NFS is a good shared storage system, but its performance is not very good under high load conditions.
This is something I wrote a long time ago. I hope you can correct me if there are any mistakes:)
10.0.0.1 - NFS Server
10.0.0.2 - NFS Client
On NFS Server:
============ ====
Shared directory: /nfspool
NFS running user: nfsnobody
# mkdir /nfspool
# vi /etc/exports
/nfspool 10.0.0.2(rw,async,anonuid=65534,anongid=65534)
# mkdir -p /nfspool
# chown nfsnobody:nfsnobody /nfspool
# chown -R nfsnobody:nfsnobody /nfspool/.
# service portmap start
# service nfslock start
# service nfs start
On NFS Client:
==== ===========
Remote NFS shared directory mount point: /usr/local/nfs
# service portmap start
# mkdir /usr/local/nfs
# chown nfsnobody:nfsnobody /usr/local /nfs
# chmod 777 /usr/local/nfs
# mount -t nfs -o soft,intr,bg,timeo=50 10.0.0.1:/nfspool /usr/local/nfs
# vi /etc/fstab
10.0 .0.1:/nfspool /usr/local/nfs nfs soft,intr,bg,timeo=50 0 0
Instructions & Notes
===========
1. Exports parameter description
---- --------------
rw: read and write mode;
async: asynchronous disk read and write;
anonu(g)id: specify the anonymous user uid/gid used by NFS for operations
2. NFS management command
---------------
showmount -e Execute this command on the NFS Server to display all shared volumes on the NFS Server;
showmount -e 10.0.0.1 in Execute this command on the NFS Client to display all shared volumes on the NFS Server;
export -av exports all volumes according to /etc/exports;
export -rv re-exports all volumes, adds new items in /etc/exports, and deletes non-existent ones Projects, updated and changed projects;
3. NFS related files
---------------
/etc/exports
is one of the most basic configuration files of NFS Server, listed in the file shared file systems and the hosts that are allowed to access those file systems.
/proc/fs/nfs/exports
Kernel view of export file list, including exported parameters.
/var/lib/nfs/etab
Status file which lists the current high-level list. This file contains all items in the same format in /etc/exports, as well as items manually imported by exportfs -i.
/var/lib/nfs/rmtab
Status file, listing the list of remote clients that mount the exported file.
/var/lib/nfs/xtab
Status file, current underlying export list.
4. Writing rules for client in /etc/exports
----------------------------------
(1 ) A single host can use a short name, a fully qualified name, or an IP address. For example, student01, student01.flying.com.cn or 192.168.10.1 are all legal host names.
(2) Net-Group
Can list the entire group of hosts defined in the /etc/netgroup file or NFS netgroup mapping. The network group name starts with @.
(3) Wildcard host
*.discuz.net *.*.comsenz.com
(4) Mask
192.168.1.0/255.255.255.0
5. Start and stop sequence
---------- -
Start:
portmap
nfslock
nfs
Stop:
nfslock
nfs
portmap
6. Security
---------
portmap: 111
NFS: 2049
Prevent the use of IP spoofing and RPC redundancy Targeted technology attacks through lo loopback and limits authorized hosts:
iptables -A INPUT -p udp -d 127.0.0.1 --dport 111 -j DROP
iptables -A INPUT -p udp -d 127.0.0.1 --dport 2049 - j DROP
iptables -A INPUT -p udp -s 10.0.0.2 --dport 111 -j ACCEPT
iptables -A INPUT -p udp -s 10.0.0.2 --dport 2049 -j ACCEPT
====== ================================================== =====
nfs optimization