In this tutorial, we will discuss how to configure NFS server on Ubuntu 18.04 server. Network File system (NFS) is a commonly used file-based storage system that allows remote systems to access files over a computer network and interact with them as if they were locally mounted. This enables system Administrators to group resources onto centralized servers on a network for easy sharing.
Table of Contents
Configuring NFS Server on Ubuntu 18.04 Server
NFS operates on a server-client architecture and therefore to demonstrate how to configure NFS server to share directories and files over the network and Ubuntu 18.04 desktop as our NFS client, these are the details of our nfs server and client are:
- NFS server: nfs01.example.com, 192.168.43.154
- NFS client: usera.example.com, 192.168.43.214
Install NFS Server Packages
Install NFS server packages on the NFS server host
apt install nfs-kernel-server -yConfigure NFS Server ID Mapping Domain
- The “Domain” option is used to specify the domain name for id mapping. ID mapping is the process of mapping user and group IDs between different systems to ensure that file access permissions are correctly applied.
- When a user accesses a file on an NFS share, the NFS server needs to know which user or group on the client system is requesting the access. The NFS server uses the user and group IDs provided by the client system to verify the user’s identity and apply the appropriate access permissions. However, the user and group IDs on the client system may be different from the IDs on the NFS server. This can cause a mismatch in the file access permissions and prevent the user from accessing the files.
- To address this issue, NFS uses ID mapping to map the user and group IDs between the client and server systems. When a user accesses a file on an NFS share, the NFS client maps the user and group IDs from the client system to new IDs that are recognized by the NFS server. This ensures that the user is correctly identified and the appropriate access permissions are applied.
- ID mapping is handled by the
rpc.idmapddaemon on both the NFS client and server. The ID mapping settings are defined in the/etc/idmapd.conffile. The file defines how the IDs are mapped between the client and server systems, including the mapping mechanism, domain, and cache size.
Thus, edit the /etc/idmapd.conf file and uncomment line 6 and set it to the correct domain name.
vim /etc/idmapd.conf[General]
...
Domain = kifarunix-demo.com
...Save and exit the file.
Configure the NFS Exports
Exports are file systems or directories on an NFS server that are shared to or accessible to NFS clients.
So we are going to create a general directory and a private directory where the files we would like to share publicly or privately respectively over the network will be stored.
mkdir /opt/{general,private}To set up a directory for sharing, specify the directory to be shared, IP addresses/networks or domain names (if you have DNS server) of the systems to share with along the options associated with shared directory in the format:
nfshare nfsclient_IP or nfsclients_net or_domainname(sharingoptions)Edit the /etc/exports file and set up the above directories for sharing.
vim /etc/exportsIn our case, we will share the general directory with anyone and the private directory with specific clients.
...
# NFS share directory
/opt/general *(ro,sync,root_squash,subtree_check)
/opt/private 192.168.43.214(rw,sync,no_root_squash,no_subtree_check)The mount options used above are;
romounts the directory on the client with read only permissions.rwmounts the shared directory on the client with read write permissionssyncensures that any changes made to the shared directory is synchronized between the server and the client.root_squashmaps the remote root user privileges into a non-privileged user on the NFS serverno_root_squashallows remote user to access the share with full privileges of the root user on the NFS server.subtree_checkensures that in case a directory instead of a block device is exported, the nfs server must check the existence of files in the shared directory for every request made.no_subtree_checkspecifies that the nfs server should not verify the availability of the files in the export for every request.
For a deeper insight into the export mount options, check man 5 exports
Once done with editing, save the file.
Next, run the following command to update the exported/shared directories.
exportfs -arvfSample output;
exporting 192.168.43.214:/opt/private
exporting *:/opt/generalSee the man page for exportfs to more information on options used above
man exportfsOpen NFS Server Ports on Firewall
If firewall is running on NFS server, allow access to the nfs share from the client.
We are using UFW in our server, hence;
ufw allow from 192.168.43.214 to any port nfsSimilarly, you might need to control which port NFS server will use to handles mount requests from NFS clients. rpc-bind dynamically assigns ports for RPC services and this can cause issues with access to the shares
To control this and ensure that the ports are static, edit the /etc/nfs.conf and set the port value to any port of your choice that is currently not used by any service.
vim /etc/nfs.conf[mountd]
...
port=53603
...Save and exit the file.
Open the RPC mount port on firewall;
ufw allow from 192.168.43.214 to any port 53603/udpufw allow from 192.168.43.214 to any port 53603/tcpRestart NFS Service
If all is well, restart NFS service so as to make the share available to NFS clients.
systemctl restart nfs-kernel-serverConfigure NFS Client on Ubuntu
Install NFS Client Packages
Install NFS client packages on your NFS client system;
apt install nfs-common -yConfigure NFS Domain for ID mapping
Edit the /etc/idmapd.conf file and un-comment line 6 and set it to the correct domain name.
vim /etc/idmapd.conf...
Domain = kifarunix-demo.com
...Save and exit the file.
Create a directory to mount the remote share
To access the remote shared directories on the client, we need to mount those directories on the NFS client.
mkdir -p /nfs-shares/{general,private}Check NFS server Export List
Run the following command to verify the export list on NFS server;
showmount -e 192.168.43.154Sample output;
Export list for 192.168.43.154:
/opt/general *
/opt/private 192.168.43.214Mount the NFS shares on NFS client
Mount the exports on NFS client as shown below
mount -t nfs 192.168.43.154:/opt/general /nfs-shares/generalmount -t nfs 192.168.43.154:/opt/private /nfs-shares/private/Verify the mounting with the following command;
df -hT
Filesystem Type Size Used Avail Use% Mounted on
udev devtmpfs 697M 0 697M 0% /dev
tmpfs tmpfs 146M 1.6M 144M 2% /run
/dev/mapper/ubuntu--vg-root ext4 8.9G 4.1G 4.3G 50% /
[...]
192.168.43.154:/opt/general nfs4 8.9G 1.7G 6.7G 21% /nfs-shares/general
192.168.43.154:/opt/private nfs4 8.9G 1.7G 6.7G 21% /nfs-shares/private
As you can see, both of the shares have been mounted.
To finalize on this, let us create some files on the NFS server and verify that the same becomes available to the client.
touch /opt/general/public-files.txt /opt/private/private-files.txtOn the client:
ls /nfs-shares/general/
public-files.txtls /nfs-shares/private/
private-files.txtConclusion
And that is how you can easily setup NFS Server on Ubuntu 18.04. You can now be able to access the exports from Ubuntu 18.04 desktop.
Would be great if you could have included the instructions on how to make sure the nfs share is remounted at reboot.