SHIFT-WIKI

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


redhatnfsserver

Red Hat 6.5 NFS Server

This server is installed using the kickstart as described in Red Hat Enterprise Linux 6.5 Management Server. It provides a few shares for the business application, but it also provides the home directories share, so users have the same home directory on all servers.

First we will install NFS server and configure shares.

Deploy NFS Server

The NFS software is already installed by the installation, which can be checked like this:

# yum list installed | grep nfs
nfs-utils.x86_64                          1:1.2.3-39.el6                      @anaconda-RedHatEnterpriseLinux-201311111358.x86_64/6.5
nfs-utils-lib.x86_64                      1.1.5-6.el6                         @anaconda-RedHatEnterpriseLinux-201311111358.x86_64/6.5

Create Share Directories

For now I need two shares, one for moving around data (business_tmp) and the home directores:

mkdir /data/all-servers-home
mkdir /data/all-servers-business_tmp

Create NFS Shares

Add the required shares and their permissions in /etc/exports:

# Share the home directory will all redhat 6.5 servers
/data/all-servers-home clientprd*.getshifting.local(rw,sync)
/data/all-servers-home dbserverprd*.getshifting.local(rw,sync)
/data/all-servers-home managementserver.getshifting.local(rw,sync)
# Share the business_tmp directory will all unix and redhat servers
/data/all-servers-business_tmp clientprd*.getshifting.local(rw,sync)
/data/all-servers-business_tmp dbserverprd*.getshifting.local(rw,sync)

Start NFS Service

You can now start the NFS service and make it available after reboots like this:

service nfs restart
chkconfig nfs on 

You can now check the local shares by issuing this command:

showmount -e
 
Export list for nfsserver.getshifting.local:
/data/all-servers-business_tmp clientprd*.getshifting.local,dbserverprd*.getshifting.local
/data/all-servers-home     clientprd*.getshifting.local,dbserverprd*.getshifting.local,managementserver.getshifting.local
Note that if you want to run this against a remote server you need to add the remote servername to the command: showmount -e nfsserver

Open Firewall Ports

If you would run the command as described above to check if the shares are available you'll see that they are not. The system comes with a firewall by default so you first need to open the correct ports, which is done with the iptables command. However, since the port mapper can use different ports you first have to configure a few ports in the NFS config so you know which ports to open.

Configure Ports

I want to keep the default so simply uncomment the correct lines in the /etc/sysconfig/nfs file:

LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
STATD_PORT=662

Open the Ports

Open the ports using the iptables command (here used with sudo):

# open ports for NFS and portmapper for PRD
sudo iptables -I INPUT -p tcp -s 10.10.10.0/24 --dport 2049 -j ACCEPT
sudo iptables -I INPUT -p udp -s 10.10.10.0/24 --dport 2049 -j ACCEPT
sudo iptables -I INPUT -p tcp -s 10.10.10.0/24 --dport 111 -j ACCEPT
sudo iptables -I INPUT -p udp -s 10.10.10.0/24 --dport 111 -j ACCEPT
sudo iptables -I INPUT -p tcp -s 10.10.10.0/24 --dport 892 -j ACCEPT
sudo iptables -I INPUT -p udp -s 10.10.10.0/24 --dport 892 -j ACCEPT
sudo iptables -I INPUT -p tcp -s 10.10.10.0/24 --dport 662 -j ACCEPT
sudo iptables -I INPUT -p udp -s 10.10.10.0/24 --dport 662 -j ACCEPT
sudo iptables -I INPUT -p tcp -s 10.10.10.0/24 --dport 32803 -j ACCEPT
sudo iptables -I INPUT -p udp -s 10.10.10.0/24 --dport 32769 -j ACCEPT
# open ports for NFS and portmapper for PRD management server
sudo iptables -I INPUT -p tcp -s 10.10.100.10 --dport 2049 -j ACCEPT
sudo iptables -I INPUT -p udp -s 10.10.100.10 --dport 2049 -j ACCEPT
sudo iptables -I INPUT -p tcp -s 10.10.100.10 --dport 111 -j ACCEPT
sudo iptables -I INPUT -p udp -s 10.10.100.10 --dport 111 -j ACCEPT
sudo iptables -I INPUT -p tcp -s 10.10.100.10 --dport 892 -j ACCEPT
sudo iptables -I INPUT -p udp -s 10.10.100.10 --dport 892 -j ACCEPT
sudo iptables -I INPUT -p tcp -s 10.10.100.10 --dport 662 -j ACCEPT
sudo iptables -I INPUT -p udp -s 10.10.100.10 --dport 662 -j ACCEPT
sudo iptables -I INPUT -p tcp -s 10.10.100.10 --dport 32803 -j ACCEPT
sudo iptables -I INPUT -p udp -s 10.10.100.10 --dport 32769 -j ACCEPT
sudo service iptables save
Note that you could skip the portmapper port (111) in case you would run a pure NFSv4 environment.

TIP on AutoFS for HomeDirs

After you've configured the auto mounting for home directories in configure_autofs_for_homedirs you might want to set some special things. It might be convenient to set a different home directoy place, so in the properties in the AD account change the homedir value:
redhatnfsserver01.jpg

You also have to create the home directories for the users manually due to some bugs and SELinux constraints. I will create an automatic script for this but that is not finished yes. For now follow these steps to create the homedir:

  • sudo mkdir /data/all-servers-home/adminsjoerd
  • sudo cp -R /etc/skel/.??* /data/all-servers-home/adminsjoerd
  • sudo chown -R adminsjoerd:UNIX-Servers-AdminGroup /data/all-servers-home/adminsjoerd

If you want to use the same directory on the NFS server itself also create a symbolic link to the share:

  • cd /home
  • ln -s /data/all-servers-home/ GETSHIFTING

More Information

NFS Version

You can see the NFS version of the shares with the rcpinfo command. Running that will show the NFS version in the second column:

rpcinfo -p
 
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  38834  status
    100024    1   tcp  54364  status
    100011    1   udp    875  rquotad
    100011    2   udp    875  rquotad
    100011    1   tcp    875  rquotad
...<cut>...

Errors

Error:

clnt_create: RPC: Port mapper failure - Unable to receive: errno 113 (No route to host)

Solution: Open the correct firewall ports

Error:

rpc mount export: RPC: Unable to receive; errno = No route to host

Solution: Uncomment the ports in /etc/sysconfig/nfs and open the specified ports in the firewall

NFS Resources

redhatnfsserver.txt · Last modified: 2021/09/24 00:25 by 127.0.0.1