Create an NFS Server on Oracle Linux

8
0
Send lab feedback

Create an NFS Server on Oracle Linux

Introduction

What is NFS? Network File System (NFS) is a protocol for a distributed file system that allows users to read and write files over the network and interact with them as if they are mounted locally. Developed by Sun Microsystems in 1984, NFS continues to be a popular way to consolidate resources and then share them on the network. Currently, Oracle Linux supports NFS version 3 (NFSv3) and NFS version 4 (NFSv4) and will default to NFSv4 when mounting shares if the server supports it.

Objectives

In this tutorial, you will learn how to:

  • Install the NFS utility package
  • Configure an NFS server
  • Mount NFS shares
  • Configure the autofs utility

Prerequisites

  • Minimum of two Oracle Linux systems

  • Each system should have Oracle Linux installed and configured with:

    • A non-root user account with sudo access
    • Key-based SSH, also known as password-less SSH, between the hosts
    • Access to the Internet

Deploy Oracle Linux

Note: If running in your own tenancy, read the linux-virt-labs GitHub project README.md and complete the prerequisites before deploying the lab environment.

  1. Open a terminal on the Luna Desktop.

  2. Clone the linux-virt-labs GitHub project.

    git clone https://github.com/oracle-devrel/linux-virt-labs.git
  3. Change into the working directory.

    cd linux-virt-labs/ol
  4. Install the required collections.

    ansible-galaxy collection install -r requirements.yml
  5. Update the Oracle Linux instance configuration.

    cat << EOF | tee instances.yml > /dev/null
    compute_instances:
      1:
        instance_name: "ol-node-01"
        type: "server"
      2:
        instance_name: "ol-node-02"
        type: "server"
    passwordless_ssh: true
    EOF
  6. Deploy the lab environment.

    ansible-playbook create_instance.yml -e localhost_python_interpreter="/usr/bin/python3.6" -e "@instances.yml" -e use_nfs=true

    The free lab environment requires the extra variable local_python_interpreter, which sets ansible_python_interpreter for plays running on localhost. This variable is needed because the environment installs the RPM package for the Oracle Cloud Infrastructure SDK for Python, located under the python3.6 modules.

    The default deployment shape uses the AMD CPU and Oracle Linux 8. To use an Intel CPU or Oracle Linux 9, add -e instance_shape="VM.Standard3.Flex" or -e os_version="9" to the deployment command.

    Important: Wait for the playbook to run successfully and reach the pause task. At this stage of the playbook, the installation of Oracle Linux is complete, and the instances are ready. Take note of the previous play, which prints the public and private IP addresses of the nodes it deploys and any other deployment information needed while running the lab.

Install the NFS Utilities Package on the Server Instance

  1. Open a terminal and connect via SSH to the ol-node-01 instance.

    ssh oracle@<ip_address_of_instance>
  2. Install the nfs-utils package.

    sudo dnf install -y nfs-utils

    This command will install the daemon and tools associated with the kernel NFS server.

Create an NFS Share

  1. Create a directory to contain your shared files.

    sudo mkdir /nfs-share
  2. Create a series of test files.

    sudo fallocate -l 10MB /nfs-share/file1
    sudo fallocate -l 10MB /nfs-share/file2
    echo "This is a shared text file." | sudo tee /nfs-share/shared-text.txt > /dev/null

    These commands create two 10MB files and a standard text file.

  3. Verify the files created successfully.

    ls -lh /nfs-share
  4. Change permissions on the files.

    sudo chmod -R 777 /nfs-share

    For ease, we use chmod -R 777, which sets the local file permissions for everyone to read/write/execute. This setting minimalizes the need for additional NFS share options in this exercise where the UID/GUID of the client user does not match the server and defaults to the nobody account on the server.. This minimalizes the need for additional NFS share options in this exercise where the UID/GUID of the client user does not match the server and defaults to the nobody account on the server.

    Evaluate whether these permissions are appropriate for your environment before running them in production.

    For more details, check out man nfs.

  5. Define the share in /etc/exports.

    Each entry has the format export host1(options1) host2(options2) host3(options3).

    echo "/nfs-share  ol-node-02(rw)" | sudo tee -a /etc/exports > /dev/null

    The ol-node-02 is the client instance's hostname or IP address, and (rw) indicates the share is read-write for that instance.

    If the entry was /nfs-share ol-node-02 (rw), notice the space between ol-node-02 and (rw), then the single client mentioned would have read-only (default) access, while the rest of the world has read/write.

Start the NFS Server

  1. Set the firewall to allow NFS traffic.

    sudo firewall-cmd --permanent --zone=public --add-service=nfs
    sudo firewall-cmd --reload
    sudo firewall-cmd --list-all
    • --permanent ensures the setting persists after a system reboot
    • --list-all will display the firewall settings and show that NFS traffic is allowed
  2. Enable and start the NFS service.

    sudo systemctl enable --now nfs-server
    showmount -e

    The showmount command displays the shares available using the NFS server.

Add Another Share

  1. Create a new folder.

    sudo mkdir /nfs-share2
  2. Create a new share using exportfs.

    sudo exportfs -i -o rw *:/nfs-share2
    showmount -e
    • -i causes the new share to ignore any values set in /etc/exports
    • -o passes the share options
    • * makes the share available to all clients
  3. Show the new share added using exportfs does not persist a service restart.

    sudo systemctl restart nfs-server
    showmount -e
  4. Add the new share to /etc/exports to persist system restarts.

    echo "/nfs-share2 *(rw)" | sudo tee -a /etc/exports > /dev/null
    sudo exportfs -r
    showmount -e
    • -r in exportfs refreshes the export list with any changes made to /etc/exports

Install the NFS Utilities Package on the Client Instance

  1. Open a terminal and connect via SSH to the ol-node-02 instance.

    ssh oracle@<ip_address_of_instance>
  2. Install the nfs-utils package.

    sudo dnf install -y nfs-utils

Mount the NFS Share

  1. Create a directory for the mount point.

    sudo mkdir /nfs-mount
  2. Mount the share and get a directory listing.

    sudo mount ol-node-01:/nfs-share /nfs-mount
    ls -lh /nfs-mount

    Where ol-node-01 is the hostname or IP address of the NFS server instance.

  3. Test access to the NFS share.

    echo "Hello World!" >> /nfs-mount/shared-text.txt
    cat /nfs-mount/shared-text.txt

Root Squashing

Enabled by default in Oracle Linux, "root squashing" is a share-level configuration option that prevents a remote root user from having root access to the network file system. We recommend leaving "root squashing" enabled for proper security, but the following steps will show client-side root-level access when disabled.

  1. Try changing permissions on a file in the NFS share from ol-node-02.

    sudo chmod 766 /nfs-mount/shared-text.txt

    The output shows permission denied even though the command uses sudo.

  2. Switch to the terminal connected to ol-node-01.

  3. Disable root_squash on the share.

    echo "/nfs-share ol-node-02(rw,no_root_squash)" | sudo tee /etc/exports > /dev/null

    Where ol-node-02 is the hostname or IP address of the client instance.

  4. Restart the NFS server.

    sudo systemctl restart nfs-server
  5. Switch to the terminal connected to ol-node-02.

  6. Try changing permissions on the file again.

    sudo chmod 766 /nfs-mount/shared-text.txt
    ls -lh /nfs-mount

    The output shows the execute permissions removed from the group and other columns.

Mount Share Using fstab

To have the mounted share available after a reboot of the client instance, add an entry to the fstab file.

  1. Unmount the NFS share.

    sudo umount /nfs-mount
    ls -lh /nfs-mount

    The ls -lh shows the directory is empty and therefore not mounted.

  2. Update the fstab file.

    echo "ol-node-01:/nfs-share  /nfs-mount  nfs  rw  0 0" | sudo tee -a /etc/fstab > /dev/null
    tail -n5 /etc/fstab

    Where ol-node-01 is the hostname or IP address of the server instance.

    tail -n5 displays the last five lines in the /etc/fstab file.

  3. Mount and verify the share is accessible.

    sudo mount -a
    ls -lh /nfs-mount
  4. Unmount and Remove the Share

    sudo umount /nfs-mount
    sudo sed -i '$ d' /etc/fstab

Install the autofs Package

  1. Install the package.

    sudo dnf install -y autofs
  2. Verify the installation.

    The autofs utilities install various configuration maps under the /etc directory.

    ls -lh /etc/auto*

Configure the Master Map File

This file is the first of two files read by the autofs service. The master map file, located in /etc/auto.master, contains entries in the following format:

mount-point [map-type[,format]:]map [options]

Rather than edit the main file, the service also includes and reads files conforming to this format when placed in the /etc/auto.master.d directory.

  1. Add a master map entry file.

    echo "/nfs-mount  /etc/auto.mynfs  --timeout=180" | sudo tee /etc/auto.master.d/mynfs.autofs > /dev/null

    This entry defines the mount point as /nfs-mount and the map file as auto.mynfs. The share will automatically unmount after 180 seconds if the client does not act on the share. The file created has an extension of .autofs.

  2. Verify the entry.

    ls -lh /etc/auto.master.d
    cat /etc/auto.master.d/mynfs.autofs

    For more details on autofs map files, check out man auto.master.

Configure a Map File

This map file is the second file read by the autofs service. The map files contain entries using the following format:

mount-point mount-options location

  1. Create the map file.

    echo "mynfs  -fstype=nfs,rw,soft,intr  ol-node-01:/nfs-share" | sudo tee /etc/auto.mynfs > /dev/null

    Where:

    • mynfs is a mount point.
    • -fstype=nfs is the file system type, and rw,soft,intr are mount options.
    • ol-node-01 is the hostname or IP address of the NFS server instance.
    • :/nfs-share is the NFS share.

    Check out man mount for more details on the various mount options.

Start the Service

  1. Start and enable the autofs service in a single step.

    sudo systemctl enable --now autofs

Try to Access the Mount Point

The mount point for the NFS share is /nfs-mount/mynfs.

  1. Change to the mount point and get a directory listing.

    cd /nfs-mount/mynfs; ls -l

    The output displays a list of files from the NFS server.

  2. Get a report showing the list of file systems and their disk usage.

    df -Th

    The output shows the NFS share and the autofs mount point details.

Next Steps

Through the steps in this tutorial, we have shown how to create an NFS server and use several methods to mount its shares within Oracle Linux. Using these steps as a starting point will help you as an administrator to share files and resources with your users for applications and other purposes. For further topics and training, see the Related Links section below.

SSR