Translate

Use categories on the left bar

For orientation in my website, please use a left menu bar with category/subcategory list

NFS storage

Setup NFS server

1.) Setting firewall

firewall-cmd --permanent --zone=yourzone --add-service=ssh
firewall-cmd --permanent --zone=yourzone --add-service=nfs
firewall-cmd --reload

2.) Installing NFS

server:
On the NFS server we run:
yum -y install nfs-utils
Then enable and start the nfs server service.
systemctl enable nfs-server.service
systemctl start nfs-server.service
client:
On the client, we can install NFS as follows (this is actually the same as on the server):
yum install nfs-utils

3.) Exporting Directories on the Server

server:
I'd like to make the directories /home and /opt/kube accessible to the client; therefore we must "export" them on the server.
When a client accesses an NFS share, this normally happens as the user nfsnobody. Usually the /home directory isn't owned by nfsnobody (and I don't recommend to change its ownership to nfsnobody!), and because we want to read and write on /home, we tell NFS that accesses should be made as root (if our /home share was read-only, this wouldn't be necessary). The /var/nfs directory doesn't exist, so we can create it and change its ownership to the user and group nfsnobody.
mkdir /opt/kube
chown nfsnobody:nfsnobody /opt/kube
chmod 755 /opt/kube

Now we must modify /etc/exports where we "export" our NFS shares. 
man 5 exports

vi /etc/exports
/opt/kube       192.168.3.1/24(rw,sync,no_subtree_check)

Whenever we modify /etc/exports, we must run:
exportfs -a
afterwards, to make the changes effective.

4.) Mounting the NFS Shares on the Client

client:
First we create the directories where we want to mount the NFS shares, e.g.:
mkdir -p /mnt/nfs/opt/kube

Afterward
s, we can mount them as follows:
mount ipaddressofyournfs:/opt/kube /mnt/nfs/opt/kube 


You should now see the two NFS shares in the outputs of
df -h
[root@client ~]# df -h
devtmpfs                 3.9G     0  3.9G   0% /dev
tmpfs                    3.9G     0  3.9G   0% /dev/shm
tmpfs                    3.9G   42M  3.8G   2% /run
tmpfs                    3.9G     0  3.9G   0% /sys/fs/cgroup
/dev/mapper/centos-root   46G  5.8G   40G  13% /
/dev/sda1                497M  299M  198M  61% /boot
tmpfs                    783M     0  783M   0% /run/user/0
ipaddressofyournfs:/opt/kube    80G   32M   80G   1% /mnt/nfs/opt/kube

and
mount
[root@client ~]# mount
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
devtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=930320k,nr_inodes=232580,mode=755)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,seclabel)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,seclabel,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
configfs on /sys/kernel/config type configfs (rw,relatime)
/dev/mapper/centos-root on / type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
selinuxfs on /sys/fs/selinux type selinuxfs (rw,relatime)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=25,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)
mqueue on /dev/mqueue type mqueue (rw,relatime,seclabel)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
nfsd on /proc/fs/nfsd type nfsd (rw,relatime)
/dev/sda1 on /boot type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=188060k,mode=700)
192.168.1.100:/home on /mnt/nfs/home type nfs4 (rw,relatime,vers=4.0,rsize=262144,wsize=262144,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.1.101,local_lock=none,addr=192.168.1.100)
192.168.1.100:/var/nfs on /mnt/nfs/var/nfs type nfs4 (rw,relatime,vers=4.0,rsize=262144,wsize=262144,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.1.101,local_lock=none,addr=192.168.1.100)

6 Testing

On the client, you can now try to create test files on the NFS shares:
client:
touch /mnt/nfs/home/test.txt
touch /mnt/nfs/var/nfs/test.txt
Now go to the server and check if you can see both test files:
server:
ls -l /home/
[root@server1 ~]# ls -l /home/
total 0
drwx------. 2 administrator administrator 59 Jun 21 16:13 administrator
-rw-r--r--. 1 root root 0 Jun 29 13:07 test.txt
ls -l /var/nfs
[root@server1 ~]# ls -l /var/nfs
total 0
-rw-r--r--. 1 nfsnobody nfsnobody 0 Jun 29 13:07 test.txt
(Please note the different ownerships of the test files: the /home NFS share gets accessed as root, therefore /home/test.txt is owned by root; the /var/nfs share gets accessed as nobody/65534, therefore /var/nfs/test.txt is owned by 65534.)

7 Mounting NFS Shares at Boot Time

Instead of mounting the NFS shares manually on the client, you could modify /etc/fstab so that the NFS shares get mounted automatically when the client boots.
client:
Open /etc/fstab and append the following lines:
nano /etc/fstab
[...]
192.168.1.100:/home  /mnt/nfs/home   nfs      rw,sync,hard,intr  0     0
192.168.1.100:/var/nfs  /mnt/nfs/var/nfs   nfs      rw,sync,hard,intr  0     0
Instead of rw,sync,hard,intr you can use different mount options. To learn more about available options, take a look at
man nfs
To test if your modified /etc/fstab is working, reboot the client:
reboot
After the reboot, you should find the two NFS shares in the outputs of
df -h
[root@client ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/centos-root 28G 1.7G 26G 7% /
devtmpfs 909M 0 909M 0% /dev
tmpfs 919M 0 919M 0% /dev/shm
tmpfs 919M 8.6M 910M 1% /run
tmpfs 919M 0 919M 0% /sys/fs/cgroup
/dev/sda1 497M 208M 290M 42% /boot
tmpfs 184M 0 184M 0% /run/user/0
192.168.1.100:/home 28G 1.2G 27G 5% /mnt/nfs/home
192.168.1.100:/var/nfs 28G 1.2G 27G 5% /mnt/nfs/var/nfs
and
mount
[root@client ~]# mount
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
devtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=930320k,nr_inodes=232580,mode=755)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,seclabel)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,seclabel,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
configfs on /sys/kernel/config type configfs (rw,relatime)
/dev/mapper/centos-root on / type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
selinuxfs on /sys/fs/selinux type selinuxfs (rw,relatime)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=25,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)
mqueue on /dev/mqueue type mqueue (rw,relatime,seclabel)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
nfsd on /proc/fs/nfsd type nfsd (rw,relatime)
/dev/sda1 on /boot type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=188060k,mode=700)
192.168.1.100:/home on /mnt/nfs/home type nfs4 (rw,relatime,vers=4.0,rsize=262144,wsize=262144,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.1.101,local_lock=none,addr=192.168.1.100)
192.168.1.100:/var/nfs on /mnt/nfs/var/nfs type nfs4 (rw,relatime,vers=4.0,rsize=262144,wsize=262144,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.1.101,local_lock=none,addr=192.168.1.100)

YAML kube files

 pv_volume_nfs.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
  name: my-nfs-share
spec:
  capacity:
    storage: 80Gi # This size is used to match a volume to a tenents claim
  accessModes:
    - ReadWriteOnce # Access modes are defined below
  persistentVolumeReclaimPolicy: Recycle # Reclaim policies are defined below
  nfs:
    server: yournfsserver.com # Please change this to your NFS server
    path: /opt/kube # Please change this to the relevant share

 pvc_nfs.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: myapp-nfs
  namespace: default
spec:
  accessModes:
    - ReadWriteOnce # Access modes for volumes is defined under Persistent Volumes
  resources:
    requests:
      storage: 5Gi # volume size requested

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)