Deploy An NFS Server
What is NFS?
"NFS stands for Network File System, a file system developed by Sun Microsystems, Inc. It is a client/server system that allows users to access files across a network and treat them as if they resided in a local file directory"
"The NFS protocol is designed to be independent of the computer, operating system, network architecture, and transport protocol. This means that systems using the NFS service may be manufactured by different vendors, use different operating systems, and be connected to networks with different architectures. These differences are transparent to the NFS application, and thus, the user. "
[ source ]
Host Installation Steps
To set up an NFS host in Ubuntu, you need to run the following command to install the necessary packages:
sudo apt-get install nfs-kernel-server nfs-common -y
Add lines to your /etc/exports
file, specifying the directory locations that you want shared on the network like below:
sudo $EDITOR /etc/exports
Here's another example with comments explaining each part.
# Share the top level 'files' directory
# Allow access from computers accessing from the IPs in the range of 192.168.1.1 -> 192.168.1.255
# The client can access/edit files as if they were a root user on the host
# Grant both read and write access (rw)
/files 192.168.1.1/24(rw,no_root_squash,async)
root_squash
or no_root_squash
?
The option root_squash
prevents root users connected remotely from having root privileges and assigns them the nfsnobody user ID. This effectively "squashes" the power of the remote root user to the lowest local user, preventing unauthorized alteration of files on the NFS host.
The alternative option no_root_squash
, allows the root user on the client to access/create files as root on the NFS host which is dangerous, so don't enable this unless you know that you need to. Typically this is needed if one is hosting root filesystems on an NFS server for diskless clients (e.g. AWS EC2).
async or sync?
Async mode (which is the default) means that the system will reply to a client's write request, stating that it has completed, as soon as it has handled the request by passing it off to the filesystem to manage, rather than waiting for it to be written to stable storage (e.g. replying as soon as it has gone into cache rather than disk). This yields much better performance at the expense in a risk of data corruption should the server reboot or lose power whilst still holding data in cache. If your system needs to work with other proprietary systems that work with NFS (Solaris, HP-UX, RS/6000, etc.), you will need to enable sync mode.
subtree_check
or no_subtree_check
?
There is a great explanation of this here, but to sum up, the subtree_check
causes the host to check that a client request is not going outside the domain of the exported directory. This is only necessary when you are exporting a subdirectory within a filesystem and not the entire filesystem. However, this can cause issues, so the best choice of action is this: always use no_subtree_check
(the default), and if you are making a public NFS, then set up the disk partitions so that you are only ever exporting entire filesystems.
Applying Export Changes
Whenever you make changes to the /etc/exports file, for them to take effect you need to run the following command which will let you know if there are any issues, and tell you about any defaults it assumes.
sudo exportfs -a
Restart NFS Service
You can restart the NFS service at any point with the following command:
sudo /etc/init.d/nfs-kernel-server restart
Conclusion
Now you have deployed an NFS server, you probably want to configure some clients to use it.
References
- Indiana University - What is NFS?
- Ubuntu Forums - HOWTO: NFS Server/Client
- Ubuntu Geek - NFS Server And Client Configuration In Ubuntu
- Optimizing NFS Performance
- What is the use of "
root_squash
" and "no_root_squash
" in NFS"
First published: 16th August 2018