HTTP Expert

Tag: nfs

  • Teach me how to setup nfs to export /mnt/backup to my private local network

    To set up NFS to export /mnt/backup, follow these steps. First, I need to know your Linux distribution (e.g., Ubuntu, CentOS, Fedora, Arch). I will assume Ubuntu LTS for the instructions. If you use a different distribution, please let me know.

    I will use 192.168.1.0/24 as an example for your private local network range. Adjust this to match your actual network.

    On the NFS Server

    1. Install NFS Server Software This command updates your package lists and installs the NFS kernel server.

      sudo apt update
sudo apt install -y nfs-kernel-server

      Explanation: apt update refreshes available package lists; apt install -y installs nfs-kernel-server without prompting.

    2. Create the Directory to Export If /mnt/backup doesn’t exist, create it. Set permissions suitable for NFS.

      sudo mkdir -p /mnt/backup
sudo chown nobody:nogroup /mnt/backup
sudo chmod 777 /mnt/backup

      Explanation: mkdir -p creates the directory; chown nobody:nogroup sets ownership, often used for NFS exports to simplify initial permissions; chmod 777 grants read/write/execute to all, adjust this later for tighter security.

    3. Configure NFS Exports Back up the existing /etc/exports file, then open it for editing and add the export entry.

      sudo cp /etc/exports /etc/exports.bak
sudo nano /etc/exports

      Add the following line to the end of the file, replacing 192.168.1.0/24 with your network:

      /mnt/backup    192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)

      Explanation of options:

      • 192.168.1.0/24: Allows access from any host in this network range. Use a specific IP address (e.g., 192.168.1.100) to restrict access to a single client.
      • rw: Grants read and write access to clients.
      • sync: Forces NFS to write changes to disk before replying, ensuring data consistency (can impact performance).
      • no_subtree_check: Disables subtree checking, which can improve reliability in some cases.
      • no_root_squash: WARNING: This option allows the root user on the client to have root privileges on the NFS server for the exported directory. Use with extreme caution and only on trusted private networks. For better security, omit this option or use root_squash (the default).

      Save and close the file (Ctrl+X, Y, Enter in Nano).

    4. Export the Shares and Restart NFS Service Apply the new export configuration and ensure the NFS server is running and enabled.

      sudo exportfs -a
sudo systemctl restart nfs-kernel-server
sudo systemctl enable nfs-kernel-server

      Explanation: exportfs -a exports all directories listed in /etc/exports; systemctl restart restarts the service; systemctl enable ensures it starts on boot.

      Verification: Check the status of the NFS service.

      systemctl status nfs-kernel-server

      Expected output: Should show Active: active (running).

    5. Configure Firewall (UFW) Allow NFS traffic from your private network.

      sudo ufw allow from 192.168.1.0/24 to any port nfs
sudo ufw reload

      Explanation: ufw allow adds a rule to permit NFS traffic from the specified network; ufw reload applies the changes.

      Verification: Check UFW status.

      sudo ufw status

      Expected output: Should show a rule similar to NFS ALLOW 192.168.1.0/24.

    On the NFS Client

    1. Install NFS Client Software On the client machine, install the necessary NFS utilities.

      sudo apt update
sudo apt install -y nfs-common

      Explanation: nfs-common provides tools like showmount and the NFS client libraries.

    2. Verify Available NFS Shares Check which shares are exported by the NFS server. Replace <NFS_SERVER_IP> with your server’s IP address.

      showmount -e <NFS_SERVER_IP>

      Expected output: Should list /mnt/backup as an available export.

    3. Create Mount Point and Mount the NFS Share Create a local directory on the client where the NFS share will be mounted, then mount it.

      sudo mkdir -p /mnt/nfs_backup
sudo mount <NFS_SERVER_IP>:/mnt/backup /mnt/nfs_backup

      Explanation: mkdir -p creates the mount point; mount connects the remote NFS share to the local directory.

      Verification: Check if the share is mounted.

      df -h /mnt/nfs_backup

      Expected output: Should show the NFS share mounted with available space.

      Test write access:

      sudo touch /mnt/nfs_backup/test_file.txt
ls /mnt/nfs_backup

      Expected output: test_file.txt should appear. If there are permission issues, check /etc/exports options and directory permissions on the server.

    4. Automount on Boot (Optional) To make the NFS share mount automatically every time the client boots, add an entry to /etc/fstab.

      sudo nano /etc/fstab

      Add the following line to the end of the file:

      <NFS_SERVER_IP>:/mnt/backup /mnt/nfs_backup nfs defaults,timeo=900,retrans=5,_netdev 0 0

      Explanation: defaults uses standard mount options; timeo and retrans are timeout/retry settings; _netdev tells the system to wait for network availability before attempting to mount.

      Save and close the file. Test the fstab entry without rebooting:

      sudo umount /mnt/nfs_backup
sudo mount -a

      Verification: df -h /mnt/nfs_backup should show the share mounted again.