Wednesday 6 July 2011

NFS -- Provide network shares to specific clients

The crux of this objective lies with the /etc/exports file, which is where all the available nfs shares are configured.

In the exam you might have to install nfs, which you can do with:
yum install nfs-utils -y
You will need to open the firewall for port 2049 (don't forget to save it):
iptables -I INPUT -p tcp --dport nfs -j ACCEPT
iptables -I INPUT -p udp --dport nfs -j ACCEPT
Make sure that nfs starts with the system (Make sure the rpcbind is also set to start with the system):
chkconfig nfs on
chkconfig nfslock on
There are a few SELinux settings related to nfs (default settings):
allow_ftpd_use_nfs --> off
allow_nfsd_anon_write --> off
git_system_use_nfs --> off
httpd_use_nfs --> off
nfs_export_all_ro --> on
nfs_export_all_rw --> on
qemu_use_nfs --> on
samba_share_nfs --> off
use_nfs_home_dirs --> on
virt_use_nfs --> off
xen_use_nfs --> off
You can now start nfs with:
service nfs start
Let's get back to the objective, say you want to share directory /distro to all clients in your network, you'll need to edit /etc/exports like this (assuming that your network is 10.168.20.0):
/distro  10.168.20.0/24(ro)
Note that there is no space between the address/mask and the export options. Similarly, if you just want to share to a single client you can specify it by ip address or hostname or even fqdn, like this:
/distro 10.168.20.225(ro,sync)
/distro rhel6test.dev.com(ro,sync)
/distro 10.168.20.225(ro,sync) rhel6test.dev.com(ro,sync)
/distro 10.168.20.0/24(ro,sync) rhel6(ro,sync)
Note that the third line is the same as the first two lines combined and the fourth is just another example of how options can be combined.
You can now export the filesystems and restart nfs with:
exportfs -av; service nfs restart

No comments:

Post a Comment