The Network File System (NFS) is a powerful protocol that simplifies network storage management, allowing you to designate storage locations that are easily accessible across your network. With an Nfs Server in place, users can interact with a remote hard drive as seamlessly as if it were directly connected to their machine, similar to using an external USB drive. This makes NFS one of the most straightforward and transparent solutions for managing shared storage within any organization, from small teams to large enterprises.
Installing NFS Server Utilities
NFS is natively integrated within Red Hat Enterprise Linux (RHEL) 9, which streamlines the setup process. However, to manage and operate an NFS server effectively, you need to install a suite of utilities. This package is required on both the machine that will act as the NFS server and any Linux workstations that will connect as clients.
$ sudo dnf install nfs-utilsOnce the utilities are installed, you need to enable and start the NFS server service on your designated host machine. This command initiates the NFS service, making your server ready to share directories.
$ sudo systemctl enable --now nfs-serverNFS relies on the rpcbind service for mapping RPC (Remote Procedure Call) program numbers to transport-specific port numbers. It’s essential to start and enable this service as well for NFS to function correctly.
$ sudo systemctl enable --now rpcbindDefining a Shared Storage Location
On your NFS server, the next step is to designate a directory on the server’s filesystem that will be shared with client computers. This location can be a dedicated physical drive, a separate partition, or simply a directory within your existing server storage. For environments where storage needs may grow, leveraging Logical Volume Management (LVM) is highly recommended to provide flexible and scalable storage allocation.
Create the directory that you intend to share using the mkdir command with the -p option to create any necessary parent directories in the path. In this example, we are creating a directory named myshare within the /nfs/exports directory.
$ sudo mkdir -p /nfs/exports/myshareExporting the Shared Directory
For the NFS server to advertise and make the myshare directory available to the network, you must explicitly export it. This is done by adding an entry to the /etc/exports configuration file. This file dictates which directories are shared, which networks can access them, and what permissions are granted.
For example, if your network’s subnet is 192.168.122.0/24, allowing addresses from 192.168.122.1 to 192.168.122.254, you can configure the /etc/exports file as follows. This line specifies that the /nfs/exports/myshare directory is shared with read-write (rw) permissions to all hosts within the 192.168.122.0/24 network.
$ echo "/nfs/exports/myshare 192.168.122.0/24(rw)" > /etc/exportsIt’s important to note that there should be no space between the network definition and the access permissions specified in the parentheses.
Setting Directory Ownership and Permissions
The default permissions of the shared directory might not be suitable for all users on your network, depending on where it was created. For instance, if /nfs/exports/myshare is created in the root partition, it will likely be owned by the root user and group, potentially restricting access for regular users.
Adjusting directory permissions is crucial to ensure that the right users have the appropriate access levels. A common practice is to manage permissions using groups. By assigning group ownership and permissions, you can control access by adding users to specific groups.
For example, to grant read, write, and execute permissions to all members of the staff group, you would first change the group ownership of the directory to staff and then set the permissions to 775.
$ sudo chown root:staff /nfs/exports/myshare
$ sudo chmod 775 /nfs/exports/myshareWith these settings, all users who are members of the staff group will have full access to the myshare directory.
Exporting the Updated Configuration
After modifying the /etc/exports file, you need to inform the NFS server to refresh its list of available exports. The exportfs command with the -r option forces NFS to re-examine the /etc/exports file and update the table of exported file systems. This ensures that your recent changes are applied and the shared directory is immediately available for clients.
$ sudo exportfs -rConfiguring the Firewall
To allow client machines to connect to your NFS server, you must ensure that your firewall permits NFS traffic. Using firewall-cmd, the command-line interface for managing the firewalld service in Red Hat based systems, you can add a rule to permanently allow NFS service traffic. This step is essential for network accessibility of your NFS share.
$ sudo firewall-cmd --add-service nfs --permanentAfter adding the service, it is recommended to reload the firewall configuration to apply the changes immediately.
$ sudo firewall-cmd --reloadAt this point, your NFS server is fully configured, active, and ready to serve shared storage to clients on your network.
Setting Up an NFS Client
With the NFS server configured and running, the next step is to set up your client machines to access the shared storage. This involves creating a mount point on the client and then mounting the NFS share from the server to this mount point.
First, on your client workstation, create a local directory that will serve as the mount point for the NFS share. For consistency, we’ll use /nfs/imports/myshare.
[workstation]$ sudo mkdir /nfs/imports/myshareNext, mount the NFS volume from the server to the newly created mount point. The mount command, with the -t nfs option to specify the file system type as NFS and the -v option for verbose output, is used for this purpose. You need to specify the server’s IP address, the exported directory on the server (192.168.122.17:/nfs/exports/myshare in this example), and the local mount point (/nfs/imports/myshare).
[workstation]$ sudo mount -v
-t nfs 192.168.122.17:/nfs/exports/myshare
/nfs/imports/myshare/To ensure that the NFS volume is automatically mounted every time the client system boots, you can add an entry to the /etc/fstab file. This file configures static file system information. Add a line specifying the server, the exported share, the local mount point, the file system type (nfs), mount options (rw for read-write), and dump and pass options (both set to 0 for default behavior).
192.168.122.17:/nfs/exports/myshare /nfs/imports/myshare/ nfs rw 0 0To verify that the NFS volume has been successfully mounted, you can use the mount command and filter the output using grep to look for entries related to NFS and your specified mount point.
[workstation]$ sudo mount | grep -i nfs
192.168.122.17:/nfs/exports/myshare on /nfs/imports/myshare ...Leveraging NFS for Shared Storage
In environments with multiple workstations, manually configuring each client to access NFS shares can become time-consuming and error-prone. To streamline this process, consider using automation tools like Ansible. Ansible allows you to automate the configuration of client machines, including setting up NFS mounts and managing configurations across your infrastructure efficiently.
NFS offers an efficient and user-friendly way to implement shared storage, promoting collaboration and data sharing within your organization. By following these steps, you can quickly set up an NFS server and clients, making network storage management simpler and more transparent for your users. Consider exploring NFS to enhance data accessibility and collaboration in your environment.
