1 / 22

Distributed File Systems

Distributed File Systems. Objectives to understand Unix network file sharing Contents Installing NFS How To Get NFS Started The /etc/exports File Activating Modifications The Exports File NFS And DNS Configuring The NFS Client Other NFS Considerations Practical

abba
Download Presentation

Distributed File Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Distributed File Systems • Objectives • to understand Unix network file sharing • Contents • Installing NFS • How To Get NFS Started • The /etc/exports File • Activating Modifications The Exports File • NFS And DNS • Configuring The NFS Client • Other NFS Considerations • Practical • to share and mount NFS file systems • Summary

  2. DFS: An Overview • Unix distributed filesystems are used to • centralise administration of disks • provide transparent file sharing across a network • Three main systems: • NFS: Network File Systems developed by Sun Microsystems 1984 • AFS: Andrew Filesystem developed by Carnegie-Mellon University • Unix NFS packages usually include client and server components • A DFS server shares local files on the network • A DFS client mounts shared files locally • a Unix system can be a client, server or both depending on which commands are executed

  3. Overview of NFS • Developed by Sun Microsystems 1984 • Independent of operating system, network, and transport protocols. • Now available on many platforms including: • Linux, Windows, OS/2, MVS, VMS, AIX, HP-UX…. • Restrictions of NFS • stateless open architecture • Unix filesystem semantics not guaranteed • No access to remote special files (devices, etc.) • Restricted locking • file locking is implemented through a separate lock daemon

  4. mountd biod nfsd statdlockd statdlockd The NFS Protocol Stack MOUNT NFS server client XDR RPC TRANSPORT, NETWORK, LINK & PHYSICAL LAYERS

  5. The NFS Client • NFS clients access network shared directories using the mount command • NFS mount options: rw/ro read-write (default) or read-only hard retry mount operation until server responds (default) or soft try mount once and allow to timeout retrans & transmission and timeout parameters for soft mounted operationstimeout bg after first mount failure, retry mount in the background intr allow operations on filesystems to be interrupted with signals • Use /etc/fstab to make NFS mounts permanent a02:/tmp  /mnt/nethome   nfs    soft      0      0 • Manually mounting /tmp as /mnt/nethome on local host from a02: # hostname a01 # mount –o rw,soft -t nfs a02:/tmp /mnt/nethome

  6. Exercise - Using mount with NFS • What command will mount /usr/share from mash4077 on the local mount point /usr/share? • How do I check what filesystems are mounted locally? • Make a static mount in a01 ”/mnt/nethome” of exported ”a02:/tmp” in /etc/fstab: • Manually mount exported a02:/usr/share as read only on a01: # # #

  7. The NFS Server Solaris type’s • The share command is used to share directories on the network • any directory can be exported • subdirectories of an exported directory may not be exported unless they are on a different disk • parents of an exported directory may not be exported unless they are on a different disk • only local filesystems can be exported • Share options: ro/rw share readonly or read/write (default) for all clients rw=host[:host]... allow only the named hosts to write, no access to others ro=host:[host]... readonly access to the named hosts, no access to others root=host:[host]... allow root access from named hostsonly anon=-1 deny access to unknown users # share -F nfs -o ro=rosies /home/hawkeye

  8. More on Shared Directories • Add a line to /etc/dfs/dfstab to share a directory permanent • each line in this file is simply the share command required • commands in this file are executed by the nfs script in /etc/init.d • Use unshare to stop sharing a directory • Use dfshares to look at your shared resources • can specify other hosts on command line • Use dfmounts to look at who has mounted your shares • can specify other hosts on command line # dfshares RESOURCE SERVER ACCESS TRANSPORT /home/hawkeye mash4077 - - # dfmounts RESOURCE SERVER PATHNAME CLIENTS /home/hawkeye mash4077 /home/hawkeye rosies

  9. Exercise - Sharing Directories • Write down the commands to do the following? # share /usr/share readonly for all clients # share /etc readonly for rosies and tokyo and read/write for seoul # list the files containing the permanent shares # # two commands showing what your host has shared # check who has mounted your shared directories # check who has mounted directories on rosies

  10. NFS under BSD systems • NFS uses different commands for BSD systems • Mount directories using mount as for SVR4 • Share directories using exportfs • Permanently share directories using /etc/exports • one line per shared directory • use access=host instead of ro=host • Look at network shares using showmount # cat /etc/exports /home/hawkeye ro=rosies /etc rw=seoul,access=rosies,tokyo # exportfs -a # showmount -e export list for mash4077: /home/hawkeye rosies /etc seoul,rosies,tokyo

  11. Installing NFS, RedHat Linux • Check if NFS is installed with rpm • Check if RPC portmap package installed rpm # rpm -qa | grep nfs redhat-config-nfs-1.1.3-1 nfs-utils-1.0.1-3.9 # rpm -qa | grep portmap portmap-4.0-57

  12. How To Get NFS Started • Activate the 3 nessesary servers for NFS at boot • NFS server demon • NFS file locking • RPC portmap • Start the NFS server • With sysconfig • Check that ther services for NFS is running with rpcinfo # chkconfig --level 35 nfs on # chkconfig --level 35 nfslock on # chkconfig --level 35 portmap on # service nfs start # rpcinfo -p localhost    program vers proto   port     100000    2   tcp    111  portmapper     100000    2   udp    111  portmapper     100003    2   udp   2049  nfs     100003    3   udp   2049  nfs     100021    1   udp   1024  nlockmgr     100021    3   udp   1024  nlockmgr     100021    4   udp   1024  nlockmgr     100005    1   udp   1042  mountd     100005    1   tcp   2342  mountd     100005    2   udp   1042  mountd     100005    2   tcp   2342  mountd     100005    3   udp   1042  mountd     100005    3   tcp   2342  mountd

  13. The /etc/exports File, static shares • Sample exports file • Some options in exports file • Squash changes remote identity to selectable local identity • RedHat uses another format in /etc/exports than BSD system’s # cat /etc/exports /data/files           *(ro,sync) /home                 192.168.0.0/24(rw,sync) /data/test            *.my-site.com(rw,sync) /data/database        192.168.0.203/32(rw,sync) roread only access rw read and write access syncwrite when requestedwdelaywait for sync hide dont show subdirs that is exported of other export no_all_squash remote uid’s & gid’s become equal of client root_squash remote root uid become anonymous on the client no_root_squash remote root equals to local root user

  14. Activating Modifications The Exports File • Re-reading all entries in /etc/exports file • When no directories have been exported to NFS, then the "exportfs -a" command is used: • After adding share(s) to /etc/exports file • When adding a share you can use the "exportfs -r" command to export only the new entries: • Deleting, Moving Or Modifying A Share • In this case it is best to temporarily unmount the NFS directories using the "exportfs -ua" command followed by the "exportfs -a" command. • Termporary export /usr/src to host 192.168.0.10 # exportfs -a # exportfs -r # exportfs -ua # exportfs -a # exportfs 192.168.0.10/usr/src –o rw

  15. Configuring The NFS Client • Ensure Portmap Is Running • Clients need portmap only to be running • If not, start portmap • Temporary mount nfs shares on client • umount temporaty mounted nfs shares on client • Show exported shares on server # rpcinfo -p localhost #/etc/init.d/portmap start # mkdir /mnt/nethome # mount –t nfs 192.168.0.10:/home /mnt/nethome # umount /mnt/nethome # showmount --exports 192.168.0.10

  16. Mount ”nfs-shares” at boot in client • Make entries in /etc/fstab • Some /etc/fstab mount options • Mount all unmounted • If you made changes on live system in fstab, you can mount all unmounted filesystem with: #/etc/fstab #Directory MountPoint Type   Options   Dump   FSCK 192.168.0.10:/data/files  /mnt/nfs   nfs    soft      0      0 auto mount this when mount –a is used defaults (rw suid dev exec auto nouser async) user allow regular users to mount/umount sync use syncron I/O most safe soft skip mount if server not responding hard try until server responds retry=minutes bg/fg retry mounting in background or foreground mount –a

  17. NFS security • NFS is inherently insecure • NFS can be run in encrypted mode which encrypts data over the network • AFS more appropriate for security conscious sites • User IDs must be co-ordinated across all platforms • UIDs and not user names are used to control file access • mismatched user id's cause access and security problems • Fortunately root access is denied by default • over NFS root is mapped to user nobody # mount | grep "/share" mail:/share on /share # id uid=555(hawkeye) gid=501(hawkeye) # touch /tmp/hawkeye # ssh mail ls -l /tmp/hawkeye -rwxr-xr-x 2 soonlee sonlee 0 Jan 11 11:21 /share/hawkeye

  18. NFS Hanging • Run NFS on a reliable network • Avoid having NFS servers that NFS mount each other's filesystems or directories • Always use the sync option whenever possible • Mission critical computers shouldn't rely on an NFS server to operate • Dont have NFS shares in search path

  19. NFS Hanging continued • File Locking • Known issues exist, test your applications carefullý • Nesting Exports • NFS doesn't allow you to export directories that are subdirectories of directories that have already been exported unless they are on different partitions. • Limiting "root" Access • no_root_squash • Restricting Access to the NFS server • You can add user named "nfsuser" on the NFS client to let this user squash access for all other users on that client

  20. Other DFS Systems • RFS: Remote File Sharing • developed by AT&T to address problems with NFS • stateful system supporting Unix filesystem semantics • uses same SVR4 commands as NFS, just use rfs as file type • standard in SVR4 but not found in many other systems • AFS: Andrew Filesystem • developed as a research project at Carnegie-Mellon University • now distributed by a third party (Transarc Corporation) • available for most Unix platforms and PCs running DOS, OS/2, Windows • uses its own set of commands • remote systems access through a common interface (the /afs directory) • supports local data caching and enhanced security using Kerberos • fast gaining popularity in the Unix community

  21. Summary • Unix supports file sharing across a network • NFS is the most popular system and allows Unix to share files with other O/S • Servers share directories across the network using the share command • Permanent shared drives can be configured into /etc/fstab • Clients use mount to access shared drives • Use mount and exportfs to look at distributed files/catalogs

More Related