{{tag>Brouillon NFS rootless}} # Serveur NFS en userland avec Ganesha Voir : * https://wiki.evolix.org/HowtoNFSGanesha * https://manpages.debian.org/testing/nfs-ganesha/ganesha-core-config.8.en.html * https://docs.redhat.com/en/documentation/red_hat_gluster_storage/3.5/html/administration_guide/NFS#nfs_ganesha * https://medium.com/@tolghn/deploying-nfs-ganesha-on-amazon-eks-with-aws-efs-csi-driver-6b79e16e6093 Voir aussi (conteneurs) : * https://hub.docker.com/r/izdock/nfs-ganesha * https://github.com/NicolasT/contained-ganesha * https://opendev.org/openstack/manila-image-elements/src/branch/master/data/docker/ganesha.conf * https://github.com/vasilev/docker-image-nfs-ganesha ''ganesha.conf'' ~~~c ################################################### # # Ganesha Config Example # # This is a commented example configuration file for Ganesha. It is not # complete, but only has some common configuration options. See the man pages # for complete documentation. # ################################################### ## These are core parameters that affect Ganesha as a whole. NFS_CORE_PARAM { ## Allow NFSv3 to mount paths with the Pseudo path, the same as NFSv4, ## instead of using the physical paths. #mount_path_pseudo = true; ## Configure the protocols that Ganesha will listen for. This is a hard ## limit, as this list determines which sockets are opened. This list ## can be restricted per export, but cannot be expanded. #Protocols = 3,4,9P; Protocols = 4; Enable_NLM = false; Enable_RQUOTA = false; } ## These are defaults for exports. They can be overridden per-export. EXPORT_DEFAULTS { ## Access type for clients. Default is None, so some access must be ## given either here or in the export itself. #Access_Type = RW; Access_Type = RO; Protocols = 4; PrivilegedPort = false; Transports = TCP; Squash = All_Squash; } ## Configure settings for the object handle cache #MDCACHE { ## The point at which object cache entries will start being reused. #Entries_HWMark = 100000; #} #DIRECTORY_SERVICES { } ## Configure an export for some file tree EXPORT { Export_Id = 0; Filesystem_id = 0.0; Protocols = 4; Path = /srv/nfs; Pseudo = /; FSAL { Name = PSEUDO; } } EXPORT { ## Export Id (mandatory, each EXPORT must have a unique Export_Id) Export_Id = 1; ## Exported path (mandatory) Path = /srv/nfs/files; ## Pseudo Path (required for NFSv4 or if mount_path_pseudo = true) #Pseudo = /nonexistent; Pseudo = /files; ## Restrict the protocols that may use this export. This cannot allow ## access that is denied in NFS_CORE_PARAM. #Protocols = 3,4; Protocols = 4; ## Access type for clients. Default is None, so some access must be ## given. It can be here, in the EXPORT_DEFAULTS, or in a CLIENT block #Access_Type = RW; Access_Type = RO; Transports = "TCP"; # Anonymous_Uid = -2; # Anonymous_Gid = -2; Anonymous_Uid = 65534; Anonymous_Gid = 65534; #SecType = "sys"; SecType = "none"; # Manage_Gids = true; ## Whether to squash various users. Squash = root_squash; ## Allowed security types for this export #Sectype = sys,krb5,krb5i,krb5p; # Exporting FSAL FSAL { Name = VFS; } } ## Configure logging. Default is to log to Syslog. Basic logging can also be ## configured from the command line LOG { ## Default log level for all components Default_Log_Level = WARN; ## Configure per-component log levels. Components { FSAL = INFO; NFS4 = EVENT; } ## Where to log Facility { name = FILE; destination = "/var/log/ganesha.log"; enable = active; } } #CLIENT { # Clients = 192.168.100.104,192.168.100.105; # Access_Type = RO; # } ~~~ Sur Debian ~~~ # systemctl list-units |awk '/nfs/ { print $1 }' nfs-blkmap.service nfs-ganesha-lock.service nfs-ganesha.service nfs-client.target ~~~ Lancement ~~~bash /usr/bin/ganesha.nfsd -C -L /var/log/ganesha/ganesha.log -f /etc/ganesha/ganesha.conf -N NIV_EVENT ~~~ FIXME