Note:
- This tutorial is available in an Oracle-provided free lab environment.
- It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.
Create an NFS Server on Oracle Linux
Introduction
What is NFS? Network File System (NFS) is a protocol for a distributed file system that allows users to read and write files over the network and interact with them as if they are mounted locally. Developed by Sun Microsystems in 1984, NFS continues to be a popular way to consolidate resources and then share them on the network. Currently, Oracle Linux supports NFS version 3 (NFSv3) and NFS version 4 (NFSv4) and will default to NFSv4 when mounting shares if the server supports it.
Objectives
In this tutorial, you will learn how to:
- Install the NFS utility package
- Configure an NFS server
- Mount NFS shares
- Configure the autofs utility
Prerequisites
- 
    Minimum of two Oracle Linux systems 
- 
    Each system should have Oracle Linux installed and configured with: - A non-root user account with sudo access
- Key-based SSH, also known as password-less SSH, between the hosts
- Access to the Internet
 
Deploy Oracle Linux
Note: If running in your own tenancy, read the linux-virt-labs GitHub project README.md and complete the prerequisites before deploying the lab environment.
- 
    Open a terminal on the Luna Desktop. 
- 
    Clone the linux-virt-labsGitHub project.git clone https://github.com/oracle-devrel/linux-virt-labs.git
- 
    Change into the working directory. cd linux-virt-labs/ol
- 
    Install the required collections. ansible-galaxy collection install -r requirements.yml
- 
    Update the Oracle Linux instance configuration. cat << EOF | tee instances.yml > /dev/null compute_instances: 1: instance_name: "ol-node-01" type: "server" 2: instance_name: "ol-node-02" type: "server" passwordless_ssh: true EOF
- 
    Deploy the lab environment. ansible-playbook create_instance.yml -e localhost_python_interpreter="/usr/bin/python3.6" -e "@instances.yml" -e use_nfs=trueThe free lab environment requires the extra variable local_python_interpreter, which setsansible_python_interpreterfor plays running on localhost. This variable is needed because the environment installs the RPM package for the Oracle Cloud Infrastructure SDK for Python, located under the python3.6 modules.The default deployment shape uses the AMD CPU and Oracle Linux 8. To use an Intel CPU or Oracle Linux 9, add -e instance_shape="VM.Standard3.Flex"or-e os_version="9"to the deployment command.Important: Wait for the playbook to run successfully and reach the pause task. At this stage of the playbook, the installation of Oracle Linux is complete, and the instances are ready. Take note of the previous play, which prints the public and private IP addresses of the nodes it deploys and any other deployment information needed while running the lab. 
Install the NFS Utilities Package on the Server Instance
- 
    Open a terminal and connect via SSH to the ol-node-01 instance. ssh oracle@<ip_address_of_instance>
- 
    Install the nfs-utils package. sudo dnf install -y nfs-utilsThis command will install the daemon and tools associated with the kernel NFS server. 
Create an NFS Share
- 
    Create a directory to contain your shared files. sudo mkdir /nfs-share
- 
    Create a series of test files. sudo fallocate -l 10MB /nfs-share/file1 sudo fallocate -l 10MB /nfs-share/file2 echo "This is a shared text file." | sudo tee /nfs-share/shared-text.txt > /dev/nullThese commands create two 10MB files and a standard text file. 
- 
    Verify the files created successfully. ls -lh /nfs-share
- 
    Change permissions on the files. sudo chmod -R 777 /nfs-shareFor ease, we use chmod -R 777, which sets the local file permissions for everyone to read/write/execute. This setting minimalizes the need for additional NFS share options in this exercise where the UID/GUID of the client user does not match the server and defaults to thenobodyaccount on the server.. This minimalizes the need for additional NFS share options in this exercise where the UID/GUID of the client user does not match the server and defaults to thenobodyaccount on the server.Evaluate whether these permissions are appropriate for your environment before running them in production. For more details, check out man nfs.
- 
    Define the share in /etc/exports.Each entry has the format export host1(options1) host2(options2) host3(options3).echo "/nfs-share ol-node-02(rw)" | sudo tee -a /etc/exports > /dev/nullThe ol-node-02is the client instance’s hostname or IP address, and(rw)indicates the share is read-write for that instance.If the entry was /nfs-share ol-node-02 (rw), notice the space betweenol-node-02and(rw), then the single client mentioned would have read-only (default) access, while the rest of the world has read/write.
Start the NFS Server
- 
    Set the firewall to allow NFS traffic. sudo firewall-cmd --permanent --zone=public --add-service=nfs sudo firewall-cmd --reload sudo firewall-cmd --list-all- --permanentensures the setting persists after a system reboot
- --list-allwill display the firewall settings and show that NFS traffic is allowed
 
- 
    Enable and start the NFS service. sudo systemctl enable --now nfs-server showmount -eThe showmountcommand displays the shares available using the NFS server.
Add Another Share
- 
    Create a new folder. sudo mkdir /nfs-share2
- 
    Create a new share using exportfs.sudo exportfs -i -o rw *:/nfs-share2 showmount -e- -icauses the new share to ignore any values set in- /etc/exports
- -opasses the share options
- *makes the share available to all clients
 
- 
    Show the new share added using exportfsdoes not persist a service restart.sudo systemctl restart nfs-server showmount -e
- 
    Add the new share to /etc/exportsto persist system restarts.echo "/nfs-share2 *(rw)" | sudo tee -a /etc/exports > /dev/null sudo exportfs -r showmount -e- -rin- exportfsrefreshes the export list with any changes made to- /etc/exports
 
Install the NFS Utilities Package on the Client Instance
- 
    Open a terminal and connect via SSH to the ol-node-02 instance. ssh oracle@<ip_address_of_instance>
- 
    Install the nfs-utils package. sudo dnf install -y nfs-utils
Mount the NFS Share
- 
    Create a directory for the mount point. shell (client) sudo mkdir /nfs-mount
- 
    Mount the share and get a directory listing. sudo mount ol-node-01:/nfs-share /nfs-mount ls -lh /nfs-mountWhere ol-node-01is the hostname or IP address of the NFS server instance.
- 
    Test access to the NFS share. shell (client) echo "Hello World!" >> /nfs-mount/shared-text.txt cat /nfs-mount/shared-text.txt
Root Squashing
Enabled by default in Oracle Linux, “root squashing” is a share-level configuration option that prevents a remote root user from having root access to the network file system. We recommend leaving “root squashing” enabled for proper security, but the following steps will show client-side root-level access when disabled.
- 
    Try changing permissions on a file in the NFS share from ol-node-02. sudo chmod 766 /nfs-mount/shared-text.txtThe output shows permission denied even though the command uses sudo.
- 
    Switch to the terminal connected to ol-node-01. 
- 
    Disable root_squashon the share.echo "/nfs-share ol-node-02(rw,no_root_squash)" | sudo tee /etc/exports > /dev/nullWhere ol-node-02is the hostname or IP address of the client instance.
- 
    Restart the NFS server. sudo systemctl restart nfs-server
- 
    Switch to the terminal connected to ol-node-02. 
- 
    Try changing permissions on the file again. sudo chmod 766 /nfs-mount/shared-text.txt ls -lh /nfs-mountThe output shows the execute permissions removed from the group and other columns. 
Mount Share Using fstab
To have the mounted share available after a reboot of the client instance, add an entry to the fstab file.
- 
    Unmount the NFS share. sudo umount /nfs-mount ls -lh /nfs-mountThe ls -lhshows the directory is empty and therefore not mounted.
- 
    Update the fstabfile.echo "ol-node-01:/nfs-share /nfs-mount nfs rw 0 0" | sudo tee -a /etc/fstab > /dev/null tail -n5 /etc/fstabWhere ol-node-01is the hostname or IP address of the server instance.tail -n5displays the last five lines in the/etc/fstabfile.
- 
    Mount and verify the share is accessible. sudo mount -a ls -lh /nfs-mount
- 
    Unmount and Remove the Share sudo umount /nfs-mount sudo sed -i '$ d' /etc/fstab
Install the autofs Package
- 
    Install the package. sudo dnf install -y autofs
- 
    Verify the installation. The autofs utilities install various configuration maps under the /etcdirectory.ls -lh /etc/auto*
Configure the Master Map File
This file is the first of two files read by the autofs service. The master map file, located in /etc/auto.master, contains entries in the following format:
mount-point [map-type[,format]:]map [options]
Rather than edit the main file, the service also includes and reads files conforming to this format when placed in the /etc/auto.master.d directory.
- 
    Add a master map entry file. echo "/nfs-mount /etc/auto.mynfs --timeout=180" | sudo tee /etc/auto.master.d/mynfs.autofs > /dev/nullThis entry defines the mount point as /nfs-mountand the map file asauto.mynfs. The share will automatically unmount after 180 seconds if the client does not act on the share. The file created has an extension of.autofs.
- 
    Verify the entry. ls -lh /etc/auto.master.d cat /etc/auto.master.d/mynfs.autofsFor more details on autofs map files, check out man auto.master.
Configure a Map File
This map file is the second file read by the autofs service. The map files contain entries using the following format:
mount-point mount-options location
- 
    Create the map file. echo "mynfs -fstype=nfs,rw,soft,intr ol-node-01:/nfs-share" | sudo tee /etc/auto.mynfs > /dev/nullWhere: - mynfsis a mount point.
- -fstype=nfsis the file system type, and- rw,soft,intrare mount options.
- ol-node-01is the hostname or IP address of the NFS server instance.
- :/nfs-shareis the NFS share.
 Check out man mountfor more details on the various mount options.
Start the Service
- 
    Start and enable the autofs service in a single step. sudo systemctl enable --now autofs
Try to Access the Mount Point
The mount point for the NFS share is /nfs-mount/mynfs.
- 
    Change to the mount point and get a directory listing. cd /nfs-mount/mynfs; ls -lThe output displays a list of files from the NFS server. 
- 
    Get a report showing the list of file systems and their disk usage. df -ThThe output shows the NFS share and the autofs mount point details. 
Next Steps
Through the steps in this tutorial, we have shown how to create an NFS server and use several methods to mount its shares within Oracle Linux. Using these steps as a starting point will help you as an administrator to share files and resources with your users for applications and other purposes. For further topics and training, see the Related Links section below.
Related Links
More Learning Resources
Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.
For product documentation, visit Oracle Help Center.
Create an NFS Server on Oracle Linux
F40619-08
September 2024