Bootstrap

nfs服务器实验

实验:架设一台NFS服务器

并按照以下要求配置:

1、开放/nfs/shared目录,供所有用户查询资料

2、开放/nfs/upload目录,为192.168.xxx.0/24网段主机可以上传目录,并将所有用户及所属的组映射为nfs-upload,其UID和GID均为210

3、将/home/tom目录仅共享给192.168.xxx.xxx这台主机,并只有用户tom对该目录有读写权限

配置:

服务端server:

# 实验前配置:
[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0
[root@localhost ~]# mount /dev/sr1 /mnt
[root@localhost ~]# dnf install nfs-utils -y
[root@localhost ~]# dnf install nginx -y
[root@localhost ~]# systemctl restart nfs-server.service 
[root@localhost ~]# systemctl status rpcbind
[root@localhost ~]# systemctl status nfs-server.service 
# 实验配置:
# 编辑三个共享文件
[root@server ~]# vim /etc/exports
/nfs/shared  *(ro)             # 1,对所有用户都开放shared目录
/nfs/upload  192.168.235.0/24(rw,all_sqush,anonuid=210,anongid=210)    # 2,对192.168.235.0/24网段开放upload目录
/home/tom  192.168.235.131/24(rw)            # 3,指定用户tom上传文件,指定共享地址
# 创建测试路径文件
[root@server ~]# mkdir /nfs/{shared,upload}/{1..5} -pv
mkdir: created directory '/nfs'
mkdir: created directory '/nfs/shared'
mkdir: created directory '/nfs/shared/1'
mkdir: created directory '/nfs/shared/2'
mkdir: created directory '/nfs/shared/3'
mkdir: created directory '/nfs/shared/4'
mkdir: created directory '/nfs/shared/5'
mkdir: created directory '/nfs/upload'
mkdir: created directory '/nfs/upload/1'
mkdir: created directory '/nfs/upload/2'
mkdir: created directory '/nfs/upload/3'
mkdir: created directory '/nfs/upload/4'
mkdir: created directory '/nfs/upload/5'
# 允许上传
[root@server ~]# chmod o+w /nfs/upload
# 并将所有用户及所属的组映射为nfs-upload,其UID和GID均为210
[root@server ~]# useradd nfs-upload -u 210 -r
# 查看id
[root@server ~]# id nfs-upload
uid=210(nfs-upload) gid=210(nfs-upload) groups=210(nfs-upload)

# 添加用户tom
[root@server ~]# useradd tom
[root@server ~]# ll /home/tom -d
drwx------. 3 tom tom 78 Oct 27 14:51 /home/tom
# 查看tom ID
[root@server ~]# id tom
uid=1001(tom) gid=1001(tom) groups=1001(tom)
# 导出文件
[root@server ~]# exportfs -ra

客户端client:

[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0
[root@localhost ~]# mount /dev/sr0 /mnt
[root@localhost ~]# dnf install nfs-utils -y
[root@localhost ~]# dnf install nginx -y
systemctl restart nginx.service 
systemctl restart nfs-server.service 
systemctl status nginx.service 
systemctl status nfs-server.service 

# 创建三个对应列表
[root@client ~]# mkdir /{1..3}
# 挂载IP地址
[root@client ~]# showmount -e 192.168.235.128 
Export list for 192.168.235.128:
/nfs/shared *
/home/tom   192.168.235.131/24
/nfs/upload 192.168.235.0/24
# 挂载192.168.235.128相应文件的文件路径
[root@client ~]# mount 192.168.235.128:/nfs/shared /1
[root@client ~]# mount 192.168.235.128:/nfs/upload /2
[root@client ~]# mount 192.168.235.128:/home/tom /3

测试:

[root@client ~]# cd /1
[root@client 1]# ll
total 0
drwxr-xr-x. 2 root root 6 Oct 27 14:45 1
drwxr-xr-x. 2 root root 6 Oct 27 14:45 2
drwxr-xr-x. 2 root root 6 Oct 27 14:45 3
drwxr-xr-x. 2 root root 6 Oct 27 14:45 4
drwxr-xr-x. 2 root root 6 Oct 27 14:45 5

[root@client 2]# cd /2
[root@client 2]# ll
total 0
drwxr-xr-x. 2 root root 6 Oct 27 14:45 1
drwxr-xr-x. 2 root root 6 Oct 27 14:45 2
drwxr-xr-x. 2 root root 6 Oct 27 14:45 3
drwxr-xr-x. 2 root root 6 Oct 27 14:45 4
drwxr-xr-x. 2 root root 6 Oct 27 14:45 5

[root@client 2]# cd /3
bash: cd: /3: Permission denied
[root@client ~]# id tom
uid=1001(tom) gid=1001(tom) groups=1001(tom)
[root@client ~]# su tom
[tom@client root]$ cd /3
[tom@client 3]$ ll
total 0
[tom@client 3]$ touch a

# 在客户端上/1上传文件失败,原因是shared文件对于客户端用户来说只有读权限
[root@client 1]# touch 11111
touch: cannot touch '11111': Read-only file system

# 在服务端查看tom用户上传的文件
[root@server ~]# ll /home/tom
total 0
-rw-r--r--. 1 tom tom 0 Oct 27 15:02 a

自动挂载:

# 客户端安装autofs
[root@client ~]# dnf install autofs -y
# 编辑自动挂载文件的位置
[root@client ~]# vim /etc/auto.master
/client /etc/auto.zdgz
# 查看
[root@client ~]# grep zdgz /etc/auto.master
/client /etc/auto.zdgz
# 配置自动挂载文件
[root@client ~]# vim /etc/auto.zdgz
[root@client ~]# cat /etc/auto.zdgz
shared 192.168.235.128:/nfs/shared
upload 192.168.235.128:/nfs/upload
tom 192.168.235.128:/home/tom
# 重启自动挂载服务
[root@client ~]# systemctl restart autofs.service 

# 测试
# 切换路径并创建文件
[root@client ~]# cd /client
[root@client client]# cd upload
[root@client upload]# touch aaaaaaa

# 在服务端查看是否上传
[root@server ~]# ll /nfs/upload
total 0
-rw-r--r--. 1 nfs-upload nfs-upload 0 Oct 27 15:35 aaaaaaa
#### 上传成功!
;