有一个奇怪的问题,我能够通过 NFS 挂载一个目录,但无法挂载该目录的任何子目录。例如。在主机服务器(CentOS Linux 版本 7.4.1708(核心))上,有目录
[root@hwdatalake datalake]# pwd
/datalake
[root@hwdatalake datalake]# ls -lha .
total 8.0K
drwxrwx---. 14 root etlusers 4.0K Dec 24 10:03 .
dr-xr-xr-x. 18 root root 240 Dec 12 10:24 ..
dr-xr-x---. 2 root root 29 Dec 16 11:08 CUPSS_HI
dr-xr-x---. 2 root root 29 Dec 16 11:16 CUPSS_NAT
dr-xr-x---. 2 root root 26 Dec 16 11:17 NAT_BRFSS
并/etc/exports
有
/datalake airflowetl(rw,fsid=0,root_squash,sync)
/datalake/HI_BRFSS airflowetl(ro,root_squash,sync)
在名为airflowetl服务器(CentOS Linux版本7.4.1708(核心))的客户端上,我能够成功从nfs服务器挂载顶级目录...
[root@airflowetl airflow]# mount -v hwdatalake.co.local:/datalake /dlnfs
mount.nfs: timeout set for Mon Dec 30 13:04:59 2019
mount.nfs: trying text-based options 'vers=4.1,addr=172.18.4.97,clientaddr=172.18.4.69'=
但也看到
[root@airflowetl airflow]# umount /dlnfs
[root@airflowetl airflow]# showmount -e hwdatalake
clnt_create: RPC: Port mapper failure - Unable to receive: errno 113 (No route to host)
当尝试挂载子目录时,我们看到
[root@airflowetl airflow]# mount -v hwdatalake.co.local:/datalake/HI_BRFSS /dlnfs
mount.nfs: timeout set for Mon Dec 30 13:12:55 2019
mount.nfs: trying text-based options 'vers=4.1,addr=172.18.4.97,clientaddr=172.18.4.69'
mount.nfs: mount(2): Permission denied
mount.nfs: trying text-based options 'vers=4.0,addr=172.18.4.97,clientaddr=172.18.4.69'
mount.nfs: mount(2): Permission denied
mount.nfs: trying text-based options 'addr=172.18.4.97'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: portmap query failed: RPC: Remote system error - No route to host
mount.nfs: trying text-based options 'vers=4.0,addr=172.18.4.97,clientaddr=172.18.4.69'
然而,之前的目录能够安装并且已经配置了表面上的防火墙设置......
firewall-cmd --permanent --zone=public --add-service=ssh
firewall-cmd --permanent --zone=public --add-service=nfs
firewall-cmd --reload
不太确定该怎么做。有更多经验的人有任何进一步的调试技巧或知道这里出了什么问题吗?
答案1
经过一番搜索,基于
showmount -e hwdatalake
RPC: Remote system errorRPC: Port mapper failure - RPC: Timed out.
做过...
firewall-cmd --permanent --zone=public --add-service=mountd
firewall-cmd --permanent --zone=public --add-service=rpc-bind
firewall-cmd --reload
检查 rpc 服务是否被防火墙捕获,这解决了问题showmount
并能够安装较低级别的目录。