CH 22 & 24 NFS and DFS review

Question 1

NFS

Answer 1

1. Network File System - file and directory sharing mechanism native to Unix and Linux
2. Concept similar to Microsoft Windows file sharing. (while concept similar, there are distinct differences in the implementation)
3. Allows users to attach a remote file system (disk) and work with it as if it were a local drive.

Question 2

Mechanics of NFS

Answer 2

1. NFS uses client-server architecture.
   a. Server - Device that is allowing others to use its disk space.
   b. Client - device that is consuming the disk space offered by the server.
   c. Sharing is enabled by adding a line indicating the directory to be share in /etc/exports on the server, which allows access by clients.

Example: if you listed the entry of /home/ssv2 192.168.1.100/25(rw) in the file /etc/exports, you would share /home/ssv2 as read-write on the subnet 192.168.100.0/24

Entries in the file include:

a. Directory - directory path you want to share.
b. Client - client IP address or DNS hostname you want to share it with.
c. Options - options for the connection (read/write, read-only, root_squash)

Question 3

Remote Procedure Call (RPC)

Answer 3

1. Communication using NFS is done using the Remote Procedure Call (RPC) protocol.
   a. RPCs are responsible for handling requests between client and server.
   b. RPC provides a standard mechanism for any RPC client to contact a server.
   c. Allows the client to determine to which service the call should be directed.
2. Services must be registered on the server in order to be able to communicate via RPC.

Question 4

Security Considerations for NFS

Answer 4

1. NFS is not considered to be a very secure protocol.
   a. Precautions must be taken to ensure that users of the client don’t gain root permissions.
   b. The root_squash option can be used to control permissions to the share, but care must be used in setting up initial permissions if non-root users will be accessing via client connections.
   c. If root_squash isn’t specified (or no_root_squash is specified), then root of the client machine will have the same level of access as the server’s root account.

Question 5

Enabling NFS

Answer 5

1. Almost all major Linux distros natively support NFS.
2. The issue isn’t implementing NFS, but setting up RPC.
3. Based on the distro, here are ways of setting up RPC access.
   a. Fedora - $yum install rpcbind
   b. Ubuntu - $apt-get install portmap
   c. These programs handle the RPC registrations

Question 6

Components of NFS

Answer 6

NFS relies on various processes/components to perform the client/server communication.

1. rpc.nfsd - main component of the NFS - it is the server daemon. Works in conjunction with the Linux kernel to load or unload the NFS module when necessary.
2. rpc.statd - sends notifications to NFS clients whenever the NFS service is restarted after a non-graceful shutdown. Provides status information to rpc.lockd when queried.
3. rpc.rqoutad - supplies the interface between NFS and the system quota manager. Users connected via NFS are held to the same quota restrictions as if they were working directly on the server.
4. rpc.mountd - performs permission checking during the mount request process.
5. rpc.lockd - allows clients to issue file locks on the server. Handles lock recovery on NFS startup after a non-graceful shutdown.
6. rpc.idmapd - provides mappings of users and groups between the server and client.
7. rpc.gssd/rpc.svcgssd - provides authentication and advanced security resources.

Question 7

Configuring NFS server

Answer 7

Setting up a NFS server is a two-part process.

1. First step is set up the criteria in the /etc/exports file.
2. Second step is to start the NFS processes that read the /etc/exports file.

Question 8

Configuring NFS clients

Answer 8

Configuring NFS client under Linux is easy - it does not require any additional software.

1. Only need the mount command. There are two types of mount.
   a. Soft - if a request fails, the NFS client will report an error to the process on the client requesting access (response depends on how program is developed)
   b. Hard - if a request fails, the program accessing the file via NFS will hang until connection is re-established or manually killed.

Question 9

Distributed File System (DFS)

Answer 9

1. Distributed File System (DFS) - provide a mechanism to allow for a unified view of file system resources located on different servers.
2. Essentially, file system resources can be divided, shared, or distributed in a logical or physical manner across a network.
3. DFS works on the concept of replication - copying the same data between different nodes across a WAN.

Question 10

DFS Terminology

Brick

Answer 10

Brick - a physical server/system whose local storage resource is contributing to the overall storage capacity of the DFS.

Question 11

DFS Terminology

Metadata

Answer 11

Metadata - refers to all other characteristics of data except the actual data themselves.

Question 12

DFS Terminology

Fault Tolerance

Answer 12

Fault tolerance - the amount of transparent and continued access to shared resources of DFS in the event of some sort of failure.

Question 13

DFS Terminology

Replication

Answer 13

Replication - process of the duplication of the contents of one file system onto another location.

Question 14

DFS Terminology

POSIX compliance

Answer 14

POSIX compliance - Portable Operating System Interface for UNIX is an IEEE standard that dicates how UNIX/Linux file metadata (such as permissions and timestamps) are preserved and updated via the DFS.

Question 15

DFS Implementations

Answer 15

There are multiple DFS implementations

1. GlusterFS
2. Luster
3. MooseFS
4. Microsoft DSF (MS-DFS) - while it cannot be set up via Linux, Linux clients can be configured to support MS-DFS.
5. OpenAFS
6. XtreemFS

Question 16

GlusterFS

Answer 16

1. GlusterFS is a popular DFS implementation.
2. It can be installed onto most distros
   a. $yum install glusterfs
   b. $glusterfs-server