Lesson 5

Date: 2/19/2009

Network File System (NFS)

Linux for Engineering and IT Applications

Practical Exercises with NFSv3
1. Setup your desktop machine as NFS client and your cluster node as NFS server, following the instructions below.

Install the NFS related packages by using apt-get.
On your node:

apt-get install portmap nfs-common nfs-kernel-server

On the desktop:

apt-get install portmap nfs-common

On your node, create a directory on top of your home directory to export it, for example,

mkdir /home/exports
chmod 755 /home/exports

Create a dummy user and create his home directory in /home/exports:

/usr/sbin/groupadd -g 666 jonny
/usr/sbin/useradd -m -s /bin/bash -u 666 -g 666 -d /home/exports/jonny jonny

Copy some files from /etc into directory /home/exports/jonny and give them ownership "jonny":

cp /etc/hosts /home/exports/jonny
cp /etc/nsswitch.conf /home/exports/jonny
cp /etc/inetd.conf /home/exports/jonny

Then

cp /etc/securetty /home/exports/jonny

and live it a root ownreship.
Modify file /etc/exports to include export of directory /home/exports to your desktop, for example, desktop02:

/home/exports  desktop02(rw)

Make sure your desktop and its IP address are included in /etc/hosts file. Start portmap and NFS services:

/etc/init.d/portmap start
/etc/init.d/nfs-common start
/etc/init.d/nfs-kernel-server start

Make sure the services are running by executing command rpcinfo:

rpcinfo -p

You should see the following:

   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  41642  status
    100024    1   tcp  40680  status
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100003    4   udp   2049  nfs
    100021    1   udp  34976  nlockmgr
    100021    3   udp  34976  nlockmgr
    100021    4   udp  34976  nlockmgr
    100003    2   tcp   2049  nfs
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100021    1   tcp  39350  nlockmgr
    100021    3   tcp  39350  nlockmgr
    100021    4   tcp  39350  nlockmgr
    100005    1   udp  56432  mountd
    100005    1   tcp  57344  mountd
    100005    2   udp  56432  mountd
    100005    2   tcp  57344  mountd
    100005    3   udp  56432  mountd
    100005    3   tcp  57344  mountd

On the desktop machine run rpcinfo pointing at the server

rpcinfo -p node02

If you see the same output as on the NFS server, it means the server allows you to access the portmap and its rpc services. Check what directories are exported to you from the server:

/sbin/showmount -e node02

It should show

/home/exports desktop02

Now you are ready to mount its directory on the node. Create a new mounting point and mount the exported directory onto it:

mkdir /home/exports
mount node02:/home/exports /home/exports

To make sure the directory has been mounted, run command

df -h

The mounted directory shows up in the bottom of the file systems list:

node02:/home/exports   494M   78M  390M  17% /home/exports

To see who is the owner of the files in the directory, run command

ls -l /home/exports/jonny

Since there is no user with UID=666 and GID=666 on the node, the mounted directory would belong to a non-existent user:

ls -l /home/exports/jonny
total 5
-rw-r--r--    1 666      666           104 Feb 10 19:32 hosts
-rw-r--r--    1 666      666          1750 Feb 10 19:32 nsswitch.conf
-rw-------    1 root     root          114 Feb 10  2003 securetty
-rw-r--r--    1 666      666           289 Feb 10 19:32 inetd.conf

Create user jonny with UID=GID=667 and try to change the ownership of the directory on the node:

chown jonny:jonny /home/exports/jonny

It doesn't work.

Change the UID and GID of jonny to be consistent with those on the NFS server:

/usr/sbin/groupmod -g 666 jonny
/usr/sbin/usermod -u 666 -g 666 jonny

Become user jonny then step into directory /home/exports:

su jonny
cd /home/exports/jonny

and see if you can create files in this directory. Unmount the directory,

umount /home/exports

Modify file /etc/fstab by including a new entry with /home/exports:

node02:/home/exports  /home/exports   nfs     rw      0    0

Then run

mount -a

Check if it is mounted

df -h

Remove the entry from /etc/fstab and unmount the directory. If the directory can not get unmounted and you receive error message "device is busy", check what processes hold the directory by executing command fuser:

/bin/fuser -m (file_system)

For example,

/bin/fuser -m /home/exports

Kill these processes and try to unmount the directory again.
Try to avoid NFS mounting through /etc/fstab. Use either manual mount or automount.

2. Mount the directory on the desktop again. Shutdown the NFS server on your node:

/etc/init.d/nfs-kernel-server stop

Try to access the NFS mounted directory, for example, with ls.
Try Ctrl_C to unfreeze the terminal.
Start the NFS server on you node

/etc/init.d/nfs-kernel-server start

and try to access the directory again.

3. Repeat exercise #2 using options rw,intr,hard in command mount.

4. Repeat exercise #2 using options rw,intr,soft in command mount. Wait for 30 - 60 seconds until it times out.

5. Observing stale file handle error.
On the NFS server, create a new directory tree under NFS exported directory:

mkdir -p /home/exports/test/demo

On the client, step into the directory:

cd /home/exports/test
ls

On the NFS server, remove directory test with its subdirectory:

cd /home/exports
rm -rf test

On the client, run

ls

6. Finding the optimal write and read block sizes (wsize, rsize).
Modify /etc/exports on the NFS server to allow root access to the exported directory on the client:

/home/exports  desktop02(rw,no_root_squash)

Re-export the directory

/usr/sbin/exportfs -ra

On the desktop, mount the directory with read and write block sizes option rsize=1024,wsize=1024:

mount -o rsize=1024,wsize=1024 node02:/home/exports /home/exports

To make sure the directory is accessible, run command

 ls -l /home/exports

Check the time (real time) it would take to write 1.6 MB file over the NFS:

time dd if=/dev/zero of=/home/exports/testfile bs=16k count=100

Check how long it would take to read this file:

time dd if=/home/exports/testfile of=/dev/null bs=16k

Unmount the directory.
Repeat the same procedure with rsize = wsize = 2048, 4096, 5125, 8192, 10240, block sizes (they are N*1024 Bytes).
What is the optimal block size?

7. Protecting portmap with tcp_wrappers.
Unmount the NFS directory on the desktop. On the NFS server, put entry for portmap into /etc/hosts.deny:

portmap: ALL

Try mounting the directory on the desktop. On the NFS server, in file /etc/hosts.allow, put entry allowing to mount the directory on your node:

portmap: 192.168.5.22

8. Install autofs on the desktop machine (NFS client).

apt-get install autofs

Configure the master map file, /etc/auto.master, and specify the timeout 60 seconds:

/mnt   /etc/auto.exports  --timeout=60

Make sure directory /mnt already exists.

Configure the indirect map file, /etc/auto.exports:

exports  -rw,hard,intr  node02:/home/exports

Restart or reload autofs:

/etc/init.d/autofs restart

Access the file system and check if it gets mounted:

cd /mnt/exports
df

Run command df -h again after about a minute.

NFS implementation
NFS versions
File System virtualization
NFS and RPC
NFS and OSI
NFSv3 server stateless
NFSv3 daemons
NFS mount
NFSv3 server side
NFSv3 client side
Standard mount
Automount
Security and Optimization
NFSv4 features
NFSv3 Exercises
NFSv4 Exercises
Take me to the Course Website