/SUCCESS)
  Process: 3996 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
 Main PID: 4002 (code=exited, status=0/SUCCESS)
3月 12 10:34:39 localhost.localdomain systemd[1]: Starting NFS server and services...
3月 12 10:34:39 localhost.localdomain systemd[1]: Started NFS server and services.
3月 12 10:34:44 localhost.localdomain systemd[1]: Stopping NFS server and services...
3月 12 10:34:44 localhost.localdomain systemd[1]: Stopped NFS server and services.
[[email protected] ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since 一 2018-03-12 08:46:18 CST; 1h 50min ago
     Docs: man:firewalld(1)
 Main PID: 541 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─541 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
3月 12 08:46:15 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
3月 12 08:46:18 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
3月 12 08:46:19 localhost.localdomain firewalld[541]: WARNING: ICMP type ‘beyond-scope‘ is not supported by the kernel for ipv6.
3月 12 08:46:19 localhost.localdomain firewalld[541]: WARNING: beyond-scope: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
3月 12 08:46:19 localhost.localdomain firewalld[541]: WARNING: ICMP type ‘failed-policy‘ is not supported by the kernel for ipv6.
3月 12 08:46:19 localhost.localdomain firewalld[541]: WARNING: failed-policy: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
3月 12 08:46:20 localhost.localdomain firewalld[541]: WARNING: ICMP type ‘reject-route‘ is not supported by the kernel for ipv6.
3月 12 08:46:20 localhost.localdomain firewalld[541]: WARNING: reject-route: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
3月 12 08:46:20 localhost.localdomain firewalld[541]: WARNING: ‘/usr/sbin/ip6tables-restore --wait=2 -n‘ failed: ip6tables-restore: line 4 failed
3月 12 08:46:20 localhost.localdomain firewalld[541]: WARNING: Applying rules for ipv6_rpfilter failed: COMMAND_FAILED
[[email protected] ~]# systemctl stop firewalld.service
[[email protected] ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since 一 2018-03-12 10:37:06 CST; 1s ago
     Docs: man:firewalld(1)
  Process: 541 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
 Main PID: 541 (code=exited, status=0/SUCCESS)
3月 12 08:46:19 localhost.localdomain firewalld[541]: WARNING: ICMP type ‘beyond-scope‘ is not supported by the kernel for ipv6.
3月 12 08:46:19 localhost.localdomain firewalld[541]: WARNING: beyond-scope: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
3月 12 08:46:19 localhost.localdomain firewalld[541]: WARNING: ICMP type ‘failed-policy‘ is not supported by the kernel for ipv6.
3月 12 08:46:19 localhost.localdomain firewalld[541]: WARNING: failed-policy: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
3月 12 08:46:20 localhost.localdomain firewalld[541]: WARNING: ICMP type ‘reject-route‘ is not supported by the kernel for ipv6.
3月 12 08:46:20 localhost.localdomain firewalld[541]: WARNING: reject-route: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
3月 12 08:46:20 localhost.localdomain firewalld[541]: WARNING: ‘/usr/sbin/ip6tables-restore --wait=2 -n‘ failed: ip6tables-restore: line 4 failed
3月 12 08:46:20 localhost.localdomain firewalld[541]: WARNING: Applying rules for ipv6_rpfilter failed: COMMAND_FAILED
3月 12 10:37:03 localhost.localdomain systemd[1]: Stopping firewalld - dynamic firewall daemon...
3月 12 10:37:06 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.

服务配置：
[[email protected] ~]# mkdir -p /nfs-share/ro
[[email protected] ~]# mkdir -p /nfs-share/读写
[[email protected] ~]# chmod -R 777 /nfs-share/*
[[email protected] ~]# cat /etc/exports
[[email protected] ~]# echo "/nfs-share/ro/     *(ro)" > /etc/exports
[[email protected] ~]# echo "/nfs-share/读写    *(rw)" >> /etc/exports
[[email protected] ~]# cat /etc/exports
/nfs-share/ro/     *(ro)
/nfs-share/读写    *(rw)
[[email protected] ~]# systemctl start nfs.service
[[email protected] ~]# systemctl status nfs
● nfs-server.service - NFS server and services
   Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor preset: disabled)
   Active: active (exited) since 一 2018-03-12 10:46:27 CST; 6s ago
  Process: 4048 ExecStopPost=/usr/sbin/exportfs -f (code=exited, status=0/SUCCESS)
  Process: 4045 ExecStopPost=/usr/sbin/exportfs -au (code=exited, status=0/SUCCESS)
  Process: 4042 ExecStop=/usr/sbin/rpc.nfsd 0 (code=exited, status=0/SUCCESS)
  Process: 4440 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS)
  Process: 4436 ExecStartPre=/bin/sh -c /bin/kill -HUP `cat /run/gssproxy.pid` (code=exited, status=0/SUCCESS)
  Process: 4433 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
 Main PID: 4440 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/nfs-server.service
3月 12 10:46:27 localhost.localdomain systemd[1]: Starting NFS server and services...
3月 12 10:46:27 localhost.localdomain systemd[1]: Started NFS server and services.

[[email protected] ~]# touch /nfs-share/ro/ro.txt
[[email protected] ~]# echo ro > /nfs-share/ro/ro.txt
[[email protected] ~]# touch /nfs-share/读写/rw.txt
[[email protected] ~]# echo rw > /nfs-share/读写/rw.txt
[[email protected] ~]# chmod 777 -R /nfs-share/*

 

客户端访问：（以下命令行中 [nfs-server-ip] 表示nfs服务端实际ip）

[[email protected] ~]# showmount -e [nfs-server-ip]
Export list for [xxxx]:
/nfs-share/读写 *
/nfs-share/ro     *
[[email protected] ~]# mkdir client-nfs-ro client-nfs-rw
[[email protected] ~]# ll client-nfs-ro client-nfs-rw
client-nfs-ro:
总用量 0
client-nfs-rw:
总用量 0
[[email protected] ~]# mount [nfs-server-ip]:/nfs-share/ro ./client-nfs-ro/
[[email protected] ~]# mount [nfs-server-ip]:/nfs-share/读写 ./client-nfs-rw/
[[email protected] ~]# ls ./client-nfs-ro/
ro.txt
[[email protected] ~]# ls ./client-nfs-rw/
rw.txt

[[email protected] ~]# cat ./client-nfs-ro/ro.txt
ro
[[email protected] ~]# cat ./client-nfs-rw/rw.txt
rw
[[email protected] ~]# echo 111 >> ./client-nfs-ro/ro.txt
-bash: ./client-nfs-ro/ro.txt: 权限不够

[[email protected] ~]# cat ./client-nfs-ro/ro.txt
ro
[[email protected] ~]# echo 111 >> ./client-nfs-rw/rw.txt
[[email protected] ~]# cat ./client-nfs-rw/rw.txt
rw
111

[[email protected] ~]# umount ./client-nfs-ro/
[[email protected] ~]# umount ./client-nfs-rw/
[[email protected] ~]# ll ./client-nfs-ro/
总用量 0
[[email protected] ~]# ll ./client-nfs-rw/
总用量 0


服务端指定网段访问权限：
[[email protected] ~]# cat /etc/exports
/nfs-share/ro/     *(ro)
/nfs-share/读写    *(rw)
[[email protected] ~]# mv /etc/exports /etc/exports.bak
[[email protected] ~]# echo "/nfs-share/ro/     10.1.1.* (ro)" > /etc/exports
[[email protected] ~]# echo "/nfs-share/读写/   10.1.1.* (rw)" >> /etc/exports
[[email protected] ~]# cat /etc/exports
/nfs-share/ro/     10.1.1.*(ro)
/nfs-share/读写/   10.1.1.*(rw)
[[email protected] ~]# systemctl restart nfs

[[email protected] ~]# showmount -e [nfs-server-ip]
Export list for [xxxx]:
/nfs-share/读写 10.1.1.*
/nfs-share/ro     10.1.1.*
[[email protected] ~]# mount [nfs-server-ip]:/nfs-share/ro ./client-nfs-ro/
mount.nfs: access denied by server while mounting [xxxx]:/nfs-share/ro