Creating NFS exports

To create NFS exports, follow these steps:

  1. Create the root export.
  2. Mount the root export, as described in the Storage User Guide.

    Do not mount NFS shares on cluster nodes. It may lead to node freeze.

  3. Create user exports in the mounted root export.
  4. Mount these user exports the same way you have mounted the root export.

Prerequisites

To create the root export

Admin panel

  1. On the Storage services > NFS > Shares screen, click the name of the desired share. This will open the share screen.
  2. On the share screen, click Add export.
  3. In the Add export window, specify root as the export name and / as its path, and then select the Read and write access mode. Then, click Add.

    Do not use other names or paths for the root export.

    This will create a directory with a default path that designates the export location inside the share. This path is automatically generated based on the share name and used (alongside the share’s IP address) to mount the export.

    Do not give the users access to the root export.

    The root export will be shown in the export list.

Command-line interface

Use the following command:

vinfra service nfs export create --path <path> --access-type <access-type> --security-types <security-types>
                                 <share-name> <export-name>
--path <path>
Path to the NFS export
--access-type <access-type>
Type of access to the NFS export (none, rw, or ro)
--security-types <security-types>
Types of NFS export security (none, sys, krb5, krb5i, or krb5p)
<share-name>
NFS share name
<export-name>
NFS export name

For example, to create the root export for the share share1, run:

# vinfra service nfs export create share1 root --path / --access-type rw --security-types none

The created root export will appear in the vinfra service nfs export list output:

# vinfra service nfs export list --share-name share1
+---------+-----------------+-------------+
| name    | path            | access_type |
+---------+-----------------+-------------+
| root    | /share1         | rw          |
+---------+-----------------+-------------+

To create user exports

Admin panel

  1. In the mounted root export, create a subdirectory for a user export, for example, export1.
  2. On the share screen, click Add export.
  3. In the Add export window, specify the following:

    1. Enter a user export name and specify /export1 as a path.
    2. Select the access mode between Read and write and Read.
    3. In the Advanced settings section, select the desired root squashing option:

      • If you select Disallow access with root UID, you map root users to the anonymous user and group.
      • If you select Disallow access with root UID but allow access to user groups with non-zero GIDs, you map root users to the anonymous user, but allow non-zero groups of root users.
      • If you select Squash all users to anonymous, you map all users to the anonymous user.
      • If you select Allow access with root UID, you allow root users keep administrative access privileges to remote files.
    4. Change the anonymous user and group identifiers. Their default value is -2, which maps to the "nobody" user.

  4. Click Add.
  5. The user export will appear in the export list.

Command-line interface

Use the following command:

vinfra service nfs export create --path <path> --access-type <access-type> --security-types <security-types>
                                 [--client <address=ip_addresses:access=access_type:security=security_types>]
                                 [--squash <squash>] [--anonymous-gid <anonymous-gid>] [--anonymous-uid <anonymous-uid>]
                                 <share-name> <export-name>
--path <path>
Path to the NFS export
--access-type <access-type>
Type of access to the NFS export (none, rw, or ro)
--security-types <security-types>
Types of NFS export security (none, sys, krb5, krb5i, or krb5p)
--client <address=ip_addresses:access=access_type:security=security_types>
Client access list of the NFS export
--squash <squash>
NFS export squash (root_squash, root_id_squash, all_squash, or none)
--anonymous-gid <anonymous-gid>
Anonymous GID of the NFS export
--anonymous-uid <anonymous-uid>
Anonymous UID of the NFS export
<share-name>
NFS share name
<export-name>
NFS export name

For example, to create the user export export1 at /export1, run:

# vinfra service nfs export create share1 export1 --path /export1 --access-type rw --security-types none

The created NFS exports will appear in the vinfra service nfs export list output:

# vinfra service nfs export list --share-name share1
+---------+-----------------+-------------+
| name    | path            | access_type |
+---------+-----------------+-------------+
| export1 | /share1/export1 | rw          |
| root    | /share1         | rw          |
+---------+-----------------+-------------+