Computer >> Computer tutorials >  >> System >> Linux

Configuring NFS Server and Client on Linux CentOS/RHEL

Network File System (NFS) is a distributed file system protocol for sharing files and folders. NFS is based on the Remote Procedure Protocol (ONC RPC). NFS allows to mount remote file systems over the network. Remember that by default data are not encrypted when using NFS, and clients are not authenticated (access can be limited by IP).

NFS is easy to configure both on the server and client-side. In this article, we’ll show how to install and configure an NFS server, and then we will connect an NFS share on a client. This article is based on RPM-based Linux distributions (CentOS, RHEL, Fedora, etc.).

How to Install and Configure an NFS Server on Linux CentOS

By default, nfs is already installed in CentOS with the Standard package. If you have removed NFS components or used the Minimal Install mode for your server, you can install the NFS package using yum (or dnf) package manager:

In CentOS 8:

# dnf install nfs-utils -y

I had the package installed:

Configuring NFS Server and Client on Linux CentOS/RHEL

The current NFS server version supports NFSv3 and NFSv4 protocol versions. NFSv2 is disabled by default. You can get a list of supported NFS versions using this command:

cat /proc/fs/nfsd/versions

After you have installed all packages you need, start nfs-server and rpcbind services, and add them to startup:

# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl start rpcbind
# systemctl start nfs-server

If you want to use NFSv4.1/4.2 only, you don’t need to run rpcbind.

If you are using firewalld on your Linux host, open the following ports:

# firewall-cmd --permanent --add-port=111/tcp
# firewall-cmd --permanent --add-port=20048/tcp
# firewall-cmd --permanent --add-service=nfs
# firewall-cmd --permanent --zone=public --add-service=nfs
# firewall-cmd --permanent --zone=public --add-service=mountd
# firewall-cmd --permanent --zone=public --add-service=rpc-bind
# firewall-cmd --reload

Configuring NFS Server and Client on Linux CentOS/RHEL

For those who are using iptables:

# iptables -t filter -A INPUT -p tcp --dport 111 -j ACCEPT
# iptables -t filter -A INPUT -p tcp --dport 2049 -j ACCEPT
# iptables -t filter -A INPUT -p tcp --dport 20048 -j ACCEPT
# service iptables save
# service iptables restart

Then create a directory your NFS server will share:

# mkdir -p /backup/nfs
# chmod -R 777 /backup/nfs

Publish the NFS share and assign access permissions in the configuration file containing the NFS server settings (/etc/exports).

# nano /etc/exports

Add the following line to the config to grant NFS access to all hosts in the specified IP subnet:

/backup/nfs 192.168.1.0/24(rw,sync,no_root_squash,no_all_squash)

Or you can limit access to a single IP address only:

/backup/nfs 192.168.2.24(rw,sync,no_root_squash,no_all_squash, anonuid=1000,anongid=1000) 192.168.3.100 (ro,async,no_subtree_check)

Let’s see what parameters are used to grant privileges on the NFS directory:

  • rw – grant write permissions, ro – provides read-only access
  • sync – synchronous access mode, async means that you don’t need to wait for confirmation of writing on the disk (it improves NFS performance, but reduces reliability)
  • no_root_squash – allows the root user to get access to the NFS directory from a client (usually not recommended)
  • no_all_squash – enables user authentication, all_squash – allows accessing NFS share under an anonymous user
  • no_subtree_check – disables a check that a user accessed a file in the directory (subtree_check is used by default)
  • anonuid, anongid – map NFS user/group to the specified local user/group (UID or GID)

To apply new NFS share settings, run the following command:

# exportfs -a

And restart the NFS server:

# systemctl restart nfs-server

Thus, we have finished the configuration of our NFS server and may proceed with a client configuration.

Configuring NFS Client on CentOS

To configure an NFS client, you must also install the nfs-utils package.

# yum install nfs-utils -y

Add services to startup and start them:

# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl start rpcbind
# systemctl start nfs-server

Then create a directory on a client the NFS directory will be mounted to:

# mkdir /backup

Then you can mount the remote NFS share using this command:

# mount -t nfs 192.168.0.100:/backup/nfs/ /backup

You can force the version of the NFS protocol to be used:

# mount -t nfs -o vers=4 192.168.0.100:/backup/nfs/ /backup

where IP is the address of the NFS server you have configured earlier.

Configuring NFS Server and Client on Linux CentOS/RHEL

Then the connected NFS shares will be displayed in the list of mounted drives. You can read data in the directory or write to it (depending on the permissions assigned to your IP address on the NFS server). To automatically mount the NFS directory on reboot, you need to open the fstab file:

# nano /etc/fstab

And add the following line to it:

192.168.0.100:/backup/nfs/ /backup/ nfs rw,sync,hard,intr 0 0

After saving fstab, you can apply it with this command:

# mount -a

So we have configured and connected a remote NFS storage, which can be used for transparent network access to a shared resource from different hosts. You can place backups, ISO image files, etc. in your NFS directory.