Ubuntu: Create an NFS server mount on Ubuntu

Enabling NFS on a server and client allows the client to mount a remote filesystem. Below are the steps for an Ubuntu host server and Ubuntu remote client.

Enabling NFS on host server

Install Packages
sudo apt-get update
sudo apt-get install nfs-common nfs-kernel-server -y
Create Directory to share
sudo mkdir -p /data/nfs1
sudo chown nobody:nogroup /data/nfs1
sudo chmod g+rwxs /data/nfs1
Export directory

Append a line to “/etc/exports” defining the share, and limiting access to clients in the 192.168.0.0/16 network.

$ echo -e "/data/nfs1\t192.168.0.0/16(rw,sync,no_subtree_check,no_root_squash)" | sudo tee -a /etc/exports


$ sudo exportfs -av 
/data/nfs1 192.168.0.0/16
Enable firewall ports
# check firwall rules, enable ufw
sudo ufw status
sudo ufw enable

# allow portmapper access
sudo ufw allow 111

# allow nfs access
sudo ufw allow 2049

# set mountd port and allow access (used by non-v4 nfs utils)
echo -e "mountd\t\t6666/tcp" | sudo tee -a /etc/services
echo -e "mountd\t\t6666/udp" | sudo tee -a /etc/services
sudo ufw allow 6666

# check firewall rules
sudo ufw status
Restart NFS service
# restart and show logs
sudo systemctl restart nfs-kernel-server
sudo systemctl status nfs-kernel-server
Show export details
$ /sbin/showmount -e localhost
Export list for 127.0.0.1:
/data/nfs1 192.168.0.0/16

Enabling NFS on remote client

Now that the NFS server side is configured, move to a remote Ubuntu host that will serve as the client.

Install Packages
sudo apt-get update
sudo apt-get install nfs-common -y
Validate server ports
$ rpcinfo -p 192.168.1.239

 program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100005 1 udp 6666 mountd
100005 1 tcp 6666 mountd
100005 2 udp 6666 mountd
100005 2 tcp 6666 mountd
100005 3 udp 6666 mountd
100005 3 tcp 6666 mountd
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 3 tcp 2049
100003 3 udp 2049 nfs
100227 3 udp 2049
100021 1 udp 59632 nlockmgr
100021 3 udp 59632 nlockmgr
100021 4 udp 59632 nlockmgr
100021 1 tcp 35035 nlockmgr
100021 3 tcp 35035 nlockmgr

Test NFS client connectivity with showmount:

$ showmount -e 192.168.1.239
Export list for 192.168.1.239:
/data/nfs1 192.168.0.0/16
Create Directory for mount
sudo mkdir -p /remote/nfs1
sudo chown $USER:$USER /remote/nfs1
sudo chmod g+rwxs /remote/nfs1
ls -ld /remote/nfs1
Mount
# mount
sudo mount -vvv 192.168.1.239:/data/nfs1 /remote/nfs1

# show info on mounted fs
df -h | grep nfs1
Test

From the client, we now need to test the ability to create files. First we will create a file as a normal user then using sudo.

touch /remote/nfs1/fromclient.txt
touch /remote/nfs1/fromclient-sudo.txt

These files should now show up on the NFS server side in the “/data/nfs1” directory. And because we use the “no_root_squash” option, using sudo on the client side is able to create files on the host also owned by root.

Additionally, this option allows a sudo from the client side to modify permissions on host files which is convenient for administration.

Client unmount
sudo umount /remote/nfs1
Persistent mount

If you want this mount to exist after a client reboot, you need to add the following line to “/etc/fstab”.

echo -e "192.168.1.239:/data/nfs1\t/remote/nfs1\tnfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0" | sudo tee -a /etc/fstab

 

REFERENCES

Digital Ocean, NFS mount for server and client on Ubuntu xenial

Ubuntu official NFS Howto

Stackoverflow, Ports opened for NFS

set mountd ports via /etc/services

Use strace to figure out ports that are blocked with showmount

Redhat running NFS behind a firewall

exportfs options (-u to unexport, -r to reenable)

 

NOTES

Do not need to restart NFS server, run after changes to /etc/exports

sudo exportfs -ra

Unexport single server share

# if filter on client host set
sudo exportfs -v -u 192.168.0.0/16:/data/nfs1

# if no client filter set
sudo exportfs -v -u *:/data/nfs1

If you get “Read Only” errors from mount, then try ‘vers=3’ option

sudo mount -t nfs -o rw,vers=3 -vvv 192.168.1.239:/data/nfs1 /remote/nfs1