To be completed by 2/21/2007
Practical Exercises
1. Setup your desktop machine as NFS server and your cluster node as
NFS client.
Make sure that all necessary packages have been installed;
Create a directory on top of your home directory to export it,
for example,
mkdir /home/exports
chmod 755 /home/exports
Create a dummy user and its owhership to the directory:
/usr/sbin/groupadd -g 666 jonny
/usr/sbin/useradd -m -s /bin/bash -u 666 -g 666 jonny
chown jonny:jonny /home/exports/
Copy some files from /etc into directory /home/exports and
give them ownership "jonny":
cp /etc/hosts /home/exports
cp /etc/nsswitch.conf /home/exports
cp /etc/inetd.conf /home/exports
Then cp /etc/securetty /home/exports and
live its root ownreship.
Include the directory in /etc/exports to export it to your node, for
example, node02:
/home/exports node02(rw)
Make sure your node and its IP address are included in /etc/hosts file.
Start portmap and NFS services:
/etc/init.d/portmap start
/etc/init.d/nfs-common start
/etc/init.d/nfs-kernel-server start
Make sure the services are running:
rpcinfo -p
You should see
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100021 1 udp 1046 nlockmgr
100021 3 udp 1046 nlockmgr
100021 4 udp 1046 nlockmgr
100005 1 udp 1047 mountd
100005 1 tcp 1925 mountd
100005 2 udp 1047 mountd
100005 2 tcp 1925 mountd
100005 3 udp 1047 mountd
100005 3 tcp 1925 mountd
100024 1 udp 1048 status
100024 1 tcp 1926 status
Login remotely to your node machine via rsh or ssh and run rpcinfo
pointing it at your desktop, for example:
rpcinfo -p unisys02
If you see the same output as on the NFS server, it means that the server
allows you to access the portmap and its rpc services.
Check what directories are exported to you from the server:
/sbin/showmount -e unisys02
It should show /home/exports node02.
Now you are ready to mount its directory on the node.
Create a new mounting point and mount the exported directory onto it:
mkdir /home/exports
mount unisys02:/home/exports /home/exports
Run df -h command to make sure the directory has
been mounted. The mounted directory shows up in the bottom of the file
systems list:
unisys02:/home/exports 494M 78M 390M 17% /home/exports
Run ls -l /home/exports/ to see who the files
in the directory belong to.
Since there is no user with UID=666 and GID=666 on the node,
the mounted directory would belong non-existent user:
ls -l /home/exports/
total 5
-rw-r--r-- 1 666 666 104 Feb 10 19:32 hosts
-rw-r--r-- 1 666 666 1750 Feb 10 19:32 nsswitch.conf
-rw------- 1 root root 114 Feb 10 2003 securetty
-rw-r--r-- 1 666 666 289 Feb 10 19:32 inetd.conf
Create user jonny with UID=GID=667 and
try to change the ownership of the directory on the node:
chown jonny:jonny /home/exports
Does it work? Why?
Change the UID and GID of jonny to be consistent with those on the NFS server:
/usr/sbin/groupmod -g 666 jonny
/usr/sbin/usermod -u 666 -g 666 jonny
Become user jonny; cd /home/exports and see if you can create files in
this directory.
Unmount the directory,
umount /home/exports
Modify file /etc/fstab including a new entry for /home/exports:
unisys02:/home/exports /home/exports nfs rw 0 0
Then run
mount -a
Check if it is mounted
df -h
Remove the entry from /etc/fstab and unmount the directory.
If the directory can not get unmounted and you receive error message
"device is busy", check what processes hold the directory by executing
fuser command: /bin/fuser -m
(file_system)
For example, /bin/fuser -m /mnt/nfs
Kill these processes and try to unmount the directory again.
Try to avoid NFS mounting through /etc/fstab. Use either
manual mount or automount.
2. Mount the directory on the node again. Shutdown the NFS server on your
desktop:
/etc/init.d/nfs-kernel-server stop
Try to access the NFS mounted directory, for example, with ls. Try to unfreeze the
terminal. Start the NFS server on you desktop
/etc/init.d/nfs-kernel-server start and try to
access the directory again.
3. Repeat exercise #2 using options rw,intr,hard in
mount command.
4. Repeat exercise #2 using options rw,intr,soft in
mount command. Wait for 30 - 60 seconds until it times out.
5. Observing stale file handle error.
On the NFS server, create a new directory tree under NFS exported directory:
mkdir -p /home/exports/test/demo
On the client, step into the directory:
cd /home/exports/test
ls
On the NFS server, remove directory test with its subdirectory:
cd /home/exports
rm -rf test
On the client, run
ls
6. Finding the optimal write and read block sizes (wsize, rsize).
Modify /etc/exports on the NFS server to allow root access to the
exported directory on the client:
/home/exports node02(rw,no_root_squash)
Re-export the directory, /usr/sbin/exportfs -ra
On the client node, mount the directory with read and write block sizes
option rsize=1024,wsize=1024:
mount -o rsize=1024,wsize=1024 unisys02:/home/exports /home/exports
Run ls -l /home/exports to make sure the
directory is accessible.
Check the time (real time) it would take to write 1.6 MB file over
the NFS:
time dd if=/dev/zero of=/home/exports/testfile bs=16k count=100
Check how long it would take to read this file:
time dd if=/home/exports/testfile of=/dev/null bs=16k
Unmount the directory. Repeat the same procedure with rsize = wsize =
2048, 4096, 5125, 8192, 10240, block sizes (they are N*1024 Bytes).
What is the optimal block size?
7. Protecting portmap with tcp_wrappers.
Unmount the NFS directory on the node. On the NFS server, put entry in
/etc/hosts.deny
portmap: ALL
Try to mount the directory on the node.
On the NFS server, in file /etc/hosts.allow, put entry allowing to
mount the directory on your node:
portmap: 192.168.5.22
8. Install autofs on you machine. Configure /etc/auto.master and indirect
maps to mount the directory in exercise#1 automatically; specify the
timeout 60 seconds; start the autofs; run df -h;
cd to this directory; leave the directory and
run df -h; run df -h
again after about a minute.
You may want to follow the instructions on automount settings in
NFS FAQ
9. Read Chapter 28
previous
top