How to set up an NFS for VMs & Kubernetes
An NFS allows local access to remote files. It works in a client-server setting and requires no continuous refresh for new files.
In this article, we are going to -
- Set up an NFS server on Ubuntu.
- Set up an NFS client on Ubuntu.
- Mount NFS server to a Kubernetes pod.
Setting up of an NFS server
- Install updates
sudo apt get-update -y
- Install the NFS libraries
sudo apt install nfs-kernel-server
- Create the directory which would become the NFS mount directory
sudo mkdir mnt
- Configure access to the NFS mount by modifying the /etc/exports file.
This file contains the list of clients where mounting can take place. In order to add a new client, the following syntax has to be used -
<path to mount directory> <client_addr>(re,sync,no_subtree_check)
re: This means read & write.
sync: This means that the server will reply to the NFS clients only when the data has been written to stable storage.
Many people prefer this option because by using it, the chances of losing data if the NFS server goes down is lowered.
Setting this to ‘async’ allows the server to violate the protocol and reply to requests before any changes made by that request have been committed to stable storage
no_subtree_check: This means that subtree_checking will be disabled which would have mild security implications, but improve reliability in some circumstances.
What’s a subtree check?
If a subdirectory of a filesystem is exported, but the whole filesystem isn’t then whenever an NFS request arrives, the server must check not only that the accessed file is in the appropriate filesystem (which is easy) but also that it is in the exported tree (which is harder). This check is called the subtree_check.
Example configuration
/mnt/nfs_share 192.138.33.0/24(rw,sync,no_subtree_check)
- For each additional client, you need to add a new record
Example configuration
/mnt/nfs_share 192.138.33.0/24(rw,sync,no_subtree_check)
/mnt/nfs_share 192.158.53.0/24(rw,sync,no_subtree_check)
- After the configurations, the NFS service needs to be restarted in order for the changes to be reflected.
sudo exportfs -a
sudo systemctl restart nfs-kernel-server
Setting up of an NFS client
- Create the directory which would become the NFS mount point
sudo mkdir -p /mnt/shared_dir
- Finally, to mount the NFS server at this directory, run the following command -
sudo mount <ip addr of nfs server>:<nfs mount dir on server> <nfs mount dir on client>
Example -
sudo mount 192.268.13.534:/mnt /mnt/shared_dir
- Run this on each client
Testing out the NFS server & client
- Create some files at the NFS server’s mount point
cd /mnt
touch test.txt
- Head over to the NFS client’s mount dir and see if the file is accessible from there or not.
cd /mnt/share
ls
Mounting NFS servers to Kubernetes pods
In this case, the client is the Kubernetes worker nodes. We first need to add the relevant Kubernetes worker nodes as the client in the /etc/exports file.
And then mount the NFS server into pods by using Kubernetes volume mounts options.
- Configuration to add worker nodes to /etc/exports
/mnt/nfs_share worker_node_01_ip_addr(rw,sync,no_subtree_check)
/mnt/nfs_share worker_node_02_ip_addr(rw,sync,no_subtree_check)
/mnt/nfs_share worker_node_03_ip_addr(rw,sync,no_subtree_check)
- Add the NFS server to a pod
apiVersion: v1
kind: Pod
metadata:
name: nginx
namespace: default
spec:
restartPolicy: Never
volumes:
- name: nfs-vol
nfs:
path: <Mount point inside the NFS server>
server: <NFS server ip address>
containers:
- name: nginx
image: "nginx"
volumeMounts:
- name: nfs-vol
mountPath: <Mount point inside the pod>
- To test out the mount, create some files at the mount directory on the NFS server and then exec into the pod to see if the file is accessible from there or not.
That’s all folks. NFS is easy to use & quick to set up.
Just one more thing, it would go a long way if you can leave a 👏🏻 clap 👏🏻
if you enjoyed this post & found it knowledgeable.
It encourages me to keep writing and helps other people in finding it :)
I actively share tips, experiences & articles on my Linkedin. You’ll love it if you are into Cloud, DevOps, Kubernetes, etc.