unix:freebsd:system_builds:nfsserver
no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
Previous revisionNext revision | |||
— | unix:freebsd:system_builds:nfsserver [2019/11/08 17:52] – [Configure and start NFS] rodolico | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Build NFS Server ====== | ||
+ | |||
+ | This is a total rewrite since FreeBSD and ZFS have the ability to export nfs directly. You can always not use the sharenfs function in zfs (ie, sharenfs=off) and use the standard way of exporting. ZFS running nfs actually is not as pretty as the old way, but it is very efficient for maintenance. | ||
+ | |||
+ | The following assumes you have a zpool named //storage// and you will create a tree of nfs exportable directories under that. | ||
+ | |||
+ | For our needs, we want some exports that will go to our Linux Xen machines, which will have common data between them. For example, our xen configuration files should be available across all of our DOM0' | ||
+ | |||
+ | We also want to export to a couple of running virtuals to store large amounts of data. Since they have public interfaces, we need to set up our nfs server to only allow limited access to our nfs server, both by limiting through nfs and also with firewalls. | ||
+ | |||
+ | ===== Set up storage space ===== | ||
+ | |||
+ | First, we need some directories to export. Since we want to configure space, etc..., we will do this by creating zfs entries. | ||
+ | |||
+ | <code bash> | ||
+ | zfs create -o atime=off -o dedup=off -o mountpoint=/ | ||
+ | |||
+ | zfs create -o quota=100G storage/ | ||
+ | mkdir -p / | ||
+ | mkdir -p / | ||
+ | mkdir -p / | ||
+ | chmod 777 / | ||
+ | |||
+ | zfs create storage/ | ||
+ | zfs create storage/ | ||
+ | </ | ||
+ | |||
+ | Note that we created storage/ | ||
+ | |||
+ | We then created storage/ | ||
+ | |||
+ | Finally, we create two stores for some servers to put their stuff in, and we limit access to them to only the server itself. | ||
+ | |||
+ | ===== Configure and start NFS ===== | ||
+ | |||
+ | NFS can be exported via ZFS, but that appears to be a little flaky still, so I went back to the old, tried and true (v1 was built by Sun Microsystems in 1984). On FreeBSD (and everything else I've worked on), this is done via the /// | ||
+ | |||
+ | <code bash exports> | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | **Note:** <code bash> | ||
+ | |||
+ | This allows servers at IP addresses 10.81.210.37 and 10.81.210.32 to access / | ||
+ | |||
+ | There are tons of other options. See [[https:// | ||
+ | |||
+ | You can now start nfs by | ||
+ | <code bash> | ||
+ | which will start rpcbind and nfsd. If you have an error, you can shut it down with two commands: | ||
+ | <code bash> | ||
+ | service nfsd onestop | ||
+ | service rpcbind onestop | ||
+ | </ | ||
+ | |||
+ | When you have no errors, you can set this up to be permenant by adding the following to / | ||
+ | |||
+ | <code bash rc.conf.additional> | ||
+ | rpcbind_enable=" | ||
+ | nfs_server_enable=" | ||
+ | # the -h below binds nfsd to a specific IP, so a machine with | ||
+ | # multiple IP's will only respond if this one is used for the | ||
+ | # request | ||
+ | mountd_flags=" | ||
+ | # uncomment the following lines if server side file locks are | ||
+ | # needed. Note you must replicate this on the clients | ||
+ | # | ||
+ | # | ||
+ | </ | ||
+ | |||
+ | nfs will now be enabled at boot time. Note the two commented lines beginning with rpc_. Enabling these if you ever need server side locking on your nfs mounts. You must also enable them on each client. Locks will then be honored for all clients which access this mount. | ||
+ | |||
+ | Note the mountd_flags entry. mountd is what actually handles the mount request from clients. The -r flag allows individual files to be mounted, such as swap a swap file, or a virtual image. Additional flags may be specified. See //man 5 mountd// for more information. Two nice ones are the -h and -p flags which allow you to specify the IP and Port mountd will listen on. | ||
+ | |||
+ | |||
+ | ===== Links ===== | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * http:// | ||
+ | * [https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | * https:// | ||
+ | |||
unix/freebsd/system_builds/nfsserver.txt · Last modified: 2023/01/17 20:40 by rodolico