In certain situations you may want to share a RAID10 volme of NFS as a shared mount point across the instances in the VPC. You can follow the steps below
NFS Server instance:-
1. Install "nfs-utils" package
************
$sudo yum install -y nfs-utils
************
2. Add the below services at the instance boot up time
************
$sudo chkconfig --levels 345 nfs on
$sudo chkconfig --levels 345 nfslock on
$sudo chkconfig --levels 345 rpcbind on
************
3. Export the mounted volume to the machines in the VPC cidr block
************
$ cat /etc/exports
/mnt/md0 <VPC_CIDR>(rw)
************
4. Set the permissions for the mount point and also sub folders if any
************
$ ls -l
total 0
drwxrwxrwx 2 root root 69 May 28 06:22 md0
************
NOTE - I had give 777 as the permissions for /mnt/md0 folders. Without appropriate permissions, there will be a mount point error. For some reason 766 doesn't work as well.
5. Start the services
*************
$ sudo service rpcbind start
Starting rpcbind: [ OK ]
$ sudo service nfs start
Initializing kernel nfsd: [ OK ]
Starting NFS services: [ OK ]
Starting NFS mountd: [ OK ]
Starting NFS daemon: [ OK ]
Starting RPC idmapd: [ OK ]
$ sudo service nfslock start
Starting NFS statd: [ OK ]
*************
6. Export the mounted RAID volume to all the instances in the VPC
*************
$ sudo exportfs -av
exporting <VPC_CIDR>:/mnt/md0
*************
7. Allow ingress rules on nfs server instance's security group for TCP and UDP ports 2049 and 111 for NFS and rpcbind
*************
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol tcp --port 2049 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol udp --port 2049 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol tcp --port 111 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol udp --port 111 --cidr <VPC_CIDR>
*************
NFS client instance:-
1. Install "nfs-utils" package
************
$sudo yum install -y nfs-utils
************
2. Create a mount point on the instance
************
$sudo mkdir /vol
************
2. Allow ingress rules for TCP and UDP ports for 2049 and 111 for nfs and rpcbind communication
*************
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol tcp --port 2049 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol udp --port 2049 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol tcp --port 111 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol udp --port 111 --cidr <VPC_CIDR>
*************
3. mount the nfs volume on the nfs client machine
*************
$sudo mount -t nfs <private ip of nfs server>:/mnt/md0 /vol
*************
4. Confirm the mounted raid volume shows available disk space
*************
$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/xvda1 7.8G 1.1G 6.6G 15% /
devtmpfs 490M 56K 490M 1% /dev
tmpfs 499M 0 499M 0% /dev/shm
<private ip>:/mnt/md0 3.0G 33M 3.0G 2% /vol
*************
5. Test by writing a file on the mounted nfs volume on the client instance
*************
$ sudo echo "this is a test" >> /vol/test.txt
*************
6. Also check the system logs using dmesg
*************
$ sudo dmesg |tail
[ 360.660410] FS-Cache: Loaded
[ 360.773794] RPC: Registered named UNIX socket transport module.
[ 360.777793] RPC: Registered udp transport module.
[ 360.779718] RPC: Registered tcp transport module.
[ 360.781867] RPC: Registered tcp NFSv4.1 backchannel transport module.
[ 360.845503] FS-Cache: Netfs 'nfs' registered for caching
[ 443.240670] Key type dns_resolver registered
[ 443.251609] NFS: Registering the id_resolver key type
[ 443.253882] Key type id_resolver registered
[ 443.255682] Key type id_legacy registered
*************
NFS Server instance:-
1. Install "nfs-utils" package
************
$sudo yum install -y nfs-utils
************
2. Add the below services at the instance boot up time
************
$sudo chkconfig --levels 345 nfs on
$sudo chkconfig --levels 345 nfslock on
$sudo chkconfig --levels 345 rpcbind on
************
3. Export the mounted volume to the machines in the VPC cidr block
************
$ cat /etc/exports
/mnt/md0 <VPC_CIDR>(rw)
************
4. Set the permissions for the mount point and also sub folders if any
************
$ ls -l
total 0
drwxrwxrwx 2 root root 69 May 28 06:22 md0
************
NOTE - I had give 777 as the permissions for /mnt/md0 folders. Without appropriate permissions, there will be a mount point error. For some reason 766 doesn't work as well.
5. Start the services
*************
$ sudo service rpcbind start
Starting rpcbind: [ OK ]
$ sudo service nfs start
Initializing kernel nfsd: [ OK ]
Starting NFS services: [ OK ]
Starting NFS mountd: [ OK ]
Starting NFS daemon: [ OK ]
Starting RPC idmapd: [ OK ]
$ sudo service nfslock start
Starting NFS statd: [ OK ]
*************
6. Export the mounted RAID volume to all the instances in the VPC
*************
$ sudo exportfs -av
exporting <VPC_CIDR>:/mnt/md0
*************
7. Allow ingress rules on nfs server instance's security group for TCP and UDP ports 2049 and 111 for NFS and rpcbind
*************
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol tcp --port 2049 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol udp --port 2049 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol tcp --port 111 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol udp --port 111 --cidr <VPC_CIDR>
*************
NFS client instance:-
1. Install "nfs-utils" package
************
$sudo yum install -y nfs-utils
************
2. Create a mount point on the instance
************
$sudo mkdir /vol
************
2. Allow ingress rules for TCP and UDP ports for 2049 and 111 for nfs and rpcbind communication
*************
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol tcp --port 2049 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol udp --port 2049 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol tcp --port 111 --cidr <VPC_CIDR>
$aws ec2 authorize-security-group-ingress --group-id sg-7ad9a61e --protocol udp --port 111 --cidr <VPC_CIDR>
*************
3. mount the nfs volume on the nfs client machine
*************
$sudo mount -t nfs <private ip of nfs server>:/mnt/md0 /vol
*************
4. Confirm the mounted raid volume shows available disk space
*************
$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/xvda1 7.8G 1.1G 6.6G 15% /
devtmpfs 490M 56K 490M 1% /dev
tmpfs 499M 0 499M 0% /dev/shm
<private ip>:/mnt/md0 3.0G 33M 3.0G 2% /vol
*************
5. Test by writing a file on the mounted nfs volume on the client instance
*************
$ sudo echo "this is a test" >> /vol/test.txt
*************
6. Also check the system logs using dmesg
*************
$ sudo dmesg |tail
[ 360.660410] FS-Cache: Loaded
[ 360.773794] RPC: Registered named UNIX socket transport module.
[ 360.777793] RPC: Registered udp transport module.
[ 360.779718] RPC: Registered tcp transport module.
[ 360.781867] RPC: Registered tcp NFSv4.1 backchannel transport module.
[ 360.845503] FS-Cache: Netfs 'nfs' registered for caching
[ 443.240670] Key type dns_resolver registered
[ 443.251609] NFS: Registering the id_resolver key type
[ 443.253882] Key type id_resolver registered
[ 443.255682] Key type id_legacy registered
*************
No comments:
Post a Comment