Setup OpenVZ NFS Server on Centos

i though i writing this down how i setup my own openvz nfs server container to serve as a NFS server. Installing it is pretty easy until a lot of errors start popping out when you try to start your openvz, so i though of just writing them down just in case.

To install openvz nfs server, all you need to do is

yum install nfs* -y

and all nfs library will be installed into your container. Next start everything!

 service rpcbind start
 chkconfig rpcbind on
 service nfs start
 chkconfig nfs on

And this is what i get,

Starting NFS services:                                     [  OK  ]
Starting NFS quotas:                                       [  OK  ]
Starting NFS mountd:                                       [  OK  ]
Starting NFS daemon: rpc.nfsd: Unable to access /proc/fs/nfsd errno 2 (No such file or directory).
Please try, as root, 'mount -t nfsd nfsd /proc/fs/nfsd' and then restart rpc.nfsd to correct the problem
                                                           [FAILED]

not too smooth journey as i though!

Different type of NFS errors

So there are a few kind of errors you will see when setting up an NFS server on Openvz container and you can see them on openvz.org NFS server article,

My issue was apparent this one,

If you see this:

# service nfs start
....
Starting NFS daemon: rpc.nfsd: Unable to access /proc/fs/nfsd errno 2 (No such file or directory).
Please try, as root, 'mount -t nfsd nfsd /proc/fs/nfsd' and then restart rpc.nfsd to correct the problem
                                                           [FAILED]
# mount -t nfsd nfsd /proc/fs/nfsd
mount: unknown filesystem type 'nfsd'
It means you haven't loaded nfsd kernel module on host before starting container.

Well...this means that i need to do more things!

Kernel NFS server

Kernel-space NFS server is supported by latest RHEL5 and RHEL6 based kernels and since vzctl-3.0.24. But currently only NFSv3 is supported - no NFSv4 support yet. More info here: http://forum.openvz.org/index.php?t=msg&goto=46174&. NFSv3 is notorious for leaving hanging file locks and in my opinion NFSv3 should not be used in file intensive setups. So that's the thing i will need to live with for the time being.

NFS Openvz Prerequisites

In order to run an NFS server inside a container, make sure:

  • nfsd kernel module is loaded on host system before starting a container
  • nfsd feature for a container is turned on

Setup

  • Make sure that rpcbind service is started before nfs service:
chkconfig rpcbind on && service rpcbind start
  • Disable NFSv4 and nfsd module loading warnings in /etc/sysconfig/nfs by uncommenting the following lines:
MOUNTD_NFS_V3="yes"
RPCNFSDARGS="-N 4"
NFSD_MODULE="noload"
  • Start NFS service:
chkconfig nfs on && service nfs start

Host node

Once you done that, remember to activate NFS inside a container issue the command below

vzctl set $CTID --feature nfsd:on --save

and ensure modules nfs and nfsd is loaded:

modprobe nfsd
modprobe nfs

All you left to do is to start your container and see whether the error is eliminated. If its still doesn't work, check out this forum thread where most of the information above are retrieved (credit goes to them).

*****UPDATE******

Opps, i forget. On /etc/exports u need to state the directory that you want people to be able to use your nfs to mount their machine on, in my case it's /mnt/nfs so i did this,

mkdir -p /mnt/nfs

then on /etc/exports i did this

/mnt/nfs     192.168.0.0/24(rw,no_root_squash,no_subtree_check,fsid=0)

take note that 192.168.0.0/24 is the range of ip that will mount my nfs directory.

Firewall Host

After everything is done up there, just remember to update your firewall to allow nfs port to your nfs server. On the path /etc/sysconfig/nfs open it up and update all the path and uncomment LOCKD_TCPPORT, MOUNTD_PORT, STATD_PORT and LOCKD_UDPPORT and allow the port as written below, ( and you will notice this is done on a Centos machine)

  1. Allow TCP and UDP port 2049 for NFS.
  2. Allow TCP and UDP port 111 (rpcbind/sunrpc).
  3. Allow the TCP and UDP port specified with MOUNTD_PORT="port"
  4. Allow the TCP and UDP port specified with STATD_PORT="port"
  5. Allow the TCP port specified with LOCKD_TCPPORT="port"
  6. Allow the UDP port specified with LOCKD_UDPPORT="p

and in case you need the iptables command, here you go, and you are welcome

-A PREROUTING -d 10.6.25.101/32 -i vmbr0 -p tcp -m tcp --dport 2925 -j DNAT --to-destination 192.168.0.111:22
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p tcp -m tcp --dport 32803 -j DNAT --to-destination 192.168.0.111:32803
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p tcp -m tcp --dport 892 -j DNAT --to-destination 192.168.0.111:892
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p tcp -m tcp --dport 662 -j DNAT --to-destination 192.168.0.111:662
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p tcp -m tcp --dport 2049 -j DNAT --to-destination 192.168.0.111:2049
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p tcp -m tcp --dport 111 -j DNAT --to-destination 192.168.0.111:111
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p udp -m udp --dport 892 -j DNAT --to-destination 192.168.0.111:892
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p udp -m udp --dport 662 -j DNAT --to-destination 192.168.0.111:662
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p udp -m udp --dport 111 -j DNAT --to-destination 192.168.0.111:111
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p udp -m udp --dport 2049 -j DNAT --to-destination 192.168.0.111:2049
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p udp -m udp --dport 32769 -j DNAT --to-destination 192.168.0.111:32769
-A PREROUTING -d 10.6.25.101/32 -i vmbr1 -p tcp -m tcp --dport 8000 -j DNAT --to-destination 192.168.0.111:8000

just port forwarding for both up and tcp 😉

and remember to open up all the port at /etc/sysconfig/nfs

#
# Define which protocol versions mountd
# will advertise. The values are "no" or "yes"
# with yes being the default
#MOUNTD_NFS_V2="no"
MOUNTD_NFS_V3="yes"
#
#
# Path to remote quota server. See rquotad(8)
#RQUOTAD="/usr/sbin/rpc.rquotad"
# Port rquotad should listen on.
#RQUOTAD_PORT=875
# Optinal options passed to rquotad
#RPCRQUOTADOPTS=""
#
#
# Optional arguments passed to in-kernel lockd
#LOCKDARG=
# TCP port rpc.lockd should listen on.
LOCKD_TCPPORT=32803
# UDP port rpc.lockd should listen on.
LOCKD_UDPPORT=32769
#
#
# Optional arguments passed to rpc.nfsd. See rpc.nfsd(8)
# Turn off v2 and v3 protocol support
#RPCNFSDARGS="-N 2 -N 3"
# Turn off v4 protocol support
RPCNFSDARGS="-N 4"
# Number of nfs server processes to be started.
# The default is 8.
#RPCNFSDCOUNT=8
# Stop the nfsd module from being pre-loaded
NFSD_MODULE="noload"
# Set V4 and NLM grace periods in seconds
#
# Warning, NFSD_V4_GRACE should not be less than
# NFSD_V4_LEASE was on the previous boot.
#
# To make NFSD_V4_GRACE shorter, with active v4 clients,
# first make NFSD_V4_LEASE shorter, then restart server.
# This will make the clients aware of the new value.
# Then NFSD_V4_GRACE can be decreased with another restart.
#
# When there are no active clients, changing these values
# can be done in a single server restart.
#
#NFSD_V4_GRACE=90
#NFSD_V4_LEASE=90
#NLM_GRACE_PERIOD=90
#
#
#
# Optional arguments passed to rpc.mountd. See rpc.mountd(8)
#RPCMOUNTDOPTS=""
# Port rpc.mountd should listen on.
MOUNTD_PORT=892
#
#
# Optional arguments passed to rpc.statd. See rpc.statd(8)
#STATDARG=""
# Port rpc.statd should listen on.
STATD_PORT=662
# Outgoing port statd should used. The default is port
# is random
#STATD_OUTGOING_PORT=2020
# Specify callout program
#STATD_HA_CALLOUT="/usr/local/bin/foo"
#
#
# Optional arguments passed to rpc.idmapd. See rpc.idmapd(8)
#RPCIDMAPDARGS=""
#
# Set to turn on Secure NFS mounts.
#SECURE_NFS="yes"
# Optional arguments passed to rpc.gssd. See rpc.gssd(8)
#RPCGSSDARGS=""
# Optional arguments passed to rpc.svcgssd. See rpc.svcgssd(8)
#RPCSVCGSSDARGS=""
#
# To enable RDMA support on the server by setting this to
# the port the server should listen on
#RDMA_PORT=20049

Firewall Guest

Remember to turn off or allow those port to your guest as well if you are on Centos.

chkconfig iptables off
service iptables stop

i prefer to off it entirely.

Appendix

  • https://www.howtoforge.com/setting-up-an-nfs-server-and-client-on-centos-6.3
  • http://forum.proxmox.com/threads/9509-NFS-inside-OpenVZ-container
  • http://www.unixmen.com/nfs-server-installation-and-configuration-in-centos-6-3-rhel-6-3-and-scientific-linux-6-3/
  • https://openvz.org/NFS_server_inside_container
  • http://www.linuxquestions.org/questions/linux-server-73/nfs-share-setup-issue-mountd-refused-mount-request-unmatched-host-924105/
  • https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/s2-nfs-nfs-firewall-config.html

No related posts.