How To Setup an NFS Mount on CentOS 7

NFS, short for Network File System, is a client-server system that enables users to access network files as though they were part of the local file directory. NFS works with one server acting as the NFS host, which can provide any number of remote servers known as the clients with access to repositories that are on the host. On each client’ server, these shared repositories from the host must then be “mounted” in order to be accessed. Once mounted, the clients benefit from the ability to use these repositories as though on their own file system, but not needing any of the space, and the host structure allows for central management of files. Essentially, this means that NFS mounts are an easy and quick way to set up file sharing that is also easy to administer.

This tutorial describes the process of setting up at NFS mount on CentOS7 using two servers to act as the NFS host and client, as well as give an example of typical usage.

Getting Started

• 2 Node (Cloud Server or Dedicated Server) running CentOS 7.
• Root access to the node.

Tutorial

For the purposes of this guide, we use the following details for our NFS server and client. Please replace their IP addresses with those of your own servers when completing this tutorial.
Server 1 : client – 10.10.0.134
Server 2 : nfs-server – 10.10.0.135

Initial Setup

In order for our two servers to be able to communicate in this tutorial, we need to add them to each other’s respective hosts files. In both the servers to be used, open the /etc/hosts file:
sudo nano /etc/hosts

To the hosts file, add the following information, and replace the IP addresses we used for the IPs of your own machines:
10.10.0.134 client
10.10.0.135 nfs-server

Setting Up the NFS Server

For NFS to work, both servers must be able to access each other. We will disable the security measures SELinux and Firewalld on both of our servers, otherwise the client will run into a connection time out error when trying to access files. Do the following on the client and NFS server. You can also modify Firewalld and SELinux to allow more complicated NFS sharing, but for a local system or a protected environment it is unnecessary.

First, disable Firewalld:
systemctl stop firewalld
systemctl disable firewalld

To disable SELinux, you must use a text editor in order to edit its configuration file, which controls the state of SELinux on the system:
vi /etc/selinux/config

SELinux has three modes: enforcing, permissive, and disabled. In the file we opened, make sure that the SELINUX= line is set to disabled as shown.
SELINUX=disabled

After editing the SELinux configuration file, you must restart the servers to apply the new settings with the following command:
reboot

Now we are ready to setup our NFS host server, so all actions in this section should be executed on the NFS server. We begin by installing the nfs-utils package. Remember that all commands should be executed as the root user.
yum -y install nfs-utils

With the necessary NFS packages installed, use the following commands to enable and start the necessary services on boot:
systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap
systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap

For our repository to be shared using NFS, we will create /sharednfss on the NFS host with this command:
mkdir /sharednfs

Since we are using sudo, this sharing directory is owned by the root user. However, for the case that you want to use a directory only for sharing (for example, not /home but something like /var/fornfsonly), then you should change the ownership of the repository. This can be done using sudo chown nobody:nogroup /sharednfs. We will continue in our tutorial however assuming root access, and thus there is no need to change permissions.

To be able to share this repository, we must create an exports file for NFS to use:
nano /etc/exports

This file provides information for NFS concerning the configuration of what is being shared via NFS and will have the following format. Each line of the file contains the rules for sharing per respective directory:
/first/directory client(option1,option2,...)
/second/directory client(option1,option2,...)

We must modify this /etc/exports file with the details of our directory /sharednfs to be shared from the above step in order to be able to share it with the client. In the exports file we just opened, type the following line before saving and closing the file:
/sharednfs client(rw,sync,no_root_squash,no_subtree_check)

For our shared repository, we used the following options: rw,sync,no_root_squash,no_subtree_check. The first option, rw, allows clients repository read and write access. sync directs NFS to, before replying to clients, store any changes that were made in the shared repository to the disk, thus ensuring file consistency. no_subtree_check, much like it sounds, prevents subtree checking, which is essentially the host performing a check to see if a file is still available. The last option,no_root_squash, is used to allow root access in the case that a shared repository is owned by root, as traditionally NFS restricts client root access to host root-owned repositories.

These changes allow the repositories specified in the exports file to be shared after the exports file is loaded. Reload the new exports file and restart the NFS service with:
exportfs -a
systemctl restart nfs-server

Setting Up Your Client Server

After setting up the host, proceed with the setup of your second CentOS 7 server that will be your client. Just like on the NFS host server, the client server also needs the nfs-utils package. Install it using yum with the -y option to prevent prompts for yes:
yum -y install nfs-utils

With the NFS packages installed, we again need to start and enable the NFS service on boot using the following commands:
systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap
systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap

On the NFS host server, we had created a directory to be shared. This directory needs what is known as a “mount point” on the client system in order for it to be “mounted” and thereby, able to be accessed. Mount points tend to be assigned in /mnt on a filesystem. Create the mount point for the NFS repository using this command:
mkdir -p /mnt/sharednfs

Mount the actual repository from the host to the client directory created in the above step:
mount -t 10.10.0.135:/sharednfs /mnt/sharednfs

At this point, we should have a directory /sharednfs that is on the NFS host server, which has the IP address 10.10.0.135. This directory should also be accessible from its mount point /mnt/sharednfs on the client server, which has the IP address 10.10.0.134. To check that the shared directory is indeed mounted, use the following command, which shows the shared repositories and sharing settings line by line:
mount -t nfs

So we don’t have to mount this directory to be shared manually each time we start our client server, we can modify the fstab file to mount automatically on boot. To begin, open the file:
nano /etc/fstab

With the fstab file open, add this line to the end of the file, save, and close. The man page for NFS (accessed by typing man nfs in the prompt or found online) provides a multitude of options for the actual mount-on-boot process that can be set within this file.
nfs-server:/sharednfs nfs nfs defaults 0 0

Testing Your NFS Mount Setup

We can verify that the setup is working as it should with a simple test. On your NFS server, navigate to /sharednfs and create a file:
cd /sharednfs
echo Hello world > hello.txt

Next, on the client server, go to the mounted directory and check “hello.txt” is there as it should be:
cd /mnt/sharednfs
ls

Conclusion

Now that you have completed this guide, you have a basic overview of how NFS mounting works in a host and client network environment. This type of setup provides many advantages ranging from central management to space optimization. Outside the scope of this guide, it should be noted that while NFS itself is easy to setup, the protocol it uses by default is not encrypted. This means you can take further steps to enhance security if the environment calls for it. Aside from protocol, NFS does offer an enhanced flexibility in how repositories are shared and with whom, which does provide some security. If this guide for setting up NFS on CentOS 7 was useful to you, go ahead and share it with your friends.