NFS, or Network File System, is a distributed filesystem protocol that allows you to mount remote directories on your server. This allows you to leverage storage space in a different location and to write to the same space from multiple servers easily. NFS works well for directories that will have to be accessed regularly.
In this guide, we’ll cover how to configure NFS mounts on an Ubuntu 14.04 server.
In this guide, we will be configuring directory sharing between two Ubuntu 14.04 servers. These can be of any size. For each of these servers, you will have to have an account set up with sudo privileges. You can learn how to configure such an account by following steps 1-4 in our initial setup guide for Ubuntu 14.04 servers.
For the purposes of this guide, we are going to refer to the server that is going to be sharing its directories the host and the server that will mount these directories as the client.
In order to keep these straight throughout the guide, I will be using the following IP addresses as stand-ins for the host and server values:
You should substitute the values above with your own host and client values.
Before we can begin, we need to install the necessary components on both our host and client servers.
On the host server, we need to install the nfs-kernel-server
package, which will allow us to share our directories. Since this is the first operation that we’re performing with apt
in this session, we’ll refresh our local package index before the installation:
sudo apt-get update
sudo apt-get install nfs-kernel-server
Once these packages are installed, you can switch over to the client computer.
On the client computer, we’re going to have to install a package called nfs-common
, which provides NFS functionality without having to include the server components. Again, we will refresh the local package index prior to installation to ensure that we have up-to-date information:
sudo apt-get update
sudo apt-get install nfs-common
We’re going to experiment with sharing two separate directories during this guide. The first directory we’re going to share is the /home
directory that contains user data.
The second is a general purpose directory that we’re going to create specifically for NFS so that we can demonstrate the proper procedures and settings. This will be located at /var/nfs
.
Since the /home
directory already exists, go ahead and start by creating the /var/nfs
directory:
sudo mkdir /var/nfs
Now, we have a new directory designated specifically for sharing with remote hosts. However, the directory ownership is not ideal. We should give the user ownership to a user on our system named nobody
. We should give the group ownership to a group on our system named nogroup
as well.
We can do that by typing this command:
sudo chown nobody:nogroup /var/nfs
We only need to change the ownership on our directories that are used specifically for sharing. We wouldn’t want to change the ownership of our /home
directory, for instance, because it would cause a great number of problems for any users we have on our host server.
Now that we have our directories created and assigned, we can dive into the NFS configuration file to set up the sharing of these resources.
Open the /etc/exports
file in your text editor with root privileges:
sudo nano /etc/exports
The files that you see will have some comments that will show you the general structure of each configuration line. Basically, the syntax is something like:
<pre> <span class=“highlight”>directory_to_share</span> <span class=“highlight”>client</span>(<span class=“highlight”>share_option1</span>,<span class=“highlight”>…</span>,<span class=“highlight”>share_optionN</span>) </pre>
So we want to create a line for each of the directories that we wish to share. Since in this example or client has an IP of 111.111.111.111
, our lines will look like this:
<pre> /home <span class=“highlight”>111.111.111.111</span>(rw,sync,no_root_squash,no_subtree_check) /var/nfs <span class=“highlight”>111.111.111.111</span>(rw,sync,no_subtree_check) </pre>
We’ve explained everything here but the specific options we’ve enabled. Let’s go over those now.
When you are finished making your changes, save and close the file.
Next, you should create the NFS table that holds the exports of your shares by typing:
sudo exportfs -a
However, the NFS service is not actually running yet. You can start it by typing:
sudo service nfs-kernel-server start
This will make your shares available to the clients that you configured.
Now that your host server is configured and making its directory shares available, we need to prep our client.
We’re going to have to mount the remote shares, so let’s create some mount points. We’ll use the traditional /mnt
as a starting point and create a directory called nfs
under it to keep our shares consolidated.
The actual directories will correspond with their location on the host server. We can create each directory, and the necessary parent directories, by typing this:
sudo mkdir -p /mnt/nfs/home
sudo mkdir -p /mnt/nfs/var/nfs
Now that we have some place to put our remote shares, we can mount them by addressing our host server, which in this guide is 1.2.3.4
, like this:
<pre> sudo mount <span class=“highlight”>1.2.3.4</span>:/home /mnt/nfs/home sudo mount <span class=“highlight”>1.2.3.4</span>:/var/nfs /mnt/nfs/var/nfs </pre>
These should mount the shares from our host computer onto our client machine. We can double check this by looking at the available disk space on our client server:
<pre> df -h </pre> <pre> Filesystem Size Used Avail Use% Mounted on /dev/vda 59G 1.3G 55G 3% / none 4.0K 0 4.0K 0% /sys/fs/cgroup udev 2.0G 12K 2.0G 1% /dev tmpfs 396M 324K 396M 1% /run none 5.0M 0 5.0M 0% /run/lock none 2.0G 0 2.0G 0% /run/shm none 100M 0 100M 0% /run/user <span class=“highlight”>1.2.3.4:/home 59G 1.3G 55G 3% /mnt/nfs/home</span> </pre>
As you can see at the bottom, only one of our shares has shown up. This is because both of the shares that we exported are on the same filesystem on the remote server, meaning that they share the same pool of storage. In order for the Avail
and Use%
columns to remain accurate, only one share may be added into the calculations.
If you want to see all of the NFS shares that you have mounted, you can type:
<pre> mount -t nfs </pre> <pre> 1.2.3.4:/home on /mnt/nfs/home type nfs (rw,vers=4,addr=1.2.3.4,clientaddr=111.111.111.111) 1.2.3.4:/var/nfs on /mnt/nfs/var/nfs type nfs (rw,vers=4,addr=1.2.3.4,clientaddr=111.111.111.111) </pre>
This will show all of the NFS mounts that are currently accessible on your client machine.
You can test the access to your shares by writing something to your shares. You can write a test file to one of your shares like this:
sudo touch /mnt/nfs/home/test_home
Let’s write test file to the other share as well to demonstrate an important difference:
sudo touch /mnt/nfs/var/nfs/test_var_nfs
Look at the ownership of the file in the mounted home directory:
ls -l /mnt/nfs/home/test_home
-rw-r--r-- 1 root root 0 Apr 30 14:43 test_home
As you can see, the file is owned by root. This is because we disabled the root_squash
option on this mount that would have written the file as an anonymous, non-root user.
On our other test file, which was mounted with the root_squash
enabled, we will see something different:
ls -l /mnt/nfs/var/nfs/test_var_nfs
-rw-r--r-- 1 nobody nogroup 0 Apr 30 14:44 test_var_nfs
As you can see, this file was assigned to the “nobody” user and the “nogroup” group. This follows our configuration.
We can make the mounting of our remote NFS shares automatic by adding it to our fstab
file on the client.
Open this file with root privileges in your text editor:
sudo nano /etc/fstab
At the bottom of the file, we’re going to add a line for each of our shares. They will look like this:
<pre> <span class=“highlight”>1.2.3.4</span>:/home /mnt/nfs/home nfs auto,noatime,nolock,bg,nfsvers=4,intr,tcp,actimeo=1800 0 0 <span class=“highlight”>1.2.3.4</span>:/var/nfs /mnt/nfs/var/nfs nfs auto,noatime,nolock,bg,nfsvers=4,sec=krb5p,intr,tcp,actimeo=1800 0 0 </pre>
The options that we are specifying here can be found in the man page that describes NFS mounting in the fstab
file:
man nfs
This will automatically mount the remote partitions at boot (it may take a few moments for the connection to be made and the shares to be available).
If you no longer want the remote directory to be mounted on your system, you can unmount it easily by moving out of the share’s directory structure and unmounting, like this:
cd ~
sudo umount /mnt/nfs/home
sudo umount /mnt/nfs/var/nfs
This will remove the remote shares, leaving only your local storage accessible:
df -h
Filesystem Size Used Avail Use% Mounted on
/dev/vda 59G 1.3G 55G 3% /
none 4.0K 0 4.0K 0% /sys/fs/cgroup
udev 2.0G 12K 2.0G 1% /dev
tmpfs 396M 320K 396M 1% /run
none 5.0M 0 5.0M 0% /run/lock
none 2.0G 0 2.0G 0% /run/shm
none 100M 0 100M 0% /run/user
As you can see, our NFS shares are no longer available as storage space.
NFS provides a quick and easy way to access remote systems over a network. However, the protocol itself is not encrypted. If you are using this in a production environment, consider routing NFS over SSH or a VPN connection to create a more secure experience.
<div class=“author”>By Justin Ellingwood</div>
Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Very useful tutorial. Worked for me.
I only had challenges mounting the shares with r/w permissions for non-root users on the client machines.
Also, unlike things like Samba and FTP, NFS doesn’t have any authentication schemes. Meaning anyone can remotely mount shares without having the right access rights. Isn’t this a problem?
For those who this line doesn’t work:
sudo mount 1.2.3.4:/home /mnt/nfs/home sudo mount 1.2.3.4:/var/nfs /mnt/nfs/var/nfs
You can modify it by adding this:
sudo mount -t nfs4 1.2.3.4:/home /mnt/nfs/home sudo mount -t nfs4 1.2.3.4:/var/nfs /mnt/nfs/var/nfs
Hi,
We have made nfs mounting automatic on our client. We have a situation where the mount points on the client server gets deleted and recreated each time we do a code roll out. Will this have any impact on the files already present in the shared directory on the host server?
Thank you sir. This method works perfectly thank you very much…
only problem was…chown command didn’t worked on my system
so i did sudo chmod 777 /var/nfs
It’s probably a good idea to show how to add subnets in /etc/exports.
thank you very much! was very helpful.
I want to add authentication to the access of the shared directory what should i do? and which steps i should follow
These are great tutorials, however I still cannot get the nfs setup between my two Ubuntu 14.04 machines. This is about the 3rd tutorial I’ve used and it seems really straightforward. After I got past the “access denied by service” problem, I’m now experiencing what a couple of others have said, when I give the mount commands “mount 12.13.14.15:/var/nfs /mnt/nfs/var/nfs” it doesn’t shoot me an error but just hangs. One of the other tutorial suggested setting up using bind and I never could get that to work. I started this tutorial with 2 brand new installations of 14.04 with all updates, etc. I’m not super techie but I did install my first version of Slackware in 1993, and a few weird unices prior. It must be something obvious but I’m not seeing it.
Thank you for any additional help.
Photon
Thanks for these easy instructions. Now that I have this working, I now need to make sure that the service is available after each restart of the server facilitating NFS. Also, I’m interested in any security related info that will ensure that only the desired clients can access and modify this NFS share.
hi, someone can tell me why the client directory must be nobody:nogroup ? There are many things i cannot do with that (web remote folder). Even if I change owner and group, on my client machine, it always mount the nfs directory as nobody:nogroup. Someone know how to change owner and group when the directory is auto mounting at reboot ?