How to create an NFS export on the ECS.
Gather the following prerequisite information for creating exports on the ECS this is needed to create the correct mappings needed for the export users. Connect to the client host where the NFS export will be mounted and gather some basic information for later use in this KB.
Information needed from the outputs gathered below:
Example used in this KB:
- The uid of the Linux host user
- The gid of group
- The group name related to the gid.
- The IP address of the Linux host.
This is the ID of the user from the Linux host we are using in this KB:
The group ID identified from the Linux host:
The default group name
identified from the Linux host:
# id <Linux User>
# ip addr
[root@client ~]# id gpadmin
uid=500(gpadmin) gid=500(gpadmin) groups=506(service),500(gpadmin)
[root@client ~]# ip addr
9: bond1: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 90:e2:ba:d2:03:bc brd ff:ff:ff:ff:ff:ff
inet x.x.x.x/24 brd x.x.x.x scope global bond1
- Create the Namespace and select the Replication Group on the ECS (optional if one exists):
Navigation: Manage > Namespace
- Create a namespace user:
Note: Later we will be mapping this user to the Linux uid gathered from the prerequisite information above.
Navigation: Manage > Users
- Create the file enabled bucket:
Note: In this example the user was just created for the Bucket Owner and in most cases the user can be any user for the Namespace.
Navigation: Manage > Buckets
- Click Next > to continue the bucket creation.
- Click File System to On and enter the Default Bucket Group information from the prerequisite, this point select granting permissions for the bucket.
Note: You will need the Linux default group name from the prerequisite information gathered at the beginning of this KB, this will need to match exactly.
- Click Next > Click Save to complete the bucket creation.
- Create the export click New Export.
Navigation: Manage > File
- Select the Namespace and Bucket.
- Click Add under Export Host Options choosing Permissions, Write Transfer Policy, Authentication and Mounting Directories Allow options:
Note: Under the host export with the RootSquash field specify the ECS object user name that will be used to map incoming root user (uid=0). If left blank, root user will be squashed to a non-existent user preventing any reads/writes unless there's a User Mapping created for uid=0.
- Map Default Group set for the file system bucket set in Step 3 to the gid identified in the prerequisites and map the user created in Step 2 to the prerequisites user uid. You can repeat these steps for additional users needed to access for access to the export.
Note: The mapping enables ECS to treat an ECS object user and an NFS user as the same user but with two sets of credentials, one to access ECS using NFS, and one to access the ECS using the object protocols. Because the accounts are mapped, files written by an NFS user will be accessible as objects by the mapped object user and objects written by the object users will be accessible as files by the NFS user. The permissions associated with the file or object will be based on a mapping between POSIX and object protocol ACL privileges.
Note: The uid from the prerequisite is mapped to the ECS Namespace user created in Step 2.
Example of both User and Group Mapping:
- On the client system where you will be mounting the export we will need to check to see if the export is available.
# showmount -e <IP Address of the ECS>
[root@client ~]# showmount -e x.x.x.x
Export list for x.x.x.x:
- Create the mount point on the local Linux host.
# mkdir <Path to new mount point>
# ls -lart <Path to new mount point>
[root@client ~]# mkdir /tmp/mnt
[root@client ~]# ls -lart /tmp/mnt
drwx------ 2 gpadmin root 4096 Oct 22 18:08 .
drwxrwxrwt. 4 root root 4096 Oct 24 12:34 ..
- Mount the export to your Linux host and confirm the export is mounted.
Note: It is important that you specify -o "vers=3" because the ECS only supports version 3.
# mount -t nfs -o "vers=3,nolock,rsize=524288,wsize=524288" <ECS IP Addres> <Local Mount Point>
[root@client ~]# mount -t nfs -o "vers=3,nolock,rsize=524288,wsize=524288" x.x.x.x:/nfsnamespace/nfsbucket/ /tmp/mnt
[root@client ~]# mount
x.x.x.x:/nfsnamespace/nfsbucket/ on /tmp/mnt type nfs (rw,vers=3,nolock,rsize=524288,wsize=524288,addr=x.x.x.x)
- Validate files can be created and accessed by the same mount point:
[gpadmin@client ~]$ cd /tmp/mnt
[gpadmin@client mnt]$ touch file2
[gpadmin@client mnt]$ ls -lart
-rw------- 1 gpadmin gpadmin 0 Apr 11 17:24 file1
-rw------- 1 gpadmin gpadmin 0 Apr 11 17:25 file2