NFS Server Side
Solaris-1 - 192.168.100.166 - Server
Solaris-2 - 192.168.100.234 - Client
#svcs -a | grep -i nfs
svc:/network/rpc/bind:default (required)
svc:/network/nfs/status:default (required)
svc:/network/nfs/nlockmgr:default (required)
svc:/network/nfs/server:default (required)
svc:/network/nfs/mapid:default (NFSv4, required)
svc:/network/nfs/rquota:default (optional)
svc:/network/rpc/gss:default (NFSv4, optional)
/usr/lib/nfs/nfslogd (NFSv2, NFSv3, optional)
Check NFS Server with dependency
#svcs -l nfs/server
Check required services status
#svcs -v svc:/network/rpc/bind:default svc:/network/nfs/status:default svc:/network/nfs/nlockmgr:default svc:/network/nfs/server:default svc:/network/nfs/mapid:default
Check optional services status
#svcs -v svc:/network/nfs/rquota:default svc:/network/rpc/gss:default
If the service is stopped, you can start with
#svcadm enable -r svc:/network/nfs/server:default
If the service cannot started, you got to verify with
#svcs -xv svc:/network/nfs/server:default #rpcinfo -p
vi /etc/ipf/ipf.conf
nfsd
pass in quick proto tcp from any to any port = 2049 keep statepass in quick proto udp from any to any port = 2049 keep state
sunrpc
pass in quick proto tcp from any to any port = 111 keep statepass in quick proto udp from any to any port = 111 keep state
lockd
pass in quick proto tcp from any to any port = 4045 keep statepass in quick proto udp from any to any port = 4045 keep state
#/usr/bin/egrep -v '^$|^#' /etc/dfs/dfstab
#share -F nfs -o nosuid,rw=@192.168.100.0/24,anon=60001 -d "Common Shared directories" /tempnfssun1 (60001=nobody)
#share -F nfs -o rw=solaris-2:@192.168.100.234,root=@192.168.100.234,ro,nosub /tempnfssun1
#share -F nfs -o ro=solaris3,rw=solaris-2,root=solaris-2 /tempnfssun1
#share -F nfs -o ro=solaris-2 /tempnfssun2
#share -F nfs -o ro=client1:client2,rw=client3:client4,root=client4 /tempshare (client=hostname)
#share -F nfs -o ro=@192.168.100.0/24 /usr/share/man
Share command Examples
#share -F nfs -o ro,rw=solaris-2:solaris-3 /shared_nfs_folder
Read-Only access to all
Read-Write access to solaris-2 & solaris-3
share -F nfs -o rw=solaris-2:solaris-3,root=solaris-2 /shared_nfs_folder
Read-Write access to solaris-2 and solaris-3
Root access granted to the root account on solaris-2
share -F nfs -o ro,anon=0 /shared_nfs_folder
anon=0 gives all machines full root access to this share, but with 'ro' it's read-only
share -F nfs -o nosub,ro /shared_nfs_folder
allow mounting at at top-level directory structure only
share -F nfs -o rw=.mmx.com /shared_nfs_folder
Sharing with all clients that are part of a DNS mmx.com
share -F nfs -o rw=@192.168.100.0/24 /shared_nfs_folder
Sharing only to 192.168.100.0 subnet
share -F nfs -o rw=solaris-2:-solaris-3:@192.168.100.0/24 /shared_nfs_folder
Sharing read write access to solaris-2
Solaris-3 will deny if the host in 192.168.100.0/24 network
#/usr/sbin/unshare /usr/share/man
On the server, you can use 'unshareall' to stop sharing all exported filesystems and verify with 'dfshares':
#/usr/sbin/unshareall #/usr/sbin/dfshares
#/usr/sbin/share
#/usr/bin/cat /etc/dfs/sharetab
#shareall -F nfs
NFS Client Side
svc:/network/rpc/bind:default (required)
svc:/network/nfs/status:default (required)
svc:/network/nfs/nlockmgr:default (required)
svc:/network/nfs/client:default (required)
svc:/network/nfs/cbd:default (NFSv4, required)
svc:/network/nfs/mapid:default (NFSv4, required)
Check require services are running
#svcs -v svc:/network/nfs/client:default svc:/network/nfs/status:default svc:/network/nfs/nlockmgr:default svc:/network/rpc/bind:default
Check which share folders are available from NFS Server
#/usr/sbin/dfshares 192.168.100.166#showmount -e solaris-1
#/usr/bin/mkdir /home2
#/usr/bin/ls -ld /home2
drwxr-xr-x 2 root root 2 Feb 20 03:12 /home2/
#/usr/sbin/mount -F nfs -o rw,bg,intr 192.168.100.166:/export/home /home2
#/usr/bin/ls -ld /home2
drwxr-xr-x 4 root root 512 Dec 21 02:21 /home2/
#/usr/sbin/df -h /home2
Filesystem size used avail capacity Mounted on
10.0.23.191:/export/home
7.9G 4.4G 3.4G 57% /home2
#/usr/sbin/mount | /usr/bin/grep /home2
/home2 on 10.0.23.191:/export/home remote/read/write/setuid/devices/rstchown/bg/intr/xattr/dev=8740001 on Sun Feb 20 03:26:37 2011
vi /usr/bin/cat /etc/vfstab
192.168.100.166:/export/home - /home2 nfs - yes rw,bg,intr
Note 4: Because NFSv4 does not use the MOUNT protocol, 'nosub' only
impacts client side mounting using NFSv2 and NFSv3. Since Solaris 10
attempts use of NFSv4 by default, falling back to v2 or v3 as necessary,
to illustrate 'nosub' I deliberately set option 'vers=3' in the mount command
#mount -F nfs -o rw,intr,vers=3 10.0.23.191:/usr/sfw /opt/sfw
#mount -F nfs -o ro,vers=4 solaris-2:/tempnfssun1 /tempnfssun1 && echo $?
#df -k | grep solaris-1
#mount -o bg,intr,ro solaris-1:/tempnfssun1 /tempnfssun1
Mount Command options
bg = Retry in background later if mount fails
intr = Allow keyboard interrupt on hard mount
ro = Do not allow write access to users, regardless of Unix file permissions
hard = keep trying until server responds (default) or the retry value is reached
soft = Give error message of server doesn't respond
retry n = Number of times to retry the mount (default = 10000)
nosuid = Setuid execution not allowed
sec=dh = Secure NFS, requiring the use of passwords based on public key encryption using the
Diffie-Helman encrytion technique.
vers = NFS versions (2,3,4)
To multiple machines Failover Mount
#mount -o ro solaris-1:/tempnfssun1,solaris-3:/tempnfssun1 /tempnfssun1
#mount -o ro solaris-2,solaris-1:/tempnfssun1 /tempnfssun1
#umount /tempnfssun1
#umount -f /tempnfssun1
#umountall -r (To umount all remote filesystems)
No comments:
Post a Comment