Difference between revisions of "NFS (简体中文)"

From ArchWiki
Jump to: navigation, search
(必须的软件包)
(18 intermediate revisions by 5 users not shown)
Line 1: Line 1:
[[Category:Networking (English)]]
+
[[Category:Networking (简体中文)]]
[[Category:HOWTOs (English)]]
+
[[Category:简体中文]]
{{i18n_links_start}}
+
[[en:NFS]]
{{i18n_entry|English|Nfsv4}}
+
[[de:Network File System]]
{{i18n_entry|简体中文|Nfsv4(简体中文)}}
+
[[it:NFSv4]]
{{i18n_entry|繁体中文|Nfsv4繁体中文}}
+
{{Article summary start}}
{{i18n_links_end}}
+
{{Article summary text|Article covers configuration of NFSv4 which is an open standard network file sharing protocol.}}
 +
{{Article summary heading|Related}}
 +
{{Article summary wiki|NFS Troubleshooting}} - Dedicated article for common problems and solutions.
 +
{{Article summary wiki|NFSv3}} - Deprecated v3 format.
 +
{{Article summary end}}
 +
{{translateme (简体中文)}}
  
 +
来源 [[Wikipedia: Network File System|Wikipedia]]: NFS 网络文件系统(Network File System) 是由Sun公司1984年发布的分散式文件系统协议。允许用户像访问本地文件一样,去访问网络上共享的文件。NFS 是一個成功的文件共享方法,但它最大的问题是它不太适合大型的分散式系統。
  
 +
本文介绍 NFSv4 的安装.
 +
==安装==
 +
客户端和服务端都需要 [[Pacman|installation]] {{Pkg|nfs-utils}} 包。
  
=目标=
+
{{Note|建议在所有客户机和服务器上使用时间同步的守护进程(daemon),如果各个节点上没有精确的时钟,NFS 可能产生延时。}}
这篇文章的目标是让<span title="Network File System version 4" style="border-bottom:1px dotted">NFSv4</span> 运行在Arch Linux.上
+
<br>NFSv4 是 NFS 的一个新版本(对旧的NFSv3来说, see [[Nfs]]) with new features like strong authentication and integrity via Kerberos and SPKM-3, improved performance,  safe file caching, lock migration, UTF-8, ACLs and better support for Windows file sharing semantics.
+
  
=必须的软件包=
+
建议通过互联网同步服务端和客户端的时钟。
服务器端和客户端都需要的软件包(from AUR):
+
# [http://aur.archlinux.org/packages.php?do_Details=1&ID=13630 librpcsecgss]
+
# [http://aur.archlinux.org/packages.php?do_Details=1&ID=13625 nfs4-utils]
+
下载软件,编译和安装它们。
+
<br>'''Note: currently pacman doesn't seem to handle replacing when invoked with pacman -U.'''
+
'''Therefore, you'll need to remove nfs-utils before installing nfs4-utils''' (which is a complete drop-in replacement).
+
  
=配置=
+
==配置==
  
==服务端==
+
===服务端===
===Exports===
+
==== ID mapping ====
 +
编辑 {{ic|/etc/idmapd.conf}} 设置 {{ic|Domain}} 字段为你的域名。
  
首先我们需要编辑文件 /etc/exports.
+
{{hc|/etc/idmapd.conf|<nowiki>
一个典型的 NFSv4 export 应该象这样:
+
[General]
  /export    192.168.0.12(rw,fsid=0,no_subtree_check,async,no_root_squash)
+
   
/export/music 192.168.0.12(rw,no_subtree_check,async,no_root_squash)
+
Verbosity = 1
 +
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
 +
Domain = atomic
  
/export is the NFS root here (due to the fsid=0 entry). Everything else that you want to be shared over NFS must be accessible under /export.
+
[Mapping]
<br>For exporting directories outside the NFS root, see below.
+
<br>'''Note: the no_root_squash option means that root on the client is also considered root on the server. This is of course a security risk.''' '''Remove it if you don't need it.'''
+
<br><br>
+
====Exporting directories outside your NFS root====
+
To do this, you'll need to use bind mounts. For example, to bind /home/john to /export/john:
+
mount --bind /home/john /export/john
+
Then, /export/john needs to be added to /etc/exports:
+
/export    192.168.0.12(rw,fsid=0,no_subtree_check,async,no_root_squash)
+
/export/music 192.168.0.12(rw,no_subtree_check,async,no_root_squash)
+
/export/john 192.168.12(rw,no_subtree_check,async,no_root_squash,'''nohide''')
+
The nohide option is '''required''', because the kernel NFS server automatically hides mounted directories.
+
To add the bind mount to /etc/fstab:
+
/home/john    /export/john    none    bind  0 0
+
  
===ID mapping===
+
Nobody-User = nobody
 +
Nobody-Group = nobody
 +
</nowiki>}}
 +
==== 文件系统 ====
 +
{{Note|基于安全原因,建议指定一个 NFS 输出的根(目录),来限制用户的可用挂载点。下面的例子践行此原则。}}
  
Then, /etc/idmapd.conf needs to be edited. You'll need to at the very least specify your Domain there. Example:
+
在 {{ic|/etc/exports}} 里定义相对于 NFS 根目录的任意 NFS 共享。 在这个例子中,NFS 根目录为 {{ic|/srv/nfs4}} 并且共享 {{ic|/mnt/music}} 目录。
[General]
+
+
Verbosity = 1
+
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
+
'''Domain = archlinux.org'''
+
+
[Mapping]
+
+
Nobody-User = nobody
+
Nobody-Group = nobody
+
  
===Filesystems===
+
{{bc|# mkdir -p /srv/nfs4/music}}
Add the following lines to /etc/fstab:
+
rpc_pipefs /var/lib/nfs/rpc_pipefs rpc_pipefs defaults 0 0
+
nfsd /proc/fs/nfsd nfsd rw,nodev,noexec,nosuid 0 0
+
  
===Starting the server===
+
要想让客户端可以写入这个目录,确保 music 目录有读写权限。
  
To start the NFS server, just
+
挂载 {{ic|/mnt/music}} 到 NFS 共享。 使用 mount 命令:
/etc/rc.d/portmap start
+
/etc/rc.d/nfs-common start
+
/etc/rc.d/nfs-server start
+
If you want to tweak the configuration, feel free to edit /etc/conf.d/nfs-server.conf to your needs.
+
  
==Clients==
+
{{bc|# mount --bind /mnt/music /srv/nfs4/music}}
===ID mapping===
+
  
/etc/idmapd.conf needs to be edited on all clients '''and the Domain entry should be identical to the one on the server'''. Example:
+
为使服务器重启后仍然有效, 增加绑定到 {{ic|fstab}} 文件:
[General]
+
 
+
{{hc|/etc/fstab|
Verbosity = 1
+
/mnt/music /srv/nfs4/music  none  bind  0  0
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
+
}}
'''Domain = archlinux.org'''
+
 
+
==== Exports ====
[Mapping]
+
增加允许被挂载的目录和主机到{{ic|exports}}:
+
{{hc|/etc/exports|<nowiki>
Nobody-User = nobody
+
/srv/nfs4/ 192.168.0.1/24(rw,fsid=0,no_subtree_check)
Nobody-Group = nobody
+
/srv/nfs4/music 192.168.0.1/24(rw,no_subtree_check,nohide) # note the nohide option which is applied to mounted directories on the file system.
+
</nowiki>}}
[Translation]
+
 
Method = nsswitch
+
不必共享给整个子网; 设置一个指定的IP地址也不错。
 +
 
 +
具体设置查看 {{ic|man exports}} 。
 +
 
 +
{{Note|The {{ic|1=fsid=0}} is required for the root file system being exported. {{ic|/srv/nfs4}} is the NFS root here (due to the {{ic|1=fsid=0}} entry). Everything else that you want to be shared over NFS must be accessible under {{ic|/srv/nfs4}}. Setting an NFS root is required. For exporting directories outside the NFS root, see below.}}
 +
 
 +
更多可用选项 {{ic|man 5 exports}}.
 +
 
 +
如果服务运行时修改了 {{ic|/etc/exports}} 文件, 你需要重新导出使其生效。
 +
 
 +
{{bc|# exportfs -ra}}
 +
 
 +
====开始运行服务====
 +
 
 +
NFS 服务包括 {{ic|rpc-idmapd.service}} 和 {{ic|rpc-mountd.service}}
 +
 
 +
注意这些 units 会请求其它服务, 这些服务会被 [[systemd]] 自动开启。
 +
 
 +
===客户端===
 +
客户端需要 {{Pkg|nfs-utils}},但在连接 NFS4 服务器时无需其它步骤;
 +
 
 +
====Linux 上挂载====
 +
显示指定服务器的共享:
 +
 
 +
{{bc|$ showmount -e 服务器名或IP}}
 +
 
 +
然后按照普通方式挂载:
 +
{{bc|# mount -t nfs4 servername:/music /mountpoint/on/client}}
 +
 
 +
=====/etc/fstab 设置=====
 +
在启动时自动挂载。编辑 {{ic|/etc/fstab}} 文件,增加一行。
 +
 
 +
{{hc|/etc/fstab|<nowiki>
 +
servername:/music  /mountpoint/on/client  nfs4  rsize=8192,wsize=8192,timeo=14,intr 0 0
 +
</nowiki>}}
 +
 
 +
一些实用的附加挂载选项:
 +
 
 +
* {{ic|1=rsize=8192}} 和 {{ic|1=wsize=8192}}
 +
* {{ic|1=timeo=14}}
 +
* {{ic|1=intr}}
 +
 
 +
{{ic|rsize}} 的值是从服务器读取的字节数。{{ic|wsize}} 是写入到服务器的字节数。默认都是1024, 如果使用比较高的值,如8192,可以提高传输速度。 到底设到多少合适,还是自己测试吧。
 +
 
 +
The {{ic|timeo}} value is the amount of time, in tenths of a second, to wait before resending a transmission after an RPC timeout. After the first timeout, the timeout value is doubled for each retry for a maximum of 60 seconds or until a major timeout occurs. If connecting to a slow server or over a busy network, better performance can be achieved by increasing this timeout value.
 +
 
 +
The {{ic|intr}} option allows signals to interrupt the file operation if a major timeout occurs for a hard-mounted share.
 +
 
 +
=====Using autofs=====
 +
Using [[autofs]] is useful when multiple machines want to connect via NFS; they could both be clients as well as servers. The reason this method is preferable over the earlier one is that if the server is switched off, the client will not throw errors about being unable to find NFS shares. See [[autofs#NFS Network mounts]] for details.
 +
 
 +
==== Mounting from Windows ====
 +
{{Warning|Serious performance issues may occur (it randomly takes 30-60 seconds to display a folder, 2 MB/s file copy speed on gigabit LAN, ...) to which Microsoft does not have a solution yet.[https://social.technet.microsoft.com/Forums/en-CA/w7itpronetworking/thread/40cc01e3-65e4-4bb6-855e-cef1364a60ac]}}
 +
{{note|Only the Ultimate and Enterprise editions of Windows 7 and the Enterprise edition of Windows 8 include "Client for NFS"}}
 +
NFS shares can be mounted from windows if the "Client for NFS" service is actived (which it is not by default).
 +
To install the service go to "Programs and features" either through the control panel or by typing it in the search box from the start menu and click on "Turn Windows features on or off". Locate the "Services for NFS" and activate it as well as both subservices ("Administrative tools" and "Client for NFS").
 +
 
 +
Some global options can be set by opening the "Services for Network File System" (locate it with the search box) and right clicking on the client->properties.
 +
 
 +
{{Warning|Under Windows the share is addressed by its full path on the server, not just the path relative to the nfsroot! If in doubt run {{ic|showmount -e servername}} from '''cmd.exe'''}}
 +
 
 +
==== Mounting from OS X ====
 +
{{note|OS X by default uses an insecure (>1024) port to mount a share.}}
 +
Either export the share with the {{ic|insecure}} flag, and mount using Finder:
  
===Filesystems===
+
{{ic|Go}} > {{ic|Connect to Server}} > {{ic|nfs://servername/}}
Add the following line to /etc/fstab:
+
rpc_pipefs /var/lib/nfs/rpc_pipefs rpc_pipefs defaults 0 0
+
  
===Mounting the partitions on the client===
+
Or, mount the share using a secure port using the terminal:
 +
{{bc|# sudo mount -t nfs -o resvport servername:/ /Volumes/servername/}}
  
On the client, to mount the NFSv4 partition:
+
{{Warning|Under OS X the share is addressed by its full path on the server, not just the path relative to the nfsroot! If in doubt run {{ic|showmount -e servername}} from the terminal}}
/etc/rc.d/portmap start
+
/etc/rc.d/nfs-common start
+
mount -t nfs4 server:/ /mnt/server/
+
mount -t nfs4 server:/music /mnt/music/
+
mount -t nfs4 server:/john /mnt/john
+
Replacing 'server' with the hostname or IP address of your NFS server and of course 'server', 'music' and 'john' with the names of whatever directories you exported on the server.
+
'''Note that the root of the path on the server is the NFS root specified; all paths must be specified relative to it.'''
+
  
If you want the NFS volumes to mount automatically on bootup, add them to fstab.
+
== Troubleshooting ==
 +
''There is a dedicated article [[NFS Troubleshooting]].''

Revision as of 11:01, 17 January 2013

Template:Article summary start Template:Article summary text Template:Article summary heading Template:Article summary wiki - Dedicated article for common problems and solutions. Template:Article summary wiki - Deprecated v3 format. Template:Article summary end

Tango-preferences-desktop-locale.png本页面需要更新翻译,内容可能已经与英文脱节。要贡献翻译,请访问简体中文翻译组Tango-preferences-desktop-locale.png

附注: please use the first argument of the template to provide more detailed indications.

来源 Wikipedia: NFS 网络文件系统(Network File System) 是由Sun公司1984年发布的分散式文件系统协议。允许用户像访问本地文件一样,去访问网络上共享的文件。NFS 是一個成功的文件共享方法,但它最大的问题是它不太适合大型的分散式系統。

本文介绍 NFSv4 的安装.

安装

客户端和服务端都需要 installation nfs-utils 包。

Note: 建议在所有客户机和服务器上使用时间同步的守护进程(daemon),如果各个节点上没有精确的时钟,NFS 可能产生延时。

建议通过互联网同步服务端和客户端的时钟。

配置

服务端

ID mapping

编辑 /etc/idmapd.conf 设置 Domain 字段为你的域名。

/etc/idmapd.conf
[General]
 
Verbosity = 1
Pipefs-Directory = /var/lib/nfs/rpc_pipefs
Domain = atomic

[Mapping]

Nobody-User = nobody
Nobody-Group = nobody

文件系统

Note: 基于安全原因,建议指定一个 NFS 输出的根(目录),来限制用户的可用挂载点。下面的例子践行此原则。

/etc/exports 里定义相对于 NFS 根目录的任意 NFS 共享。 在这个例子中,NFS 根目录为 /srv/nfs4 并且共享 /mnt/music 目录。

# mkdir -p /srv/nfs4/music

要想让客户端可以写入这个目录,确保 music 目录有读写权限。

挂载 /mnt/music 到 NFS 共享。 使用 mount 命令:

# mount --bind /mnt/music /srv/nfs4/music

为使服务器重启后仍然有效, 增加绑定到 fstab 文件:

/etc/fstab
/mnt/music /srv/nfs4/music  none   bind   0   0

Exports

增加允许被挂载的目录和主机到exports:

/etc/exports
/srv/nfs4/ 192.168.0.1/24(rw,fsid=0,no_subtree_check)
/srv/nfs4/music 192.168.0.1/24(rw,no_subtree_check,nohide) # note the nohide option which is applied to mounted directories on the file system.

不必共享给整个子网; 设置一个指定的IP地址也不错。

具体设置查看 man exports

Note: The fsid=0 is required for the root file system being exported. /srv/nfs4 is the NFS root here (due to the fsid=0 entry). Everything else that you want to be shared over NFS must be accessible under /srv/nfs4. Setting an NFS root is required. For exporting directories outside the NFS root, see below.

更多可用选项 man 5 exports.

如果服务运行时修改了 /etc/exports 文件, 你需要重新导出使其生效。

# exportfs -ra

开始运行服务

NFS 服务包括 rpc-idmapd.servicerpc-mountd.service

注意这些 units 会请求其它服务, 这些服务会被 systemd 自动开启。

客户端

客户端需要 nfs-utils,但在连接 NFS4 服务器时无需其它步骤;

Linux 上挂载

显示指定服务器的共享:

$ showmount -e 服务器名或IP

然后按照普通方式挂载:

# mount -t nfs4 servername:/music /mountpoint/on/client
/etc/fstab 设置

在启动时自动挂载。编辑 /etc/fstab 文件,增加一行。

/etc/fstab
servername:/music   /mountpoint/on/client   nfs4   rsize=8192,wsize=8192,timeo=14,intr	0 0

一些实用的附加挂载选项:

  • rsize=8192wsize=8192
  • timeo=14
  • intr

rsize 的值是从服务器读取的字节数。wsize 是写入到服务器的字节数。默认都是1024, 如果使用比较高的值,如8192,可以提高传输速度。 到底设到多少合适,还是自己测试吧。

The timeo value is the amount of time, in tenths of a second, to wait before resending a transmission after an RPC timeout. After the first timeout, the timeout value is doubled for each retry for a maximum of 60 seconds or until a major timeout occurs. If connecting to a slow server or over a busy network, better performance can be achieved by increasing this timeout value.

The intr option allows signals to interrupt the file operation if a major timeout occurs for a hard-mounted share.

Using autofs

Using autofs is useful when multiple machines want to connect via NFS; they could both be clients as well as servers. The reason this method is preferable over the earlier one is that if the server is switched off, the client will not throw errors about being unable to find NFS shares. See autofs#NFS Network mounts for details.

Mounting from Windows

Warning: Serious performance issues may occur (it randomly takes 30-60 seconds to display a folder, 2 MB/s file copy speed on gigabit LAN, ...) to which Microsoft does not have a solution yet.[1]
Note: Only the Ultimate and Enterprise editions of Windows 7 and the Enterprise edition of Windows 8 include "Client for NFS"

NFS shares can be mounted from windows if the "Client for NFS" service is actived (which it is not by default). To install the service go to "Programs and features" either through the control panel or by typing it in the search box from the start menu and click on "Turn Windows features on or off". Locate the "Services for NFS" and activate it as well as both subservices ("Administrative tools" and "Client for NFS").

Some global options can be set by opening the "Services for Network File System" (locate it with the search box) and right clicking on the client->properties.

Warning: Under Windows the share is addressed by its full path on the server, not just the path relative to the nfsroot! If in doubt run showmount -e servername from cmd.exe

Mounting from OS X

Note: OS X by default uses an insecure (>1024) port to mount a share.

Either export the share with the insecure flag, and mount using Finder:

Go > Connect to Server > nfs://servername/

Or, mount the share using a secure port using the terminal:

# sudo mount -t nfs -o resvport servername:/ /Volumes/servername/
Warning: Under OS X the share is addressed by its full path on the server, not just the path relative to the nfsroot! If in doubt run showmount -e servername from the terminal

Troubleshooting

There is a dedicated article NFS Troubleshooting.