安装nfs服务
apt-get install nfs-kernel-server
修改配置文件,共享目录为/var/www,*号可替换为客户端IP地址,*默认为任何部署了nfs客户端的IP可以挂载该目录(默认共享目录仅支持一台客户端挂载)
root@CS151230001:~# cat /etc/exports # /etc/exports: the access control list for filesystems which may be exported # to NFS clients. See exports(5). # # Example for NFSv2 and NFSv3: # /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) # #/data2/html1/ *(rw,sync,no_root_squash,no_subtree_check) # Example for NFSv4: # /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) # /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) # /var/www/ *(insecure,rw,sync,no_root_squash,no_subtree_check)
配置固定端口,方便添加防火墙策略,尤其是云服务器
root@CS151230001:~# cat /etc/default/nfs-kernel-server # Number of servers to start up RPCNFSDCOUNT=8 # Runtime priority of server (see nice(1)) RPCNFSDPRIORITY=0 # Options for rpc.mountd. # If you have a port-based firewall, you might want to set up # a fixed port here using the --port option. For more information, # see rpc.mountd(8) or http://wiki.debian.org/SecuringNFS # To disable NFSv4 on the server, specify '--no-nfs-version 4' here RPCMOUNTDOPTS="--manage-gids --port 32767" # Do you want to start the svcgssd daemon? It is only required for Kerberos # exports. Valid alternatives are "yes" and "no"; the default is "no". NEED_SVCGSSD="" # Options for rpc.svcgssd. RPCSVCGSSDOPTS="" # Options for rpc.nfsd. RPCNFSDOPTS="--nfs-version 2,3,4 --debug --syslog"
root@CS151230001:~# cat /etc/default/nfs-common # If you do not set values for the NEED_ options, they will be attempted # autodetected; this should be sufficient for most people. Valid alternatives # for the NEED_ options are "yes" and "no". # Do you want to start the statd daemon? It is not needed for NFSv4. NEED_STATD= # Options for rpc.statd. # Should rpc.statd listen on a specific port? This is especially useful # when you have a port-based firewall. To use a fixed port, set this # this variable to a statd argument like: "--port 4000 --outgoing-port 4001". # For more information, see rpc.statd(8) or http://wiki.debian.org/SecuringNFS STATDOPTS="--port 32765 --outgoing-port 32766" # Do you want to start the gssd daemon? It is required for Kerberos mounts. NEED_GSSD=
重启以下服务
/etc/init.d/rpcbind restart /etc/init.d/nfs-kernel-server restart
重载配置文件
exportfs -rv
查询监听端口
rpcinfo -p
测试是否共享目录成功
showmount -e 服务器IP地址
参考:
https://blog.csdn.net/yuanhangq220/article/details/82421183
NFS挂载时出现"access denied by server while mounting"的解决方法
1、使用了非法端口,也就是使用了大于1024的端口。
这个错误,可以通过查看日志确认:
[root@local~ /]# cat /var/log/messages | grep mount
Jan 2 12:49:04 localhost mountd[1644]: refused mount request from 192.168.0.100 for /home/nfsshare/ (/home/nfsshare): illegal port 1689
解决办法:
修改配置文件/etc/exports,加入 insecure 选项,重启nfs服务,再尝试挂载。
/home/nfsshare/ *(insecure,rw,async,no_root_squash)