Find Out NFS Clients Connected To My NFS Server

You can use the following commands. SSH or login into your nfs server and type the following command:

netstat -an | grep nfs.server.ip:port

If your nfs server IP address 192.168.1.12 and port is 2049, enter:

netstat -an | grep 192.168.1.12:2049

Sample outputs:

tcp 0 0 192.168.1.12:2049 192.168.1.5:757 ESTABLISHED
tcp 0 0 192.168.1.12:2049 192.168.1.6:892 ESTABLISHED

Where,

192.168.1.12 – NFS serer IP address
2049 – NFS server port
192.168.1.5 and 192.168.1.6 – NFS clients IP address

Read more

Share

Build NFS Server on CentOS 7

As the first step, we will install these packages on the CentOS server with yum:

yum install nfs-utils

Now create the directory that will be shared by NFS:

mkdir /var/nfsshare

Change the permissions of the folder as follows:

chmod -R 755 /var/nfsshare
chown nfsnobody:nfsnobody /var/nfsshare

We use /var/nfsshare as shared folder, if we use another drive such as the /home directory, then the permission chnges will cause a massive permissions problem and ruin the whole hierarchy. So in case we want to share the /home directory then permissions must not be changed. Next, we need to start the services and enable them to be started at boot time. 

Read more

Share

NFS fix on LXC Host Server

NFS client on LXC seems do not work. Why? The problem is apparmor on the real machine that block any appempt to mount NFS volumes.
In order to try to minimize the security changes on apparmor I add the following lines in/etc/apparmor.d/lxc/lxc-default

# allow nfs mount everywhere

mount fstype=rpc_pipefs, 
mount fstype=nfs,

Then

$ /etc/init.d/apparmor reload

And now I was able to restart nfs-common and nfs-kernel-server without errors !

Update!!!!!

nano /etc/apparmor.d/lxc/lxc-default

Update the file as below-

# Do not load this file. Rather, load /etc/apparmor.d/lxc-containers, which
# will source all profiles under /etc/apparmor.d/lxc

profile lxc-container-default flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/lxc/container-base>

# the container may never be allowed to mount devpts. If it does, it
# will remount the host's devpts. We could allow it to do it with
# the newinstance option (but, right now, we don't).
# deny mount fstype=devpts,

# allow nfs mount everywhere

mount fstype=rpc_pipefs,
mount fstype=nfs,
}

sasasa

Now read the other article on how to connect to NFS server from LXC container

Share

Allow NFS attachment on Proxmox OpenVZ containers

Prepare the container

To allow a container to use NFS filesystem, you will need to start it with “nfs” feature enabled. If the container is running while you set the –features nfs:on, you will need to reboot it.

# vzctl set 101 --features "nfs:on" --save
# vzctl start 101

After this you may see nfs in /proc/filesystems

# vzctl exec 101 cat /proc/filesystems
 ext3
 ext2
nodev rpc_pipefs
nodev proc
nodev nfs
nodev sysfs
nodev tmpfs
nodev devpts
Share

NFS Firewall

Dynamic ports cannot be protected by port filtering firewalls such as iptables. First, you need to configure NFS services to use fixed ports. Open /etc/sysconfig/nfs, enter:

# vi /etc/sysconfig/nfs

Modify config directive as follows to set TCP/UDP unused ports:

# TCP port rpc.lockd should listen on.
LOCKD_TCPPORT=lockd-port-number
# UDP port rpc.lockd should listen on.
LOCKD_UDPPORT=lockd-port-number 
# Port rpc.mountd should listen on.
MOUNTD_PORT=mountd-port-number
# Port rquotad should listen on.
RQUOTAD_PORT=rquotad-port-number
# Port rpc.statd should listen on.
STATD_PORT=statd-port-number
# Outgoing port statd should used. The default is port is random
STATD_OUTGOING_PORT=statd-outgoing-port-number

Read more

Share

NFS Server and Client on Debian 6/7

Assumptions:

NFS Server IP: 172.16.5.100

NFS Client Node1: 172.16.5.101

NFS Client Node2: 172.16.5.102

NFS Client Node3: 172.16.5.103

NFS Client Node4: 172.16.5.104

On the NFS Server:

Install nfs-kernel-server Install nfs-kernel-server and nfs-common Install nfs-common on the computer that has the files to be shared.

apt-get update && sudo apt-get install nfs-kernel-server nfs-common

Edit the exports file that shows what to share and with whom. So run:

Read more

Share