mmnfs command

Manages NFS exports and configuration.

Synopsis

mmnfs export add Path [--client ClientOptions]

or

mmnfs export remove Path [--force]

or

mmnfs export change Path [--nfsadd ClientOptions]
                           
                           [--nfschange ClientOptions]

or

mmnfs export list [--nfsdefs Path] [--raw]

or

mmnfs export load ExportCFGFile

or

mmnfs configuration list [--exportdefs] [--raw]

or

mmnfs configuration change "Option=Value:Option=Value1,Value2:Option=Value..."

Availability

Available with IBM Spectrum Scale™ Standard Edition or higher.

Description

Use the mmnfs export commands to add, change, list, load, or remove NFS export declarations for IP addresses on nodes that are configured as CES types.

Use the mmnfs configuration commands to list and change NFS configuration.

The protocol functions provided in this command, or any similar command, are generally referred to as CES (Cluster Export Services). For example, protocol node and CES node are functionally equivalent terms.

Parameters

export
Manages the NFS export configuration for the cluster with one of the following actions:
add
Creates a new configuration file for the NFS server in case it does not yet exist. If there is already an export configuration file, then it is extended with the provided additional export parameters. This export configuration file is used by the NFS server to create an NFS export for the given Path so that clients can connect to it. If there is already an existing export for the given Path then an error is shown. Each export configuration set has internally its own unique identifier number. This number is automatically incremented for each added export. The mmnfs export add command attempts to add the new export also to running NFS server instances, and may fail if one or more instances are not running. This is not a critical issue, since the configuration changes have been made in the repository and will be applied later when restarting the NFS server instance.

The authentication method must be established before an NFS export can be defined.

The export Path must be an existing path in the GPFS™ file system, which is intended to be exported or is already exported to external clients using the NFS protocol.
Note: The paths which are not within the GPFS file system cannot be exported using the commands.

Creating nested exports (such as /path/to/folder and /path/to/folder/subfolder) is strongly discouraged since this may lead to serious issues in data consistency. Be very cautious when creating and using nested exports.

Some export configuration commands may allow multiple client declarations, and therefore they have separators to distinguish them.

The following separators can be used:
  • Colon to separate multiple allowed values for a given attribute. For example, the key/value pair "Protocols=3:4" allows the NFS protocols v3 and v4 to be declared for an export.
  • Comma to separate key/value pairs within a client declaration list and a Semicolon to separate client declaration lists.

    For example:

    --client 192.0.2.0/20 (Access_Type=RW, Protocols=3:4);198.51.100.0/20 (Access_Type=RO,Protocols=3:4,Transports=TCP:UDP)

Note: To take advantage of the GPFS independent fileset features such as quotas, snapshots, and data management, the export paths can be made from GPFS filesets (either dependent or independent).
--client ClientOptions
Declares the client specific settings. ClientOptions can be a list of one or more client definitions. It is advised to quote the argument list to avoid a wrong parsing by the interpreter. For a list of client definitions that can be specified with the --client option, see List of supported client options for the mmnfs export {add | change} command.
remove
Removes the requested export from the configuration file and also from running NFS server instances, and may fail if one or more instances are not running.
Note: This command does not remove data.

The --force option is currently not used.

change
Modifies an existing export configuration for the export specified by Path, if the export exists. If the export does not exist, then an error is shown.
Note: Only client-related attributes are modified by this command, but not the basic export settings such as path.

The --nfsposition flag can be only used together with either --nfsadd or --nfschange. It cannot be used standalone or together with --nfsremove. When --nfsadd and --nfsremove are given on the same command line, then the remove procedure is executed first internally.

Note: An export change will cause a restart of the NFS server.
--nfsadd ClientOptions
Adds a new client declaration for the specified Path. ClientOptions can be a list of one or more client definitions. It is advised to quote the argument list to avoid a wrong parsing by the interpreter. For a list of client definitions that can be specified with the --client option, see List of supported client options for the mmnfs export {add | change} command.
list
Lists the declared exports based on the entries in the configuration file stored in the repository. The sequence of rows in the output for a given path reflects also the sequence of the internal client declaration list for each exported path. The sequence of client declarations within an export can be reordered using the mmnfs export change Path with the --nfschange and --nfsposition options. The output can be formatted human readable (default) or machine readable.
--nfsdefs Path
Lists the export configuration details for the specified Path. Without this option the mmnfs export list command shows a table with some basic configuration settings for all declared exports.
--raw
The output of the mmnfs export list command can be in a tabular form (human readable, default) or in a list of colon separated values in a machine readable format. Use the --raw option to create the machine readable output.
load
Overwrites (deletes) all existing NFS export declarations in the repository, if any. The export declarations are fetched from a file provided to the load operation, which could contain a larger number of export declarations. Some basic format checks are done during export load. After loading export declarations from a file, the NFS service is restarted across all the nodes in the cluster.
ExportCFGFile
The file name for the new exports declarations. This file is loaded and stored in the repository to be published on all CES nodes running the NFS server. This load procedure can be used to load a set of export declarations and that will remove any previous configuration. The NFS servers are restarted in order to apply the changes.

List of supported client options for the mmnfs export {add | change} command:

ACCESS_TYPE
Allowed values are none, RW, RO, MDONLY, and MDONLY_RO. The default value is none.
PROTOCOLS
Allowed values are 3, 4, NFS3, NFS4, V3, V4, NFSv3 , and NFSv4. The default value is 3,4.
TRANSPORTS
Allowed values are TCP and UDP. The default value is TCP.
ANONYMOUS_UID
Allowed values are between -2147483648 and 4294967295. The default value is -2.
ANONYMOUS_GID
Allowed values are between -2147483648 and 4294967295. The default value is -2.
SECTYPE
Allowed values are none, sys, krb5, krb5i, and krb5p. The default value is sys.
PRIVILEGEDPORT
Allowed values are true and false. The default value is false.
MANAGE_GIDS
Allowed values are true and false. The default value is false.
SQUASH
Allowed values are root, root_squash, all, all_squash, allsquash, no_root_squash, none , and noidsquash. The default value is root_squash.
NFS_COMMIT
Allowed values are true and false. The default value is false.
Important: Use NFS_COMMIT very carefully because it changes the behavior of how transmitted data is committed on the server side to a NFS v2 like sync-mode on every write action.
CLIENTS
Allowed values are IP addresses in IPv4 or IPv6 notations, or * for all. The default value is *.
configuration
Manages NFS configuration for a CES cluster:
list
Displays the NFS configuration parameters and their values. This command also displays all the default export configurations. This is used as the defaults by the mmnfs export add command if no other client attributes are specified. The output can be formatted to be human readable or machine readable.
--exportdefs
If this option is specified, the command displays the default export configuration parameters.
--raw
The command output can be in a tabular form (human readable, default) or in a list of colon separated values in a machine readable format. Use the --raw option to create the machine readable output.
change
Modifies the NFS configuration parameters. NFS is restarted across all the nodes on which NFS is running, when this command is executed. Only some configuration options can be modified by this command.

The configuration options that can be modified and their allowed values are as follows:

NFS_PROTOCOLS
Allowed values are 3, 4, NFS3, NFS4, V3, V4, NFSv3 , and NFSv4. The default value is 3,4.
NFS_PORT
Specifies the port where the NFS server will start. Allowed values are between 0 and 65535. The default value is 0.
MNT_PORT
Specifies the port for the NFSv3 Mount protocol. Allowed values are between 0 and 65535. The default value is 0.
NLM_PORT
Specifies the NLM port for NFSv3. Allowed values are between 0 and 65535. The default value is 0.
RQUOTA_PORT
Specifies the RQUOTA port for NFSv3. Allowed values are between 0 and 65535. The default value is 0.
STATD_PORT
Specifies the STATD port for NFSv3. Allowed values are between 0 and 65535. The default value is 0.
SHORT_FILE_HANDLE
Allowed values are True or False. The default value is False.
Set this flag to True when using VMware NFS clients.
LEASE_LIFETIME
Allowed values are between 0 and 120. The default value is 60.
DOMAIN_NAME
String. The default value is "localdomain".
IDMAPD_DOMAIN
Domain name in ID Mapd,String. The default value is localdomain.
LOCAL_REALMS
Local Realm in ID Mapd configuration. The default value is localdomain.
LOG_LEVEL
Allowed values are NULL, FATAL, MAJ, CRIT, WARN, EVENT, INFO , DEBUG, MID_DEBUG, and FULL_DEBUG. The default value is EVENT.
Start of changeENTRIES_HWMARKEnd of change
Start of changeThe high water mark for NFS cache entries. Beyond this point, NFS will try to evict some objects from its cache. The default is 1500000.End of change
Note: Specifying a port number in the NFS service configuration with the value of '0' means that the service is picking a port number dynamically. This port number might change across service restarts. If a firewall is to be established between the NFS server and the NFS clients, specific port number can be configured via the command to establish discrete firewall rules. Note that the NFS_PORT 2049 is a well known and established convention as NFS servers and clients typically expect this port number. If the NFS_PORT is changed to another value, ensure that the clients are also informed accordingly about this port value (depending on the client platform and type of client). Changing the NFS service port numbers impacts existing clients and a remount of the client is required.

The export defaults that can be set are:

ACCESS_TYPE
Allowed values are none, RW, RO, MDONLY, and MDONLY_RO. The default value is none.
Note: Changing this option to any value other than none will expose data to all NFS clients that can access your network, even if the export is created using add --client ClientOptions to limit that clients access. All clients, even if not declared with the --client in the mmnfs export add, will have access to the data. The global value will apply to an unseen *, even if showmount -e CESIP does not display it. Use caution if you change it in this global definition.
ANONYMOUS_UID
Allowed values are between -2147483648 and 4294967295. The default value is -2.
ANONYMOUS_GID
Allowed values are between -2147483648 and 4294967295. The default value is -2.
MANAGE_GIDS
Allowed values are true and false. The default value is false.
NFS_COMMIT
Allowed values are true and false. The default value is false.
Important: Use NFS_COMMIT very carefully because it changes the behavior of how transmitted data is committed on the server side to a NFS v2 like sync-mode on every write action.
PRIVILEGEDPORT
Allowed values are true and false. The default value is false.
PROTOCOLS
Allowed values are 3, 4, NFS3, NFS4, V3, V4, NFSv3 , and NFSv4. The default value is 3,4.
SECTYPE
Allowed values are none, sys, krb5, krb5i, and krb5p. The default value is sys.
SQUASH
Allowed values are root, root_squash, all, all_squash, allsquash, no_root_squash, none , and noidsquash. The default value is root_squash.
Note: Changing this option to no_root_squash will expose data to root on all NFS clients, even if the export is created using add --client ClientOptions to limit the root access of that client.
TRANSPORTS
Allowed values are TCP and UDP. The default value is TCP.
If export defaults are set, then new exports that are created will pick up the export default values.

Exit status

0
Successful completion.
nonzero
A failure has occurred.

Security

You must have root authority to run the mmnfs command.

The node on which the command is issued must be able to execute remote shell commands on any other CES node in the cluster without the use of a password and without producing any extraneous messages. For more information, see Requirements for administering a file system in IBM Spectrum Scale: Administration and Programming Reference.

Examples

  1. To create an NFS export (using a netgroup), issue this command:
    mmnfs export add /mnt/gpfs0/netgrouppath \
--client "@netgroup(Access_Type=RO,Squash=allsquash)"
    The system displays output similar to this:
    The NFS export was created successfully.
    Note: Instead of a netgroup, a client IP address can also be declared, like --client "1.2.3.4".
  2. To create an NFS export (using a client IP), issue this command:
    mmnfs export add /mnt/gpfs0/netgrouppath --client "192.0.2.0/20 (Access_Type=RW)"
    The system displays output similar to this:
    The NFS export was created successfully.
  3. To add a client definition, issue these commands:
    mmnfs export list --nfsdefs /gpfs/fs1/export_1
    The system displays output similar to this:
    Path              Delegations  Clients  Access_Type Protocols Transports Squash  Anonymous_uid Anonymous_gid SecType PrivilegedPort Export_id DefaultDelegation Manage_Gids NFS_Commit
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
/gpfs/fs1/export_1   none      192.0.2.8    RO        3,4      TCP        ROOT_SQUASH   -2            -2        sys     false          3         none              false       false
    Now add a client definition that will be more restrictive to a different client, 198.51.100.10, by issuing the command:
    mmnfs export change /gpfs/fs1/export_1 \
--nfsadd "198.51.100.10 (Access_Type=MDONLY,Squash=allsquash)"
    mmnfs export list
    The system displays output similar to this:
    Path                        Delegations    Clients
------------------------------------------------
/gpfs/fs1/controller        none           *
/gpfs/fs1/export_1          none           192.0.2.8
/gpfs/fs1/export_1          none           198.51.100.10
    Now add a client definition that will be very permissive but we want it to be last on the list so that the more restrictive attributes for client 192.0.2.8 will take precedence for that one client, by issuing the command:
    mmnfs export change /gpfs/fs1/export_1 \
--nfsadd "192.0.2.0/20(Access_Type=RW,Squash=no_root_squash)" --nfsposition 4
    mmnfs export list --nfsdefs /gpfs/fs1/export_1
    The system displays output similar to this: 
    Path               Delegations Clients    Access Protocols Transports Squash         Anonymous Anonymous SecType Privileged Export_id Default    Manage_Gids NFS_Commit
                                            _Type                                      _uid      _gid              Port                 Delegation
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------
/gpfs/fs1/export_1   none      192.0.2.8      RO       3,4       TCP     ROOT_SQUASH      -2       -2        sys     false      3        none        false       false
/gpfs/fs1/export_1   none      198.51.100.10  MDONLY   3,4       TCP     allsquash        -2       -2        sys     false      3        none        false       false
/gpfs/fs1/export_1   none      192.0.2.0/20   RW       3,4       TCP     no_root_squash   -2       -2        sys     false      3        none        false       false
    Note: mmnfs export change will restart NFS services on all CES nodes in the cluster.
  4. To remove an NFS export, issue this command:
    mmnfs export change /mnt/gpfs0/somepath  --nfsremove "1.2.3.1"
    The system displays output similar to this:
    [   OK  ].12:  Stopping ganesha.nfsd: [  OK  ]
[   OK  ].11:  Stopping ganesha.nfsd: [  OK  ]
203.0.113.12:  Starting ganesha.nfsd: [  OK  ]
203.0.113.11:  Starting ganesha.nfsd: [  OK  ]
    Note: This command only removes a single client definition of the export. It does not remove the NFS export. It removes the client definition for the IP "1.2.3.1."
  5. To modify an NFS export, issue this command:
    mmnfs export change  /mnt/gpfs0/p1 \
--nfschange "203.0.113.2(access_type=RO)"  --nfsposition "*"
    The system displays output similar to this:
    [   OK  ].12:  Stopping ganesha.nfsd: [  OK  ]
[   OK  ].11:  Stopping ganesha.nfsd: [  OK  ]
203.0.113.12:  Starting ganesha.nfsd: [  OK  ]
203.0.113.11:  Starting ganesha.nfsd: [  OK  ]
  6. To list NFS exports, issue this command:
    mmnfs export list
    The system displays output similar to this:
    Path                 Delegations    Clients
---------------------------------------------
/gpfs/fs1/controller none           *
/gpfs/fs1/export_1   none           *
/gpfs/fs1/export_2   none           *
  7. To list NFS exports, issue this command:
    mmnfs export list --nfsdefs /mnt/gpfs0/p1
    The system displays output similar to this:
    Path           Delegations Clients     Access_ Protocols Transports Squash      Anonymous Anonymous  SecType  Privileged Export Default
                                       Type                                      _uid      _gid                  Port     _id   Delegation
-------------------------------------------------------------------------------------------------------------------------------------------
/mnt/gpfs0/p1  none        203.0.113.2 RO      3,4       TCP        root_squash  -2        -2         sys      false      1     none
/mnt/gpfs0/p1  none        *           RW      3,4       TCP        root_squash  -2        -2         sys      false      1     none
/mnt/gpfs0/p1  none        203.0.113.1 RO      3,4       TCP        root_squash  -2        -2         sys      false      1     none
  8. To list all NFS configuration, issue this command: 
    mmnfs configuration list
    The system displays output similar to this:
    NFS Ganesha Configuration:
==========================
NFS_PROTOCOLS: 3,4
NFS_PORT: 2049
MNT_PORT: 0
NLM_PORT: 0
RQUOTA_PORT: 0
LEASE_LIFETIME: 60
DOMAINNAME: VIRTUAL1.COM
DELEGATIONS: Disabled

============================

STATD Configuration
========================
STATD_PORT: 0
========================

Export Defaults
===============
ACCESS_TYPE: NONE
PROTOCOLS: 3,4
TRANSPORTS: TCP
ANONYMOUS_UID: -2
ANONYMOUS_GID: -2
SECTYPE: SYS
PRIVILEGEDPORT: FALSE
MANAGE_GIDS: FALSE
SQUASH: ROOT_SQUASH
NFS_COMMIT: FALSE

Log Configuration
=================
DEFAULT_LOG_LEVEL: EVENT
  9. To change STATD_PORT configuration, issue this command (When a port is assigned, STATD is started on the given port):
    mmnfs configuration change STATD_PORT=32765
    The system displays output similar to this:
    NFS Ganesha Configuration:
==========================
NFS_PROTOCOLS: 3,4
NFS_PORT: 2049
MNT_PORT: 0
NLM_PORT: 0
RQUOTA_PORT: 0
LEASE_LIFETIME: 60
DOMAINNAME: VIRTUAL1.COM
DELEGATIONS: Disabled

============================

STATD Configuration
========================
STATD_PORT: 32765
============================

Export Defaults
===============
ACCESS_TYPE: NONE
PROTOCOLS: 3,4
TRANSPORTS: TCP
ANONYMOUS_UID: -2
ANONYMOUS_GID: -2
SECTYPE: SYS
PRIVILEGEDPORT: FALSE
MANAGE_GIDS: FALSE
SQUASH: ROOT_SQUASH
NFS_COMMIT: FALSE

Log Configuration
=================
DEFAULT_LOG_LEVEL: EVENT
Note: The mmnfs command has an interactive mode that provides some prompting as follows:
mmnfs
mmnfs [ -I ] Command
mmnfs -I
mmnfs -I>

See also

Location

/usr/lpp/mmfs/bin
Parent topic: GPFS commands