I just purchased a Qnap NAS box that I want to share with 2 VM hosts. I have done quite a bit of research on NFS vs. ISCSI and it would seem that NFS has some pretty good advantages over iSCSI. Especially when on a trunked network. The Hosts are both Centos 5.3. I'm wondering what the optimum settings (options) for the NFS mount would be? I have a Synology DiskStation (DSM 6.0.2) that exports shared directories via NFSv4. I specified a NFSv4 domain ITET-PHO. On another Linux machine (Debian Wheezy), I want to mount this export using idmapping. There I have the following configuration of /etc/idmapd.conf: [General] Verbosity = 2 Pipefs-Directory = /run/rpc_pipefs # set your own domain here, if id differs from FQDN minus hostname Domain = ITET-PHO [Mapping] Nobody-User = nobody Nobody-Group = nogroup [Translation] Method = static [Static] erikhe@ITET-PHO = erik So I attempt to statically map the user erikhe on the Synology, which is in the domain ITET-PHO to the local user erik. All other users should be mapped to nobody. However, when I mount the shared directory, I just see the UID numbers from the Synology: drwxr-xr-x 4 4096 Okt 5 10:21 erikhe-301898 Also all the other UIDs are shown instead of nobody. In the log-file I see that idmap is doing something. This is when doing service nfs-common restart: Oct 5 15:11:07 sisyphous systemd[1]: Stopping LSB: NFS support files common to client and server. Oct 5 15:11:07 sisyphous nfs-common[6520]: Stopping NFS common utilities: idmapd statd. Oct 5 15:11:07 sisyphous systemd[1]: Stopped LSB: NFS support files common to client and server. Oct 5 15:11:07 sisyphous systemd[1]: Starting LSB: NFS support files common to client and server. Oct 5 15:11:07 sisyphous rpc.statd[6539]: Version 1.2.8 starting Oct 5 15:11:07 sisyphous sm-notify[6540]: Version 1.2.8 starting Oct 5 15:11:07 sisyphous sm-notify[6540]: Already notifying clients; Exiting! Disclaimer: ID mapping without a Kerberos server only works halfway with NFSv4, it seems. I managed to get the correct usernames to show up on my client when listing files, but creating new files always creates them as user nobody because the Synology doesn't map anything in that case. And the suggest this is normal behaviour of idmapd when not using Kerberos for some reason. (EDIT: ) However, what I did: First, you have to enable idmapping after loading the NFS service. For that, you have to edit the file /usr/syno/etc/rc.sysv/S83nfsd.sh on the Synology. Find the line SYNOLoadModules $KERNELMODULE and add the following line after that: echo 'N' > /sys/module/nfsd/parameters/nfs4_disable_idmapping Then, still on the Synology, edit the /etc/idmap.conf and set the Domain to your ITET-PHO if not already set. Disable NFS, apply and re-enable (+apply) it afterwards in the Synology's control centre to reload nfds. On your client machine, create a file /etc/modprobe.d/nfs-idmap.conf with the following contents: options nfs nfs4_disable_idmapping=0 options nfsd nfs4_disable_idmapping=0 Reload the nfs kernel module afterwards to apply the options. Also make sure, idmapd is running on your client. (On Ubuntu artful, I had to run sudo systemctl start nfs-idmapd manually, I think.) And, of course, use nfsvers=4 as a mount option. Access denied on this server. (On the Synology, you can killall idmapd and run it in foreground using idmapd -f -vvv to see if it's doing anything.).
0 Комментарии
Оставить ответ. |
АвторНапишите что-нибудь о себе. Не надо ничего особенного, просто общие данные. АрхивыКатегории |