NFS Settings

To configure Network File System (NFS) settings, navigate to the following section:

Configuration > NFS

The NFS settings determine which NFS clients or subnets can access the data stored on the filer. Clients use NFS to mount storage on the filer. In addition to the host access control settings, the file system on the client is used to determine which users have permission to access individual files and directories in CloudFS.

  • The NFS settings are active only if NFS is licensed and one of the NFS options is selected under the system settings. See System Settings.
  • The locking protocols for NFSv3 and NFSv4 are different. NFSv3 uses a network lock manager, whereas NFSv4 includes built‐in file locking. To avoid compatibility issues, Panzura recommends keeping NFSv3 and NFSv4 on different exports. If you must use NFSv3 and NFSv4 on the same export, be aware that file range locking only works within NFSv3 or NFSv4, not between the two versions.
  • To use NFS on Windows, use nolock and fileaccess=777. These are required for file write permissions
  • Windows 7, Windows 8, Windows 2012, and Windows 2012 R2 are not compatible with NFSv4 and therefore are not able to connect using the protocol. NFSv3 is recommended.
  • In some cases the NFS access control settings apply only to the NFSv3 mountd protocol.
  • When a sub‐directory is exported, if other sub‐directories on the same filesystem (including the filesystem mount point itself) were previously mounted, the client might still be able to access the mount point. But the new mount access to the previous exported directories will be denied.
  • For NFSv4, if any of the sub‐directories was exported, the parent filesystem is also exported. So if /cloudfs/<cc>/dir1 is exported, the client will be able to mount /cloudfs/<cc> with NFsv4 if it is enabled.

Sample NFS Configurations

Example 1: Provide Maximum Access

In the following example, maximum access to the file system is provided for the specified network.

Filesystem: /cloudfs/f01‐ca

Use Network: enabled

Host/Network: 10.0.0.0/8

Exports: (no directory specified)

Permission: Read‐write

Root access: Yes

Alldirs Mount: Yes

The path /cloudfs/f01‐ca is exported to network 10.0.0.0/8.

Example 2: Provide Granular Access

In the following example, access to a particular directory is provided for a particular host.

Filesystem: /cloudfs/f01‐ca

Use Network: disabled

Host/Network: 10.1.2.3

Exports: dir1

Permission: Read‐write

Root access: No

Alldirs Mount: No

The path /cloudfs/f01‐ca/dir1 is exported to host 10.1.2.3.

Sample Mount Commands

If NFS is used for application that is not sensitive to IO errors, and user wants a better experience when the NFS server is temporarily unavailable, the intr option can be included:

sudo mount -t nfs -o rw,bg,intr,vers=3,tcp,rsize=1048576,wsize=1048576 10.0.0.92:/cloudfs/f01-ca /dir1

If NFS is used for IO error sensitive workloads, such as database workloads, do not use intr. Notice that the following command also specifies the use of NFSv4 (vers=4) instead of NFSv3 (vers=3). To support NFSv4, you must enable it in the NFSv4 Settings section, as shown in the following table.

sudo mount -t nfs -o rw,bg,nointr,hard,vers=3,tcp,rsize=1048576,wsize=1048576 10.0.0.92:/cloudfs/f01-ca /dir1

Host/Network Formt for Export

The Use Network option controls the format for exported IP addresses.

  • Use Network selected: Configure a network using either of the following formats:

ip-address netmask

ip-address/netmask-length

Examples:

10.1.1.0 255.255.255.0
10.1.1.0/24

  • Use Network not selected: Specify one or more hostnames or IP addresses. Use a space between each hostname or IP address as a delimiter.

NFS Settings Options

The following table describes the NFS options.

NFS Setting Description
NFS Exports
Add Export

Click Add Export to include hosts for which the filer will provide data storage.

  • Use Network: Select if you want to specify a network of hosts.
  • Filesystem: Select a file system from the drop-down list.
  • Exports: Enter a directory within the selected file system.
  • Host/Network: Hosts or networks to export. (See Host/Network Formt for Export.)
  • Permission:
    • Read-only: Allows read-only access to files.
    • Read-Write: Allows the read-write access to files.
    • No-root-Squash: Allows root users on the NFS clients to access all files that are available on the NFS server.
  • • Alldirs Mount:
    • Yes: The client is allowed to mount any directory under the selected directory.
    • No: The client can mount only at the specified directory level.
  • Root Access:
    • Yes: Root access is provided to the specified directory.
    • No: Root access is not provided to the specified directory.
  • Description: Enter a text description (optional).
Options for NFS shares

From the list of NFS shares, you can:

  • Edit Export: Modify settings for a selected share.
  • Export: Save the NFS shares to a file, which can be used to modify the configuration.
  • Import: Import a file that was previously exported and edited to create NFS shares in a batch operation.

File format for export and import is as follows:

id /cloudfs/<ccname> "directory" "host/network" read/write alldirs
root-squash enable/disable

Example:

0 /cloudfs/cz-hq-cc5a "test3 test4" "1.2.2.2" read-write no-alldirs
no-root-squash enable

  • Revert: Remove selected entries in the table.
  • Delete: Delete selected entries in the table.
Netgroup
Add Netgroup

Click Add NFS Groups to add a set of hosts as a netgroup. The hosts in the netgroup must be local (not synchronized throughout CloudFS).

  • Name: Specify a name for the group.
  • Hosts/Group: Enter a set of hosts using hostnames or IP addresses or a combination of both. Use a space to separate the entries.

Examples:
10.1.1.1 10.1.1.2 10.1.1.3

host1 host2.example.com

10.1.1.1 host1 host2.example.com

  • NFS Group Type: Select Hosts to create a netgroup consisting of hosts or Groups to create a netgroup consisting of a set of netgroups. A netgroup functions as a unit when checking permissions for operations such as remote mounts, remote logins, and remote shell sessions. For remote mounts, the netgroup identifies and classifies machines. For remote login and remote shell sessions, the netgroup identifies users.
NFSv4 Settings
Enable v4 mode Select to enable NFSv4 (default is disabled).
Kerberos Select ad to control access to the NFS server.
Security Select a security option.
Root Access Select the host or network that can access NFSv4 tree root. The client can use '/' for mount and some limited query operations for NFS exports.