FedFsNfsDomainRoot0.9
From Linux NFS
Contents |
Project: fedfs-utils
[ Project Home | News | Downloads | Docs | Mailing Lists | Source Control | Issues ]
Introduction
A FedFS domain root directory is the top-level directory of a FedFS domain. It is what is visible when a FedFS-enabled client mounts the top of a FedFS domain name space. Typically a FedFS-enabled NFS client mounts the directory at /nfs4/fedfs-domain-name .
A FedFS domain root usually contains nothing but junctions that refer clients to file servers that hold more interesting content, like user directories. The domain root is simply a starting point for accessing the rest of a domain's name space.
This article describes an easy way to set up a FedFS domain root on a recent vintage Linux NFS server.
Select one or more NFS servers to host the domain root export
The domain root directory typically sees little traffic, particularly since an individual domain root directory contains little data. However, clients depend on the domain root directory being available to access all other files in a FedFS domain. A server with high availability is recommended for this role.
The NFS server you choose for this role can host the domain root directory for more than one FedFS domain.
Several servers can play host to the same domain root export, as long as there is a mechanism for keeping the content of the domain root export precisely in sync across all the NFS servers. The DNS SRV format which is used by clients to find FedFS domain root directories can list one or more servers as a FedFS domain's root directory server.
Once you have chosen an NFS server, set it up as a FedFS enabled NFS server.
Create the domain root export and directories
FedFS-enabled clients use a well-known export pathname when contacting the NFS server that exports a FedFS domain root. That pathname is "/.domainroot/<fedfs-domain-name>".
The easiest method for creating a domain root export is to create a directory called "/.domainroot" readable by everyone. Log into the NFS server that will host the domain root export and use the following commands:
$ sudo mkdir /.domainroot $ sudo chmod 755 /.domainroot
While this directory does not typically contain much data, you may also wish to create a new local file system on the NFS server and mount it on /.domainroot. This is entirely optional.
FedFS domain root directories are created under this directory. For example, if you want to create the domain root directory for the "example.net" FedFS domain, use the following command:
$ sudo mkdir -p /.domainroot/example.net $ sudo chmod 755 /.domainroot/example.net
You can create more than one domain root directory here.
We describe how to add content to your FedFS domain root directory in How to set up NFS referrals using the nfsref command.
Export the domain root directory
Now make the domain root export visible to clients by editing the server's /etc/exports file. Add the following line to /etc/exports:
/.domainroot *(ro,insecure)
This makes the export readable by all NFS clients. (No clients should be allowed to write these directories, particularly because there is no mechanism in the NFS protocol that can create a junction. They must be created locally on the NFS server.) Of course, you can restrict access to it or add other export options here as needed. Junctions below this export automatically inherit the options you set here. Have a look at exports(8) for an explanation of what these export options mean.
If there is already an NFS service running on this host, update the kernel exports list with the following command:
$ sudo exportfs -rv
Otherwise, if there is no NFS service running, start one:
$ sudo systemctl enable nfs-server.service $ sudo systemctl start nfs-server.service
Backwards compatibility
The standard export path for FedFS domain root directories is specified in RFC 6641. Previous versions of this document specified a slightly different and incompatible export path. If your domain must support legacy FedFS clients (for example, fedfs-utils-0.8) you may want to provide both types of domain root directories.
Create a directory for each domain root you export. The pathname is /.domainroot-fedfs-domain-name . Following the example above, you would create an additional directory and export:
$ sudo mkdir /.domainroot-example.net $ sudo chmod 755 /.domainroot-example.net
A separate line in /etc/exports must be added for each legacy FedFS domain root directory. Continuing the above example, export it by adding this line to /etc/exports:
/.domainroot-example.net *(ro,insecure)
Populate the legacy root directory with the same content as the original domain root. Alternately, you can use a bind mount to the original domain root.