Wednesday, January 1, 2025
Google search engine
HomeGuest BlogsHow To Configure NFSv3 and NFSv4 on CentOS 7

How To Configure NFSv3 and NFSv4 on CentOS 7

In this guide, I’ll take you through the installation of NFSv3 and NFSv4 Server on CentOS 7. The only prerequisite for this is that you should have installed CentOS 7 server and data directory to export to other servers via NFS.

Install and configure NFSv3 and NFSv4 on CentOS 7

Below are complete steps to Install and configure both NFSv3 and NFSv4 on a CentOS 7 server.

NFSv4 schema

Step 1: Install NFS server

Install the nfs-utils package on CentOS 7 using the following commands:

sudo yum -y install nfs-utils

Step 2:  Configure domain used for NFS ( Optional)

$ sudo vim /etc/idmapd.conf
Domain = geeksforgeeks.org

Step 3: Configure NFS exports

NFS exports are configured under the file /etc/exportsThe /etc/exports file controls which file systems are exported to remote hosts and specifies options. It follows the following syntax rules:

  • Comments start with the hash mark (#).
  • Blank lines are ignored by default.
  • Each host’s options must be placed in parentheses directly after the host identifier, without any spaces separating the host and the first parenthesis.
  • Each exported file system should be on its own individual line.
  • A list of authorized hosts needs to be separated by space characters.
  • Long lines can be wrapped with a backslash (\).

An entry for an exported file system has the following structure:

export host(options)

Variables used are:

export –> The directory being exported
host –> The host or network to which the export is being shared
options –> The options to be used for host

For multiple hosts with different options, the syntax is:

export host1(options1) host2(options2) host3(options3)

NFS export default options are:

  • ro: The exported file system is read-only and remote hosts cannot make any changes to the files shared on the file system. To allow hosts to make both reads and writes, specify the rw option instead.
  • sync: Aith this option, NFS server does not reply to requests before changes made by previous requests are written to disk. To enable asynchronous writes instead, specify the option async.
  • root_squash: This prevents root users that connect remotely from having root privileges. Instead, the NFS server will assign them the user ID nfsnobody. This effectively “squashes” the power of the remote root user to the lowest local user, preventing possible unauthorized writes on the remote server. To disable root squashing, specify no_root_squash.

To squash every remote user (including root), use all_squash. To specify the user and group IDs that the NFS server should assign to remote users from a particular host, use the anonuid and anongid options, respectively, as in:

export host(anonuid=uid,anongid=gid)

The uid and gid are user ID number and group ID number, respectively.

  • wdelay: This reduces disk write overhead by delaying writing to the disk if it suspects another write request is imminent. This can be disabled using no_wdelay, when default sync is on.
  • subtree_check: This option enables subtree checking. It can be disabled using no_subtree_check.

An example of a configuration line is below:

/mnt/data 192.168.1.0/24(rw,no_root_squash)

Where /mnt/data is the exported directory, and 192.168.1.0/24 is the network permitted to access it with read/write permissions and no root squashing. The network specified can be replaced with a single IP address or use * for global access.

$ sudo vi /etc/exports
/mnt/data *(rw,no_root_squash)

Create NFS directory where data will be written

sudo mkdir -p /mnt/data

Note that you have to explicitly override each default for every exported file system. For example, if the rw option is not specified, then the exported file system is shared as read-only.

Update the table of exported NFS file systems

$ sudo exportfs -rrv
exporting *:/mnt/data

For more information on exporting options, refer to man exportfs.

Step 4: Configure Firewall for NFS

The next step is to open ports required by NFS service on the firewall.

For NFSv4, use the command:

sudo firewall-cmd --add-service=nfs --permanent
sudo firewall-cmd --reload

For NFSv3, you’ll need to add extra ports by defining an xml file. This needs to be placed under /etc/firewalld/services/ directory.

$ sudo vi  /etc/firewalld/services/nfs.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>NFS
  <description>NFS service
  <port protocol="tcp" port="111"/>
  <port protocol="udp" port="111"/>
  <port protocol="tcp" port="662"/>
  <port protocol="udp" port="662"/>
  <port protocol="tcp" port="892"/>
  <port protocol="udp" port="892"/>
  <port protocol="tcp" port="2049"/>
  <port protocol="udp" port="2049"/>
  <port protocol="tcp" port="32803"/>
  <port protocol="udp" port="32803"/>
  <port protocol="tcp" port="38467"/>
  <port protocol="udp" port="38467"/>
  <port protocol="tcp" port="32769"/>
  <port protocol="udp" port="32769"/>
</service>

Then add service on the firewall.

sudo firewall-cmd --add-service=nfs --permanent
sudo firewall-cmd --reload

Step 5: Start and enable NFS service

Now that everything is configured, you should be ready to start the service.

for i in rpcbind nfs-server; do
  sudo systemctl start $i
  sudo systemctl enable $i
done

When you start the nfs service, the /usr/sbin/exportfs command launches and reads this file, passes control to rpc.mountd (if NFSv3) for the actual mounting process, then to rpc.nfsd where the file systems are then available to remote users. It writes exported file systems to /var/lib/nfs/etab, you can view using:

$ cat /var/lib/nfs/etab

Step 6: Discovering NFS exports

There are two ways to discover which file systems an NFS server exports. First, on any server that supports NFSv3, use the showmount command:

$ showmount -e server

#E.g

$ sudo showmount -e localhost
Export list for localhost:
/mnt/test *
/mnt/data 192.168.1.0/24

For a server that supports NFSv4 only, mount / and check the contents.

$ sudo mount  serverip:/ /mnt/
$ cd /mnt/
$ ls

Step 7: Mount exported file system on a client

The client can be any operating system that supports NFSv3 or NFSv4. For Debian/Ubuntu, install the following packaged:

sudo apt-get install rpcbind nfs-common

For CentOS 7, install nfs-utils:

sudo yum -y install nfs-utils
sudo systemctl start rpcbind 
sudo systemctl enable rpcbind

To do the non-persistent mounting, you can use the mount command.

sudo mount -t 192.168.1.10:/mnt/data /data

To specify NFS version, use -o option

$ sudo mount -t nfs -o vers=4 192.168.1.10:/mnt/data /data
#or
$ sudo mount -t nfs -o vers=3 192.168.1.10:/mnt/data /data

To make this persistent, you need to modify /etc/fstab file. A mounting for NFSv3 look like below on /etc/fstab

192.168.1.10:/mnt/data  /data nfs defaults,vers=3 0 0

You can see the vers=3 option is used to specify that we want to mount NFSv3. You can as well specify other supported options like below:

192.168.1.10:/mnt/data /data nfs vers=3,proto=tcp,hard,intr,rsize=32768,wsize=32768,noatime 0 0

Create a mount point and mount it.

$ sudo mkdir /data
$ sudo mount -a
$ df -hT | grep /data
192.168.1.10:/data nfs 200G 175G 26G 88% /data

You’ve now install and configured NFS server on CentOS 7 Linux system. We hope this guide was heloful.

RELATED ARTICLES

Most Popular

Recent Comments