Deploy An NFS Server

What is NFS?

"NFS stands for Network File System, a file system developed by Sun Microsystems, Inc. It is a client/server system that allows users to access files across a network and treat them as if they resided in a local file directory" "The NFS protocol is designed to be independent of the computer, operating system, network architecture, and transport protocol. This means that systems using the NFS service may be manufactured by different vendors, use different operating systems, and be connected to networks with different architectures. These differences are transparent to the NFS application, and thus, the user. "
[ source ]

Host Installation Steps

To set up an NFS host in Ubuntu, you need to run the following command to install the necessary packages:

sudo apt-get install nfs-kernel-server nfs-common -y
Add lines to your
/etc/exports file
, specifying the directory locations that you want shared on the network like below:
sudo $EDITOR /etc/exports
Here's another example with comments explaining each part.
# Share the top level 'files' directory
# Allow access from computers accessing from the IPs in the range of 192.168.1.1 -> 192.168.1.255
# The client can access/edit files as if they were a root user on the host
# Grant both read and write access (rw)
/files 192.168.1.1/24(rw,no_root_squash,async)

If you want to allow read only access, you need to specify "ro", not just "r"

You cannot export encrypted directories. This means that if you selected "encrypt home directory" during your Ubuntu installation, you cannot export your home directory, or any of its subdirectories.

root_squash or no_root_squash?

The option root_squash prevents root users connected remotely from having root privileges and assigns them the nfsnobody user ID. This effectively "squashes" the power of the remote root user to the lowest local user, preventing unauthorized alteration of files on the NFS host.

The alternative option no_root_squash, allows the root user on the client to access/create files as root on the NFS host which is dangerous, so don't enable this unless you know that you need to. Typically this is needed if one is hosting root filesystems on an NFS server for diskless clients (e.g. AWS EC2).

async or sync?

Async mode (which is the default) means that the system will reply to a client's write request, stating that it has completed, as soon as it has handled the request by passing it off to the filesystem to manage, rather than waiting for it to be written to stable storage (e.g. replying as soon as it has gone into cache rather than disk). This yields much better performance at the expense in a risk of data corruption should the server reboot or lose power whilst still holding data in cache.
If your system needs to work with other proprietary systems that work with NFS (Solaris, HP-UX, RS/6000, etc.), you will need to enable sync mode.

subtree_check or no_subtree_check?

There is a great explanation of this here, but to sum up, the subtree_check causes the host to check that a client request is not going outside the domain of the exported directory. This is only necessary when you are exporting a subdirectory within a filesystem and not the entire filesystem. However, this can cause issues, so the best choice of action is this: always use no_subtree_check (the default), and if you are making a public NFS, then set up the disk partitions so that you are only ever exporting entire filesystems.

Applying Export Changes

Whenever you make changes to the /etc/exports file, for them to take effect you need to run the following command which will let you know if there are any issues, and tell you about any defaults it assumes.

sudo exportfs -a

Restart NFS Service

You can restart the NFS service at any point with the following command:

sudo /etc/init.d/nfs-kernel-server restart

Conclusion

Now you have deployed an NFS server, you probably want to configure some clients to use it.

References

Author

Programster

Stuart is a software developer with a passion for Linux and open source projects.

comments powered by Disqus
We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites. More info.