SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


redhatnfsserver
Differences

This shows you the differences between two versions of the page.

Link to this comparison view

redhatnfsserver [2014/08/05 22:40] (current)
sjoerd created
Line 1: Line 1:
 += Red Hat 6.5 NFS Server =
 +This server is installed using the kickstart as described in [[redhat65management]]. It provides a few shares for the business application,​ but it also provides the home directories share, so users have the same home directory on all servers. ​
  
 +First we will install NFS server and configure shares. ​
 +
 += Deploy NFS Server =
 +The NFS software is already installed by the installation,​ which can be checked like this:
 +<code bash>
 +# yum list installed | grep nfs
 +nfs-utils.x86_64 ​                         1:​1.2.3-39.el6 ​                     @anaconda-RedHatEnterpriseLinux-201311111358.x86_64/​6.5
 +nfs-utils-lib.x86_64 ​                     1.1.5-6.el6 ​                        ​@anaconda-RedHatEnterpriseLinux-201311111358.x86_64/​6.5
 +</​code>​
 +
 += Create Share Directories =
 +For now I need two shares, one for moving around data (business_tmp) and the home directores:
 +<code bash>
 +mkdir /​data/​all-servers-home
 +mkdir /​data/​all-servers-business_tmp
 +</​code>​
 +
 += Create NFS Shares =
 +Add the required shares and their permissions in /​etc/​exports:​
 +<code bash>
 +# Share the home directory will all redhat 6.5 servers
 +/​data/​all-servers-home clientprd*.getshifting.local(rw,​sync)
 +/​data/​all-servers-home dbserverprd*.getshifting.local(rw,​sync)
 +/​data/​all-servers-home managementserver.getshifting.local(rw,​sync)
 +# Share the business_tmp directory will all unix and redhat servers
 +/​data/​all-servers-business_tmp clientprd*.getshifting.local(rw,​sync)
 +/​data/​all-servers-business_tmp dbserverprd*.getshifting.local(rw,​sync)
 +</​code>​
 +
 += Start NFS Service =
 +You can now start the NFS service and make it available after reboots like this:
 +<code bash>
 +service nfs restart
 +chkconfig nfs on 
 +</​code>​
 +
 +You can now check the local shares by issuing this command:
 +<code bash>
 +showmount -e
 +
 +Export list for nfsserver.getshifting.local:​
 +/​data/​all-servers-business_tmp clientprd*.getshifting.local,​dbserverprd*.getshifting.local
 +/​data/​all-servers-home ​    ​clientprd*.getshifting.local,​dbserverprd*.getshifting.local,​managementserver.getshifting.local
 +</​code>​
 +
 +> Note that if you want to run this against a remote server you need to add the remote servername to the command: {{{showmount -e nfsserver}}}
 +
 += Open Firewall Ports =
 +If you would run the command as described above to check if the shares are available you'll see that they are not. The system comes with a firewall by default so you first need to open the correct ports, which is done with the iptables command. However, since the port mapper can use different ports you first have to configure a few ports in the NFS config so you know which ports to open. 
 +
 +== Configure Ports ==
 +I want to keep the default so simply uncomment the correct lines in the /​etc/​sysconfig/​nfs file:
 +<code bash>
 +LOCKD_TCPPORT=32803
 +LOCKD_UDPPORT=32769
 +MOUNTD_PORT=892
 +STATD_PORT=662
 +</​code>​
 +
 +== Open the Ports ==
 +Open the ports using the iptables command (here used with sudo):
 +
 +<code bash>
 +# open ports for NFS and portmapper for PRD
 +sudo iptables -I INPUT -p tcp -s 10.10.10.0/​24 --dport 2049 -j ACCEPT
 +sudo iptables -I INPUT -p udp -s 10.10.10.0/​24 --dport 2049 -j ACCEPT
 +sudo iptables -I INPUT -p tcp -s 10.10.10.0/​24 --dport 111 -j ACCEPT
 +sudo iptables -I INPUT -p udp -s 10.10.10.0/​24 --dport 111 -j ACCEPT
 +sudo iptables -I INPUT -p tcp -s 10.10.10.0/​24 --dport 892 -j ACCEPT
 +sudo iptables -I INPUT -p udp -s 10.10.10.0/​24 --dport 892 -j ACCEPT
 +sudo iptables -I INPUT -p tcp -s 10.10.10.0/​24 --dport 662 -j ACCEPT
 +sudo iptables -I INPUT -p udp -s 10.10.10.0/​24 --dport 662 -j ACCEPT
 +sudo iptables -I INPUT -p tcp -s 10.10.10.0/​24 --dport 32803 -j ACCEPT
 +sudo iptables -I INPUT -p udp -s 10.10.10.0/​24 --dport 32769 -j ACCEPT
 +# open ports for NFS and portmapper for PRD management server
 +sudo iptables -I INPUT -p tcp -s 10.10.100.10 --dport 2049 -j ACCEPT
 +sudo iptables -I INPUT -p udp -s 10.10.100.10 --dport 2049 -j ACCEPT
 +sudo iptables -I INPUT -p tcp -s 10.10.100.10 --dport 111 -j ACCEPT
 +sudo iptables -I INPUT -p udp -s 10.10.100.10 --dport 111 -j ACCEPT
 +sudo iptables -I INPUT -p tcp -s 10.10.100.10 --dport 892 -j ACCEPT
 +sudo iptables -I INPUT -p udp -s 10.10.100.10 --dport 892 -j ACCEPT
 +sudo iptables -I INPUT -p tcp -s 10.10.100.10 --dport 662 -j ACCEPT
 +sudo iptables -I INPUT -p udp -s 10.10.100.10 --dport 662 -j ACCEPT
 +sudo iptables -I INPUT -p tcp -s 10.10.100.10 --dport 32803 -j ACCEPT
 +sudo iptables -I INPUT -p udp -s 10.10.100.10 --dport 32769 -j ACCEPT
 +sudo service iptables save
 +</​code>​
 +
 +> Note that you could skip the portmapper port (111) in case you would run a pure NFSv4 environment. ​
 +
 += TIP on AutoFS for HomeDirs =
 +After you've configured the auto mounting for home directories in [[redhat65management#​configure_autofs_for_homedirs]] you might want to set some special things. It might be convenient to set a different home directoy place, so in the properties in the AD account change the homedir value: \\
 +{{redhatnfsserver01.jpg}} \\
 +
 +You also have to create the home directories for the users manually due to some bugs and SELinux constraints. I will create an automatic script for this but that is not finished yes. For now follow these steps to create the homedir:
 +* sudo mkdir /​data/​all-servers-home/​adminsjoerd
 +* sudo cp -R /​etc/​skel/​.??​* /​data/​all-servers-home/​adminsjoerd
 +* sudo chown -R adminsjoerd:​UNIX-Servers-AdminGroup /​data/​all-servers-home/​adminsjoerd
 +
 +If you want to use the same directory on the NFS server itself also create a symbolic link to the share:
 +* cd /home 
 +* ln -s /​data/​all-servers-home/​ GETSHIFTING
 +
 += More Information =
 +== NFS Version ==
 +You can see the NFS version of the shares with the rcpinfo command. Running that will show the NFS version in the second column:
 +<code bash>
 +rpcinfo -p
 +
 +   ​program vers proto   ​port ​ service
 +    100000 ​   4   ​tcp ​   111  portmapper
 +    100000 ​   3   ​tcp ​   111  portmapper
 +    100000 ​   2   ​tcp ​   111  portmapper
 +    100000 ​   4   ​udp ​   111  portmapper
 +    100000 ​   3   ​udp ​   111  portmapper
 +    100000 ​   2   ​udp ​   111  portmapper
 +    100024 ​   1   ​udp ​ 38834  status
 +    100024 ​   1   ​tcp ​ 54364  status
 +    100011 ​   1   ​udp ​   875  rquotad
 +    100011 ​   2   ​udp ​   875  rquotad
 +    100011 ​   1   ​tcp ​   875  rquotad
 +...<​cut>​...
 +</​code>​
 +
 +== Errors ==
 +Error:
 +<code bash>
 +clnt_create:​ RPC: Port mapper failure - Unable to receive: errno 113 (No route to host)
 +</​code>​
 +Solution: Open the correct firewall ports
 +\\
 +
 +Error:
 +<code bash>
 +rpc mount export: RPC: Unable to receive; errno = No route to host
 +</​code>​
 +Solution: Uncomment the ports in /​etc/​sysconfig/​nfs and open the specified ports in the firewall
 +
 +
 +== NFS Resources ==
 +* http://​www.tecmint.com/​how-to-setup-nfs-server-in-linux/ ​
 +* http://​www.cyberciti.biz/​faq/​centos-fedora-rhel-nfs-v4-configuration/ ​
 +* http://​computernetworkingnotes.com/​network-administration/​how-to-configure-nfs-server-in-rhel-6.html ​
 +* http://​geekinlinux.blogspot.nl/​2011/​11/​open-iptables-to-allow-clients-to.html ​
 +
 +{{tag>​redhat linux storage network}}
redhatnfsserver.txt ยท Last modified: 2014/08/05 22:40 by sjoerd