Consider the following points when you plan the use of Network File System (NFS) in an Oracle Solaris Cluster configuration:
NFS client – No Oracle Solaris Cluster node can be an NFS client of an HA for NFS exported file system that is being mastered on a node in the same cluster. Such cross-mounting of HA for NFS is prohibited. Use the cluster file system to share files among global-cluster nodes.
NFSv3 protocol – If you are mounting file systems on the cluster nodes from external NFS servers, such as NAS filers, and you are using the NFSv3 protocol, you cannot run NFS client mounts and the HA for NFS data service on the same cluster node. If you do, certain HA for NFS data-service activities might cause the NFS daemons to stop and restart, interrupting NFS services. However, you can safely run the HA for NFS data service if you use the NFSv4 protocol to mount external NFS file systems on the cluster nodes.
Locking – Applications that run locally on the cluster must not lock files on a file system that is exported through NFS. Otherwise, local blocking (for example, flock or fcntl) might interfere with the ability to restart the lock manager ( lockd). During restart, a blocked local process might be granted a lock which might be intended to be reclaimed by a remote client. This situation would cause unpredictable behavior.
NFS security features – Oracle Solaris Cluster software does not support the following options of the share_nfs (1M) command:
secure
sec=dh
However, Oracle Solaris Cluster software does support the following security features for NFS:
The use of secure ports for NFS. You enable secure ports for NFS by adding the entry set nfssrv:nfs_portmon=1 to the /etc/system file on cluster nodes.
The use of Kerberos with NFS.
Fencing – Zone clusters support fencing for all supported NAS devices, shared disks, and storage arrays.