Create an NFS Server on Oracle Linux
Introduction
What is NFS? Network File System (NFS) is a protocol for a distributed file system that allows users to read and write files over the network and interact with them as if they are mounted locally. Developed by Sun Microsystems in 1984, NFS continues to be a popular way to consolidate resources and then share them on the network. Currently, Oracle Linux supports NFS version 3 (NFSv3) and NFS version 4 (NFSv4) and will default to NFSv4 when mounting shares if the server supports it.
Objectives
In this tutorial, you will learn how to:
- Install the NFS utility package
- Configure an NFS server
- Mount NFS shares
- Configure the autofs utility
Prerequisites
Minimum of two Oracle Linux systems
Each system should have Oracle Linux installed and configured with:
- A non-root user account with sudo access
- Key-based SSH, also known as password-less SSH, between the hosts
- Access to the Internet
Deploy Oracle Linux
Note: If running in your own tenancy, read the linux-virt-labs
GitHub project README.md and complete the prerequisites before deploying the lab environment.
Open a terminal on the Luna Desktop.
Clone the
linux-virt-labs
GitHub project.git clone https://github.com/oracle-devrel/linux-virt-labs.git
Change into the working directory.
cd linux-virt-labs/ol
Install the required collections.
ansible-galaxy collection install -r requirements.yml
Update the Oracle Linux instance configuration.
cat << EOF | tee instances.yml > /dev/null compute_instances: 1: instance_name: "ol-node-01" type: "server" 2: instance_name: "ol-node-02" type: "server" passwordless_ssh: true EOF
Deploy the lab environment.
ansible-playbook create_instance.yml -e localhost_python_interpreter="/usr/bin/python3.6" -e "@instances.yml" -e use_nfs=true
The free lab environment requires the extra variable
local_python_interpreter
, which setsansible_python_interpreter
for plays running on localhost. This variable is needed because the environment installs the RPM package for the Oracle Cloud Infrastructure SDK for Python, located under the python3.6 modules.The default deployment shape uses the AMD CPU and Oracle Linux 8. To use an Intel CPU or Oracle Linux 9, add
-e instance_shape="VM.Standard3.Flex"
or-e os_version="9"
to the deployment command.Important: Wait for the playbook to run successfully and reach the pause task. At this stage of the playbook, the installation of Oracle Linux is complete, and the instances are ready. Take note of the previous play, which prints the public and private IP addresses of the nodes it deploys and any other deployment information needed while running the lab.
Install the NFS Utilities Package on the Server Instance
Open a terminal and connect via SSH to the ol-node-01 instance.
ssh oracle@<ip_address_of_instance>
Install the nfs-utils package.
sudo dnf install -y nfs-utils
This command will install the daemon and tools associated with the kernel NFS server.
Create an NFS Share
Create a directory to contain your shared files.
sudo mkdir /nfs-share
Create a series of test files.
sudo fallocate -l 10MB /nfs-share/file1 sudo fallocate -l 10MB /nfs-share/file2 echo "This is a shared text file." | sudo tee /nfs-share/shared-text.txt > /dev/null
These commands create two 10MB files and a standard text file.
Verify the files created successfully.
ls -lh /nfs-share
Change permissions on the files.
sudo chmod -R 777 /nfs-share
For ease, we use
chmod -R 777
, which sets the local file permissions for everyone to read/write/execute. This setting minimalizes the need for additional NFS share options in this exercise where the UID/GUID of the client user does not match the server and defaults to thenobody
account on the server.. This minimalizes the need for additional NFS share options in this exercise where the UID/GUID of the client user does not match the server and defaults to thenobody
account on the server.Evaluate whether these permissions are appropriate for your environment before running them in production.
For more details, check out
man nfs
.Define the share in
/etc/exports
.Each entry has the format
export host1(options1) host2(options2) host3(options3)
.echo "/nfs-share ol-node-02(rw)" | sudo tee -a /etc/exports > /dev/null
The
ol-node-02
is the client instance's hostname or IP address, and(rw)
indicates the share is read-write for that instance.If the entry was
/nfs-share ol-node-02 (rw)
, notice the space betweenol-node-02
and(rw)
, then the single client mentioned would have read-only (default) access, while the rest of the world has read/write.
Start the NFS Server
Set the firewall to allow NFS traffic.
sudo firewall-cmd --permanent --zone=public --add-service=nfs sudo firewall-cmd --reload sudo firewall-cmd --list-all
--permanent
ensures the setting persists after a system reboot--list-all
will display the firewall settings and show that NFS traffic is allowed
Enable and start the NFS service.
sudo systemctl enable --now nfs-server showmount -e
The
showmount
command displays the shares available using the NFS server.
Add Another Share
Create a new folder.
sudo mkdir /nfs-share2
Create a new share using
exportfs
.sudo exportfs -i -o rw *:/nfs-share2 showmount -e
-i
causes the new share to ignore any values set in/etc/exports
-o
passes the share options*
makes the share available to all clients
Show the new share added using
exportfs
does not persist a service restart.sudo systemctl restart nfs-server showmount -e
Add the new share to
/etc/exports
to persist system restarts.echo "/nfs-share2 *(rw)" | sudo tee -a /etc/exports > /dev/null sudo exportfs -r showmount -e
-r
inexportfs
refreshes the export list with any changes made to/etc/exports
Install the NFS Utilities Package on the Client Instance
Open a terminal and connect via SSH to the ol-node-02 instance.
ssh oracle@<ip_address_of_instance>
Install the nfs-utils package.
sudo dnf install -y nfs-utils
Mount the NFS Share
Create a directory for the mount point.
sudo mkdir /nfs-mount
Mount the share and get a directory listing.
sudo mount ol-node-01:/nfs-share /nfs-mount ls -lh /nfs-mount
Where
ol-node-01
is the hostname or IP address of the NFS server instance.Test access to the NFS share.
echo "Hello World!" >> /nfs-mount/shared-text.txt cat /nfs-mount/shared-text.txt
Root Squashing
Enabled by default in Oracle Linux, "root squashing" is a share-level configuration option that prevents a remote root user from having root access to the network file system. We recommend leaving "root squashing" enabled for proper security, but the following steps will show client-side root-level access when disabled.
Try changing permissions on a file in the NFS share from ol-node-02.
sudo chmod 766 /nfs-mount/shared-text.txt
The output shows permission denied even though the command uses
sudo
.Switch to the terminal connected to ol-node-01.
Disable
root_squash
on the share.echo "/nfs-share ol-node-02(rw,no_root_squash)" | sudo tee /etc/exports > /dev/null
Where
ol-node-02
is the hostname or IP address of the client instance.Restart the NFS server.
sudo systemctl restart nfs-server
Switch to the terminal connected to ol-node-02.
Try changing permissions on the file again.
sudo chmod 766 /nfs-mount/shared-text.txt ls -lh /nfs-mount
The output shows the execute permissions removed from the group and other columns.
Mount Share Using fstab
To have the mounted share available after a reboot of the client instance, add an entry to the fstab
file.
Unmount the NFS share.
sudo umount /nfs-mount ls -lh /nfs-mount
The
ls -lh
shows the directory is empty and therefore not mounted.Update the
fstab
file.echo "ol-node-01:/nfs-share /nfs-mount nfs rw 0 0" | sudo tee -a /etc/fstab > /dev/null tail -n5 /etc/fstab
Where
ol-node-01
is the hostname or IP address of the server instance.tail -n5
displays the last five lines in the/etc/fstab
file.Mount and verify the share is accessible.
sudo mount -a ls -lh /nfs-mount
Unmount and Remove the Share
sudo umount /nfs-mount sudo sed -i '$ d' /etc/fstab
Install the autofs Package
Install the package.
sudo dnf install -y autofs
Verify the installation.
The autofs utilities install various configuration maps under the
/etc
directory.ls -lh /etc/auto*
Configure the Master Map File
This file is the first of two files read by the autofs service. The master map file, located in /etc/auto.master
, contains entries in the following format:
mount-point [map-type[,format]:]map [options]
Rather than edit the main file, the service also includes and reads files conforming to this format when placed in the /etc/auto.master.d
directory.
Add a master map entry file.
echo "/nfs-mount /etc/auto.mynfs --timeout=180" | sudo tee /etc/auto.master.d/mynfs.autofs > /dev/null
This entry defines the mount point as
/nfs-mount
and the map file asauto.mynfs
. The share will automatically unmount after 180 seconds if the client does not act on the share. The file created has an extension of.autofs
.Verify the entry.
ls -lh /etc/auto.master.d cat /etc/auto.master.d/mynfs.autofs
For more details on autofs map files, check out
man auto.master
.
Configure a Map File
This map file is the second file read by the autofs service. The map files contain entries using the following format:
mount-point mount-options location
Create the map file.
echo "mynfs -fstype=nfs,rw,soft,intr ol-node-01:/nfs-share" | sudo tee /etc/auto.mynfs > /dev/null
Where:
mynfs
is a mount point.-fstype=nfs
is the file system type, andrw,soft,intr
are mount options.ol-node-01
is the hostname or IP address of the NFS server instance.:/nfs-share
is the NFS share.
Check out
man mount
for more details on the various mount options.
Start the Service
Start and enable the autofs service in a single step.
sudo systemctl enable --now autofs
Try to Access the Mount Point
The mount point for the NFS share is /nfs-mount/mynfs
.
Change to the mount point and get a directory listing.
cd /nfs-mount/mynfs; ls -l
The output displays a list of files from the NFS server.
Get a report showing the list of file systems and their disk usage.
df -Th
The output shows the NFS share and the autofs mount point details.
Next Steps
Through the steps in this tutorial, we have shown how to create an NFS server and use several methods to mount its shares within Oracle Linux. Using these steps as a starting point will help you as an administrator to share files and resources with your users for applications and other purposes. For further topics and training, see the Related Links section below.