大前端

前端学习之家-大前端

网络文件系统和网络存储

网络文件系统可以实现存储分离

1、windows文件共享

windows文件共享不做演示

2、如何在linux里访问windows文件共享?

[root@localhost ~]# dnf install samba-client -y 安装客户端 
[root@localhost ~]# smbclient  -L //172.25.254.94 -U administrator  windows用户为administrator  -L表示列出目标主机共享资源
[root@localhost ~]# smbclient  //172.25.254.94/westos -U administrator  访问共享目录

3、samba服务的安装及启用

linux共享文件系统的协议叫cifs
windows共享文件系统的协议叫smb
如何用linux将文件共享出去

[root@westos_storage ~]# dnf install samba  samba-common.noarch samba-client.x86_64 -y  在服务器上安装 服务主题,服务配置文件,客户端
[root@westos_storage ~]# systemctl enable --now smb.service  启动服务
Created symlink /etc/systemd/system/multi-user.target.wants/smb.service → /usr/lib/systemd/system/smb.service.
[root@westos_storage ~]# firewall-cmd --permanent --add-service=samba
success
[root@westos_storage ~]# firewall-cmd --reload 
success
[root@westos_storage ~]# smbclient -L //172.25.254.100  访问列出资源
Enter SAMBA\root's password:    因为没有设置密码直接回车
Anonymous login successful

	Sharename       Type      Comment
	---------       ----      -------
	print$          Disk      Printer Drivers
	IPC$            IPC       IPC Service (Samba 4.11.2)
SMB1 disabled -- no workgroup available

4、smb账号的添加

[root@westos_storage ~]# smbpasswd -a westos  添加smb账号 ,-a表示添加, westos必须是在samb服务器真实存在的用户
New SMB password:   samb密码是独立的密码和系统用户westos密码无关
Retype new SMB password:   
Added user westos.
[root@westos_storage ~]# id lee  系统中lee用户不存在,需要添加lee用户,才能添加samb账号
id: ‘lee’: no such user
[root@westos_storage ~]# useradd -s /sbin/nologin lee -M  添加lee用户
[root@westos_storage ~]# smbpasswd -a lee  添加smb账号
New SMB password:
Retype new SMB password:
Added user lee.
[root@westos_storage ~]# pdbedit -L  查看samb用户列表
westos:1000:westos
lee:1001:
[root@westos_storage ~]# pdbedit -x lee  删除samb用户
[root@westos_storage ~]# pdbedit -L  
westos:1000:westos
[root@westos_storage ~]# smbclient -L //172.25.254.100 -U westos   samb用户的访问
Enter SAMBA\westos's password: 

	Sharename       Type      Comment
	---------       ----      -------
	print$          Disk      Printer Drivers
	IPC$            IPC       IPC Service (Samba 4.11.2)
	westos          Disk      Home Directories
SMB1 disabled -- no workgroup available
[root@westos_storage ~]# smbclient  //172.25.254.100/westos -U westos 访问samb用户里面的资源
Enter SAMBA\westos's password: 
Try "help" to get a list of possible commands.
smb: \> 

5.samba服务中对于selinux属性的调试

[root@westos_storage ~]# cd /etc/samba/  samb服务的配置目录
[root@westos_storage samba]# ls
lmhosts    smb.conf (主配置文件) smb.conf.example(配置文件模板)
[root@westos_storage samba]# cp -p smb.conf.example smb.conf  用配置文件模板将配置文件覆盖,重新生成配置文件
cp: overwrite 'smb.conf'? y

问题:samb用户不能浏览自己的家目录,如何让samb用户浏览自己的家目录
[root@westos_storage samba]# smbclient -L //172.25.254.100 -U westos
Enter MYGROUP\westos's password: 

	Sharename       Type      Comment
	---------       ----      -------
	IPC$            IPC       IPC Service (Samba Server Version 4.11.2)
	westos          Disk      Home Directories
SMB1 disabled -- no workgroup available
[root@westos_storage samba]# smbclient  //172.25.254.100/westos -U westos
Enter MYGROUP\westos's password: 
Try "help" to get a list of possible commands.
smb: \> ls
NT_STATUS_ACCESS_DENIED listing \*    报错,因为selinux影响,samb用户不能浏览自己的家目录

[root@westos_storage samba]# setsebool -P samba_enable_home_dirs on  调整selinux 中smb的波尔直,使用户可以访问家目录
[root@westos_storage samba]# smbclient  //172.25.254.100/westos -U westos   调整完毕之后就samb用户可以访问自己家目录
Enter MYGROUP\westos's password: 
Try "help" to get a list of possible commands.
smb: \> ls
  .                                   D        0  Sat Aug 28 10:17:40 2021
  ..                                  D        0  Sat Aug 28 10:15:07 2021
  .mozilla                           DH        0  Sat Aug 28 10:00:56 2021
  .bash_logout                        H       18  Fri Aug 30 13:30:21 2019
  .bash_profile                       H      141  Fri Aug 30 13:30:21 2019
  .bashrc                             H      312  Fri Aug 30 13:30:21 2019
  .config                            DH        0  Sat Aug 28 10:21:42 2021
  .esd_auth                           H       16  Sat Aug 28 10:17:36 2021
  .ICEauthority                       H      310  Sat Aug 28 10:17:37 2021
  .local                             DH        0  Sat Aug 28 10:17:37 2021
  .cache                             DH        0  Sat Aug 28 10:21:31 2021
  Desktop                             D        0  Sat Aug 28 10:17:40 2021
  Downloads                           D        0  Sat Aug 28 10:17:40 2021
  Templates                           D        0  Sat Aug 28 10:17:40 2021
  Public                              D        0  Sat Aug 28 10:17:40 2021
  Documents                           D        0  Sat Aug 28 10:17:40 2021
  Music                               D        0  Sat Aug 28 10:17:40 2021
  Pictures                            D        0  Sat Aug 28 10:17:40 2021
  Videos                              D        0  Sat Aug 28 10:17:40 2021
  .pki                               DH        0  Sat Aug 28 10:17:40 2021

		7353344 blocks of size 1024. 2947592 blocks available

问题 :samb用户如何共享自己的目录?

[root@westos_storage samba]# mkdir /westos_share   建立文件
[root@westos_storage samba]# ls -ld /westos_share/   查看权限,对谁可写
drwxr-xr-x. 2 root root 6 Nov  3 11:19 /westos_share/
[root@westos_storage samba]# vim /etc/samba/smb.conf  编辑配置文件,在配置文件最后添加如下参数
314         [westos_share]  共享名词
315         comment = westos share  共享说明
316         path = /westos_share   指定共享的本机目录
[root@westos_storage samba]# systemctl restart smb.service  重启samb服务
[root@westos_storage samba]# smbclient -L //172.25.254.100 -U westos 访问
Enter MYGROUP\westos's password: 

	Sharename       Type      Comment
	---------       ----      -------
	westos_share    Disk      westos share     共享目录已经出现
	IPC$            IPC       IPC Service (Samba Server Version 4.11.2)
	westos          Disk      Home Directories
SMB1 disabled -- no workgroup available
root@westos_storage samba]# touch /westos_share/westosfile{1..3} 在共享路径里建立三个共享目录
[root@westos_storage samba]# smbclient //172.25.254.100/westos_share -U westos   访问
Enter MYGROUP\westos's password: 
Try "help" to get a list of possible commands.
smb: \> ls
NT_STATUS_ACCESS_DENIED listing \*   报错,如何解决查看配置文件
[root@westos_storage samba]# vim /etc/samba/smb.conf

在这里插入图片描述

[root@westos_storage samba]# semanage fcontext -a -t samba_share_t '/westos_share(/.*)?'  修改安全上下文
[root@westos_storage samba]# restorecon -RvvF /westos_share/   刷新
[root@westos_storage samba]# smbclient //172.25.254.100/westos_share -U westos  访问
Enter MYGROUP\westos's password: 
Try "help" to get a list of possible commands.    里面的内容就可以看了
smb: \> ls
  .                                   D        0  Wed Nov  3 11:31:10 2021
  ..                                  D        0  Wed Nov  3 11:19:33 2021
  westosfile1                         N        0  Wed Nov  3 11:31:10 2021
  westosfile2                         N        0  Wed Nov  3 11:31:10 2021
  westosfile3                         N        0  Wed Nov  3 11:31:10 2021

		7353344 blocks of size 1024. 2947696 blocks available

如何共享系统目录?

[root@westos_storage samba]# vim /etc/samba/smb.conf     编辑配置文件,在配置文件最后添加如下参数
321         [etc]
322         comment = etc dir
323         path = /etc
[root@westos_storage samba]# systemctl restart smb.service  重启服务
[root@westos_storage samba]# smbclient -L //172.25.254.100 -U westos   访问
Enter MYGROUP\westos's password: 

	Sharename       Type      Comment
	---------       ----      -------
	westos_share    Disk      westos share
	etc             Disk      etc dir      /etc目录被共享成功
	IPC$            IPC       IPC Service (Samba Server Version 4.11.2)
	westos          Disk      Home Directories
SMB1 disabled -- no workgroup available
[root@westos_storage samba]# smbclient //172.25.254.100/etc -U westos  访问/etc
Enter MYGROUP\westos's password: 
Try "help" to get a list of possible commands.   /etc里面的内容可以被访问
smb: \> ls
  .                                   D        0  Wed Nov  3 09:58:45 2021
  ..                                  D        0  Wed Nov  3 11:19:33 2021
  mtab                                N        0  Wed Nov  3 15:06:31 2021
  fstab                               N      615  Sat Aug 28 09:58:52 2021
  crypttab                            N        0  Sat Aug 28 09:58:52 2021
  dnf                                 D        0  Sat Aug 28 10:01:01 2021
  fonts                               D        0  Sat Aug 28 10:03:30 2021
  libreport                           D        0  Sat Aug 28 10:04:21 2021
  skel                                D        0  Sat Aug 28 10:01:35 2021
  logrotate.d                         D        0  Sat Aug 28 10:09:14 2021
  X11                                 D        0  Sat Aug 28 10:06:18 2021
  
如果在selinux影响下系统目录里面文件不能被访问,该怎么办?
[root@westos_storage samba]# getsebool -a | grep samba   
samba_create_home_dirs --> off
samba_domain_controller --> off
samba_enable_home_dirs --> on
samba_export_all_ro --> off    将这个功能改为on打开 ,表示selinux将不再对samba服务访问安全上下文进行读限制
samba_export_all_rw --> off   表示selinux将不再对samba服务访问安全上下文写进行限制
samba_load_libgfapi --> off
samba_portmapper --> off
samba_run_unconfined --> off
samba_share_fusefs --> off
samba_share_nfs --> off
sanlock_use_samba --> off
tmpreaper_use_samba --> off
use_samba_home_dirs --> off
virt_use_samba --> off
[root@westos_storage samba]# setsebool  -P samba_export_all_ro on   表示打开读的功能
[root@westos_storage samba]# setsebool  -P samba_export_all_rw on  表示打开写的功能

6、samba服务中的常用参数剖析

访问控制:白名单(全局)
root@westos_storage samba]# vim /etc/samba/smb.conf 编辑配置文件
89,90行为全局访问控制,可以在90行之后直接添加访问控制
 91  hosts allow = 172.25.254.200    表示只允许200主机来访问当前的samb服务器   ,此位置设定的访问控制为全局访问控制,影响本samb服务器的所有共享
 root@westos_storage samba]# systemctl restart smb.service   重启服务   
 [root@localhost ~]# smbclient  -L //172.25.254.100  在200主机上访问samb服务器
Enter SAMBA\root's password: 
Anonymous login successful     允许访问可以查看
	Sharename       Type      Comment
	---------       ----      -------
	westos_share    Disk      westos share
	etc             Disk      etc dir
	IPC$            IPC       IPC Service (Samba Server Version 4.11.2)
SMB1 disabled -- no workgroup available
[root@westos_storage samba]# vim /etc/samba/smb.conf 编辑配置文件
 hosts allow = 172.25.254.200    172.25.254.250    可以允许多个主机访问,中间用空格隔开

 
 访问控制:黑名单(全局)
 [root@westos_storage samba]# vim /etc/samba/smb.conf   
   hosts deny = 172.25.254.200   90行之后添加,表示拒绝200主机访问samba服务器, 此位置设定的访问控制为全局访问控制,影响本samb服务器的所有共享
[root@westos_storage samba]# systemctl restart smb.service  重启服务
[root@localhost ~]# smbclient  -L //172.25.254.100   访问
protocol negotiation failed: NT_STATUS_INVALID_NETWORK_RESPONSE  访问被拒绝

如何让200主机,对某个samb服务器共享??

[root@westos_storage samba]# vim /etc/samba/smb.conf   添加,编辑配置文件
317         [westos_share]
318         comment = westos share
319         path = /westos_share
320         hosts allow =172.25.254.200    表示westos_share共享只能允许200主机访问,此访问设定只针对westos_share生效
[root@westos_storage samba]# systemctl restart smb.service 重启
[root@foundation50 Desktop]# smbclient  //172.25.254.100/westos_share -U westos 在50主机上访问westos_share共享
Enter SAMBA\westos's password: 
tree connect failed: NT_STATUS_ACCESS_DENIED   被拒绝
[root@localhost ~]# smbclient //172.25.254.100/westos_share -U westos   200主机访问westos_share共享
Enter SAMBA\westos's password: 
Try "help" to get a list of possible commands.    可以访问
smb: \> ls
  .                                   D        0  Wed Nov  3 11:31:10 2021
  ..                                  D        0  Wed Nov  3 11:19:33 2021
  westosfile1                         N        0  Wed Nov  3 11:31:10 2021
  westosfile2                         N        0  Wed Nov  3 11:31:10 2021
  westosfile3                         N        0  Wed Nov  3 11:31:10 2021

		7353344 blocks of size 1024. 2947624 blocks available

如何让共享隐藏起来??

[root@westos_storage samba]# vim /etc/samba/smb.conf   添加,编辑配置文件
317         [westos_share]
318         comment = westos share
319         path = /westos_share
320         browseable = no   表示可以共享但是列不出来 ,隐藏共享目录
[root@localhost ~]# smbclient  -L //172.25.254.100 -U westos  访问列出资源时,可以发现westos_share被硬藏
Enter SAMBA\westos's password: 

	Sharename       Type      Comment
	---------       ----      -------
	etc             Disk      etc dir
	IPC$            IPC       IPC Service (Samba Server Version 4.11.2)
	westos          Disk      Home Directories
SMB1 disabled -- no workgroup available
[root@westos_storage samba]# vim /etc/samba/smb.conf   添加,编辑配置文件
317         [westos_share]
318         comment = westos share
319         path = /westos_share
320         browseable = yes   表示列出共享资源列表时显示共享资源
[root@localhost ~]# smbclient  -L //172.25.254.100 -U westos  访问列出资源
Enter SAMBA\westos's password: 

	Sharename       Type      Comment
	---------       ----      -------
	westos_share    Disk      westos share    显示
	etc             Disk      etc dir
	IPC$            IPC       IPC Service (Samba Server Version 4.11.2)
	westos          Disk      Home Directories
SMB1 disabled -- no workgroup available

[root@westos_storage samba]# vim /etc/samba/smb.conf  添加配置文件
317         [westos_share]
318         comment = westos share
319         path = /westos_share
320         browseable = yes
321         valid users = westos    此共享只能通过samba用户westos登陆
[root@westos_storage samba]# systemctl restart smb.service   
[root@localhost ~]# smbclient //172.25.254.100/westos_share -U westos  westos用户可以被访问westos_share共享
Enter SAMBA\westos's password: 
Try "help" to get a list of possible commands.
smb: \> ls
  .                                   D        0  Wed Nov  3 11:31:10 2021
  ..                                  D        0  Wed Nov  3 11:19:33 2021
  westosfile1                         N        0  Wed Nov  3 11:31:10 2021
  westosfile2                         N        0  Wed Nov  3 11:31:10 2021
  westosfile3                         N        0  Wed Nov  3 11:31:10 2021

		7353344 blocks of size 1024. 2947156 blocks available
[root@localhost ~]# smbclient //172.25.254.100/westos_share -U lee  lee用户不可以访问westos_share共享
Enter SAMBA\lee's password: 
session setup failed: NT_STATUS_LOGON_FAILURE

如何让westos组中的成员可以使用此共享??

[root@westos_storage samba]# vim /etc/samba/smb.conf  添加配置文件
317         [westos_share]
318         comment = westos share
319         path = /westos_share
320         browseable = yes
321         valid users = @westos   @或者+表示westos组中的成员可以使用此共享
[root@westos_storage ~]# id lee  可以看出lee 不是westos组成员
uid=1001(lee) gid=1001(lee) groups=1001(lee)
[root@westos_storage ~]# id westos 
uid=1000(westos) gid=1000(westos) groups=1000(westos)
[root@localhost~]# smbclient //172.25.254.100/westos_share -U lee  lee不是westos组成员,所以不能访问共享
Enter MYGROUP\lee's password: 
session setup failed: NT_STATUS_LOGON_FAILURE
[root@westos_storage ~]# usermod -G westos lee  将lee用户添加成westos的组成员
[root@localhost ~]# smbclient  //172.25.254.100/westos_share -U lee  lee访问此共享
Enter SAMBA\westos's password: 
Try "help" to get a list of possible commands.   可以访问
smb: \> ls
  .                                   D        0  Wed Nov  3 11:31:10 2021
  ..                                  D        0  Wed Nov  3 11:19:33 2021
  westosfile1                         N        0  Wed Nov  3 11:31:10 2021
  westosfile2                         N        0  Wed Nov  3 11:31:10 2021
  westosfile3                         N        0  Wed Nov  3 11:31:10 2021

如何让westos_share以读写的权限共享?

[root@westos_storage ~]# ls -ld /westos_share/
drwxr-xr-x. 2 root root 63 Nov  3 11:31 /westos_share/  
[root@westos_storage ~]# chmod 777 /westos_share/  在文件层面指定目录为满权限对于所有用户都可以写入
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=lee,password=westos  挂载samba共享资源到测试主机mnt目录中,挂载之后在测试主机/mnt目录中建立文件真实存储文件的位置为samba共享服务器共享出来的westos_share
[root@localhost ~]# touch /mnt/file  虽然给westos_share满权限
touch: cannot touch '/mnt/file': Permission denied 但是无法建立文件,因为在samb中设置了共享的westos_share文件不是以写的方式共享出来的
[root@localhost ~]# umount /mnt   卸载掉
[root@westos_storage ~]# vim /etc/samba/smb.conf 添加,编辑配置文件
317         [westos_share]
318         comment = westos share
319         path = /westos_share
320         browseable = yes
322         writable = yes   表示westos_share以读写方式共享
[root@westos_storage ~]# systemctl restart smb.service  重启系统
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=lee,password=westos 冲向将共享挂载到mnt里面
[root@localhost ~]# touch /mnt/file  现在就可以建立文件了
[root@westos_storage ~]# ls -l /westos_share/   可以看出共享文件里已经有file文件
total 0
-rwxr--r--. 1 lee  lee  0 Nov  3 22:55 file
-rw-r--r--. 1 root root 0 Nov  3 11:31 westosfile1
-rw-r--r--. 1 root root 0 Nov  3 11:31 westosfile2
-rw-r--r--. 1 root root 0 Nov  3 11:31 westosfile3

如何对于谁可写,谁不可写??

[root@westos_storage ~]# vim /etc/samba/smb.conf 添加,编辑配置文件
318         comment = westos share
319         path = /westos_share
320         browseable = yes
323         write list = lee   表示共享对lee可写
[root@westos_storage ~]# systemctl restart smb.service 
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=lee,password=westos 用westos用户登陆samba共享目录,
[root@localhost ~]# touch /mnt/file1  可以建立文件,可以实现写的功能
[root@localhost ~]# umount /mnt  卸载
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=westos,password=westos 用westos用户登陆samba共享目录
[root@localhost ~]# touch /mnt/file2  
touch: cannot touch '/mnt/file2': Permission denied 被拒绝,不能实现写的功能

如何对lee组成员可写??
[root@westos_storage ~]# vim /etc/samba/smb.conf 添加,编辑配置文件
317         [westos_share]
318         comment = westos share
319         path = /westos_share
320         browseable = yes
323         write list = +lee  表示对lee组成员可写
[root@westos_storage ~]# systemctl restart smb.service  重启服务
[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=westos,password=westos 用westos用户登陆samba共享目录
[root@localhost mnt]# touch /mnt/file1   被拒绝不能实现写的功能,因为westos不是lee的组成员
touch: cannot touch '/mnt/file1': Permission denied
[root@localhost mnt]# usermod -G lee westos  通过设定westos被添加到lee用户的组中
[root@localhost mnt]# id westos 
uid=1000(westos) gid=1000(westos) groups=1000(westos),1001(lee) 
root@localhost mnt]# touch /mnt/file4  可以建立文件,有写的功能

如何让共享目录对匿名用户访问??

[root@localhost mnt]# smbclient //172.25.254.100/westos_share    匿名用户访问
Enter SAMBA\root's password: 
Anonymous login successful
tree connect failed: NT_STATUS_ACCESS_DENIED    默认情况下匿名用户不能使用samba共享资源
[root@westos_storage ~]# vim /etc/samba/smb.conf  添加,编辑配置文件
119         map to guest = bad user    添加,把没有用户身份的用户都影射为guest账号

317         [westos_share]  
318         comment = westos share
319         path = /westos_share
320         browseable = yes
324         guest ok = yes  添加 ,表示此共享允许guest用户访问
[root@localhost mnt]# smbclient //172.25.254.100/westos_share  没有指定用户,就是匿名用户访问
Enter SAMBA\root's password: 
Try "help" to get a list of possible commands.
smb: \> ls                                   可以访问
  .                                   D        0  Thu Nov  4 11:05:49 2021
  ..                                  D        0  Wed Nov  3 11:19:33 2021
  westosfile1                         N        0  Wed Nov  3 11:31:10 2021
  westosfile2                         N        0  Wed Nov  3 11:31:10 2021
  westosfile3                         N        0  Wed Nov  3 11:31:10 2021
  file                                A        0  Wed Nov  3 22:55:11 2021
  file1                               A        0  Wed Nov  3 23:07:27 2021
  file4                               A        0  Thu Nov  4 11:05:50 2021

		7353344 blocks of size 1024. 2940808 blocks available
[root@localhost mnt]# mount //172.25.254.100/westos_share /mnt/ -o username=guest  匿名用户的挂载

7、samba服务与客户端的资源挂载优化

[root@localhost mnt]# mount //172.25.254.100/westos_share /mnt/ -o username=guest 
 如果用手动挂载samba共享目录到客户端的某个目录,当没有向服务器中写入数据或浏览数据时这个挂载依然存在,
 那么在闲置时依然使用服务器,这就是浪费资源,我们现在设定客户端使用时自动挂载,不使用时自动卸载,
 这样才能最大化利用服务器
[root@localhost ~]# dnf install autofs -y  在客户端安装autofs实现自动挂载和卸载
[root@localhost ~]# vim /etc/auto.master  编写挂载策略文件,添加参数
/westos (最终挂载点的上层目录) /etc/auto.share   (子挂载策略文件,此文件名称子定义,并且在系统中默认不存在)
 [root@localhost ~]# vim /etc/auto.share  编辑子挂载策略文件
samba             -fstype=cifs,username=westos,password=westos   ://172.25.254.100/westos_share
samba表示最终挂在点的相对路径            
-fstype 挂载资源的文件系统类型
username表示使用samba用户的名称
passwd表示该用户的密码
://172.25.254.100/westos_share 表示挂载服务器上的资源共享
[root@localhost ~]# systemctl enable --now autofs.service  启动服务
Created symlink /etc/systemd/system/multi-user.target.wants/autofs.service → /usr/lib/systemd/system/autofs.service.
[root@localhost westos]# cd /westos/samba   进入以挂载目录
[root@localhost samba]# ls
file  file1  file4  westosfile1  westosfile2  westosfile3
[root@localhost samba]# df
Filesystem                    1K-blocks    Used Available Use% Mounted on
devtmpfs                         907616       0    907616   0% /dev
tmpfs                            935412       0    935412   0% /dev/shm
tmpfs                            935412    9388    926024   2% /run
tmpfs                            935412       0    935412   0% /sys/fs/cgroup
/dev/vda3                       7353344 4401360   2951984  60% /
/dev/vda1                        506528  218600    287928  44% /boot
tmpfs                            187080    1180    185900   1% /run/user/42
tmpfs                            187080       4    187076   1% /run/user/0
//172.25.254.100/westos_share   7353344 4411876   2941468  60% /westos/samba   已经自动挂载
[root@localhost samba]# cd  退出samba目录,过300秒自动取消挂载,如果不想等300秒这么久,
[root@localhost ~]# vim /etc/autofs.conf  编辑autofs.conf主配置文件
timeout = 5    将300秒更改5秒,表示挂载资源在5秒以上无任何使用那么自动卸载,默认300秒
[root@localhost ~]# systemctl restart autofs.service  重启服务
[root@localhost ~]# df    没有挂载
Filesystem     1K-blocks    Used Available Use% Mounted on
devtmpfs          907616       0    907616   0% /dev
tmpfs             935412       0    935412   0% /dev/shm
tmpfs             935412    9388    926024   2% /run
tmpfs             935412       0    935412   0% /sys/fs/cgroup
/dev/vda3        7353344 4401364   2951980  60% /
/dev/vda1         506528  218600    287928  44% /boot
tmpfs             187080    1180    185900   1% /run/user/42
tmpfs             187080       4    187076   1% /run/user/0
[root@localhost ~]# cd /westos/samba   进入挂载目录,自动挂载
[root@localhost samba]# df
Filesystem                    1K-blocks    Used Available Use% Mounted on
devtmpfs                         907616       0    907616   0% /dev
tmpfs                            935412       0    935412   0% /dev/shm
tmpfs                            935412    9388    926024   2% /run
tmpfs                            935412       0    935412   0% /sys/fs/cgroup
/dev/vda3                       7353344 4401364   2951980  60% /
/dev/vda1                        506528  218600    287928  44% /boot
tmpfs                            187080    1180    185900   1% /run/user/42
tmpfs                            187080       4    187076   1% /run/user/0
//172.25.254.100/westos_share   7353344 4411896   2941448  60% /westos/samba
[root@localhost samba]# cd  退出目录i
[root@localhost ~]# df    5秒后自动卸载
Filesystem     1K-blocks    Used Available Use% Mounted on
devtmpfs          907616       0    907616   0% /dev
tmpfs             935412       0    935412   0% /dev/shm
tmpfs             935412    9388    926024   2% /run
tmpfs             935412       0    935412   0% /sys/fs/cgroup
/dev/vda3        7353344 4401364   2951980  60% /
/dev/vda1         506528  218600    287928  44% /boot
tmpfs             187080    1180    185900   1% /run/user/42
tmpfs             187080       4    187076   1% /run/user/0

8、samba服务的多用户挂载

[root@localhost ~]# mount //172.25.254.100/westos_share /mnt/ -o username=lee,password=westos  
在客户端root用户用自己的samba账户挂载了服务器资源,自己是可以浏览和使用的
[root@localhost ~]# ls /mnt/
file  file1  file4  westosfile1  westosfile2  westosfile3
[root@localhost ~]# su -- westos
[westos@localhost root]$ ls /mnt/   客户端westos用户没有通过任何samba认证,也可以浏览samba服务器上的资源,这样客户端就出现了很严重的越级漏洞
file  file1  file4  westosfile1  westosfile2  westosfile3

如何让只能通过samba认证才能看资源了??

当用户挂载smb资源时需要书写账号密码如果直接书写那么账号密码可以通过历史被其他人看到所以我 们写到文件中并设定安全权限
[root@localhost ~]# dnf install cifs-utils -y   安装多用户认证安全插件
[root@localhost ~]# man mount.cifs  查看安全插件的用法
[root@localhost ~]# vim /root/smbpass  建立文件
username=lee            添加账号和密码      
password=westos
[root@localhost ~]# chmod 600 /root/smbpass   只给自己读写权限,别人看不了 
[root@localhost ~]# mount -o credentials=/root/smbpass  //172.25.254.100/westos_share /mnt/    用credentials此参数指定密码文件后密码就被隐藏起来了
[root@localhost ~]# [root@localhost ~]# mount -o credentials=/root/smbpass,multiuser //172.25.254.100/westos_share /mnt/  multiuser表示多用户认证,当添加此参数,没用通过认证的用户是不可以访问samb上的资源
[root@localhost ~]# su -- westos   westos用户没有通过samba用户认证不能查看资源
[westos@localhost root]$ ls /mnt 
ls: cannot access '/mnt': Permission denied
[root@localhost ~]# mount -o credentials=/root/smbpass,multiuser,sec=ntlmssp //172.25.254.100/westos_share /mnt/   sec=ntlmssp 表示其他用户使用到的认证方式
[westos@localhost root]$ ls /mnt   westos用户不能访问共享资源
ls: cannot access '/mnt': Permission denied
[westos@localhost ~]$ cifscreds add -u westos 172.25.254.100  

9、nfs的简介和启用

nfs:实现linux与linux,unix与linux,之间的文件共享

nfs启用:
[root@westos_storage ~]# dnf install nfs-utils.x86_64 -y    安装, 客户端和服务端都是此安装包
[root@westos_storage ~]# systemctl enable --now nfs-server.service  启动服务
Created symlink /etc/systemd/system/multi-user.target.wants/nfs-server.service → /usr/lib/systemd/system/nfs-server.service.
nfs的 端口是2049
[root@westos_storage ~]# netstat -antlupe | grep 2049
tcp        0      0 0.0.0.0:2049            0.0.0.0:*               LISTEN      0          43220      -                   
tcp6       0      0 :::2049                 :::*                    LISTEN      0          43231      -  
[root@localhost ~]# showmount -e 172.25.254.100  列出nfs服务器中的共享资源
clnt_create: RPC: Unable to receive    报错
[root@westos_storage ~]# firewall-cmd --permanent --add-service=nfs  
success
[root@westos_storage ~]# firewall-cmd --reload 
success
[root@westos_storage ~]# firewall-cmd --permanent --add-service=rpc-bind    rpc-bind  作用是给访问请求分配一个端口
success
[root@westos_storage ~]# firewall-cmd --permanent --add-service=mountd  mountd控制共享目录的程序
success
[root@westos_storage ~]# firewall-cmd --reload 
success
[root@localhost ~]# showmount -e 172.25.254.100  可以访问了
Export list for 172.25.254.100:

共享原理图:
在这里插入图片描述

10、nfs共享目录及客户端使用方法

[root@westos_storage ~]# mkdir /westosdir  服务器上建立共享目录
[root@westos_storage ~]# ls -ld /westosdir/   
drwxr-xr-x. 2 root root 6 Nov  6 10:49 /westosdir/
[root@westos_storage ~]# chmod 777 /westosdir/    设定共享权限,设置为777目的是为了实验效果
[root@westos_storage ~]# vim /etc/exports  编辑共享策略文件
/westosdir          *(ro,sync)      表示: 只读共享,并在数据真实发生改变后才同步数据到nfs共享目录
sync表示更改生成后同步到服务器, async表示时时同步到服务器 ,ro表示只读,rw表示读写
[root@westos_storage ~]# exportfs -rv  表示使共享策略生效
exporting *:/westosdir
[root@localhost ~]# showmount -e 172.25.254.100    在客户端可以查看到共享
Export list for 172.25.254.100:
/westosdir *      
[root@localhost ~]# mount 172.25.254.100:/westosdir /mnt/   挂载,共享资源的使用方式
[root@westos_storage ~]# touch /westosdir/westosfile{1..3}  在服务器共享 目录里建立文件
[root@localhost ~]# ls /mnt/  客户端就可以查看
westosfile1  westosfile2  westosfile3
[root@westos_storage ~]# man 5 exports  共享策略方式书写查看
[root@westos_storage ~]# vim /etc/exports 添加,编辑策略文件
  1 /westosdir              *(ro,sync)
  2 /westosdir              172.25.254.200(rw,sync)    1或2表示对于除200主机以外的人只读共享,对于200主机读写
[root@westos_storage ~]# exportfs -rv   重启策略
exporting 172.25.254.200:/westosdir
exporting *:/westosdir
同样也可以如下书写方式:
  1 /westosdir              *(ro,sync) 172.25.254.200(rw,sync)   同样表示对除200以外的主机共享,对200主机读写
[root@westos_storage ~]# exportfs -rv  重启策略,一样的效果
exporting 172.25.254.200:/westosdir
exporting *:/westosdir
也可以对某个网段可以读写;
  1 /westosdir              *(ro,sync) 172.25.254.0/24(rw,sync)
[root@localhost ~]# mount 172.25.254.100://westosdir /mnt/  挂载,当客户端挂载到本地目录后,使用到的用户身份是服务器上的nobody
[root@localhost ~]# touch /mnt/westosfile4  可以建立
[root@westos_storage ~]# ls -l /westosdir/ 在客户端查看
total 0
-rw-r--r--. 1 root   root   0 Nov  6 11:13 westosfile1
-rw-r--r--. 1 root   root   0 Nov  6 11:13 westosfile2
-rw-r--r--. 1 root   root   0 Nov  6 11:13 westosfile3
-rw-r--r--. 1 nobody nobody 0 Nov  6 11:46 westosfile4    用户身份nodbody
如何更改用户身份
[root@westos_storage ~]# vim /etc/exports  编辑策略文件
  1 /westosdir              *(ro,sync) 172.25.254.200(rw,sync,anonuid=1000,anongid=1000)   指定客户端在挂载时使用的用户为100,不是默认的nobody
exporting 172.25.254.200:/westosdir
exporting *:/westosdir
[root@localhost ~]# umount /mnt   之前的挂载卸载掉
[root@localhost ~]# mount 172.25.254.100://westosdir /mnt/   重新挂载
[root@localhost ~]# touch /mnt/westosfile5  建立文件
[root@westos_storage ~]# ls -l /westosdir/
total 0
-rw-r--r--. 1 root   root   0 Nov  6 11:13 westosfile1
-rw-r--r--. 1 root   root   0 Nov  6 11:13 westosfile2
-rw-r--r--. 1 root   root   0 Nov  6 11:13 westosfile3
-rw-r--r--. 1 westos westos 0 Nov  6 12:22 westosfile5    可以看出建立的文件用户就变成westos了
默认情况下客户端用的是超级用户挂载,所到服务器中用户身份会转成nobody,如何延用超级用户身份了?
[root@westos_storage ~]# vim /etc/exports  编辑策略文件
  1 /westosdir              *(ro,sync) 172.25.254.200(rw,sync,no_root_squash)  no_root_squash表示:客户端使用超级用户身份进行nfs资源挂载后延用自己的root身份到服务器中
[root@westos_storage ~]# exportfs -rv  重启策略
exporting 172.25.254.200:/westosdir
exporting *:/westosdir
[root@localhost ~]# umount /mnt 
[root@localhost ~]# mount 172.25.254.100://westosdir /mnt/  重新挂载
[root@localhost ~]# touch /mnt/westosfile6  建立文件
[root@westos_storage ~]# ls -l /westosdir/
total 0
-rw-r--r--. 1 root   root   0 Nov  6 11:13 westosfile1
-rw-r--r--. 1 root   root   0 Nov  6 11:13 westosfile2
-rw-r--r--. 1 root   root   0 Nov  6 11:13 westosfile3
-rw-r--r--. 1 nobody nobody 0 Nov  6 11:46 westosfile4
-rw-r--r--. 1 westos westos 0 Nov  6 12:22 westosfile5
-rw-r--r--. 1 root   root   0 Nov  6 12:36 westosfile6    延用自己的root身份

11、nfs和autofs的自动挂载优化

[root@localhost ~]# dnf install autofs -y  在客户端安装自动挂载服务autofs
[root@localhost ~]# vim /etc/auto.master  添加参数, 编辑主挂载策略文件
/westos (最仲挂载点上层目录) /etc/auto.nfs(子策略文件)
[root@localhost ~]# vim /etc/auto.nfs   添加,编辑子策略文件
nfs    -rw        172.25.254.100:/westosdir   
nfs 表示最终挂载点相对路径
-rw表示挂载参数 读写 
172.25.254.100:/westosdir  表示nfs服务器共享出来的资源       
[root@localhost ~]# systemctl restart autofs.service  重启服务
[root@localhost ~]# cd /westos/nfs  进入挂载目录
[root@localhost nfs]# df
Filesystem                1K-blocks    Used Available Use% Mounted on
devtmpfs                     907616       0    907616   0% /dev
tmpfs                        935412       0    935412   0% /dev/shm
tmpfs                        935412    9392    926020   2% /run
tmpfs                        935412       0    935412   0% /sys/fs/cgroup
/dev/vda3                   7353344 4377740   2975604  60% /
/dev/vda1                    506528  218600    287928  44% /boot
tmpfs                        187080    1180    185900   1% /run/user/42
tmpfs                        187080       4    187076   1% /run/user/0
172.25.254.100:/westosdir   7353344 4382208   2971136  60% /mnt   自动挂载,退出挂载目录自动卸载

12、iscsi简介启用及客户端激活设备过程

在服务器上添加一块设备
[root@westos_storage ~]# fdisk -l
Disk /dev/vda: 8 GiB, 8589934592 bytes, 16777216 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x657e7edc

Device     Boot   Start      End  Sectors  Size Id Type
/dev/vda1  *       2048  1026047  1024000  500M 83 Linux
/dev/vda2       1026048  2050047  1024000  500M 82 Linux swap / Solaris
/dev/vda3       2050048 16777215 14727168    7G 83 Linux


Disk /dev/vdb: 5 GiB, 5368709120 bytes, 10485760 sectors    新添加5G设备
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes      
I/O size (minimum/optimal): 512 bytes / 512 bytes
[root@westos_storage ~]# fdisk /dev/vdb   划分设备

Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x81b83167.

Command (m for help): n
Partition type
   p   primary (0 primary, 0 extended, 4 free)
   e   extended (container for logical partitions)
Select (default p): p
Partition number (1-4, default 1): 
First sector (2048-10485759, default 2048): 
Last sector, +sectors or +size{K,M,G,T,P} (2048-10485759, default 10485759): +2G

Created a new partition 1 of type 'Linux' and of size 2 GiB.

Command (m for help): p
Disk /dev/vdb: 5 GiB, 5368709120 bytes, 10485760 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x81b83167

Device     Boot Start     End Sectors Size Id Type
/dev/vdb1        2048 4196351 4194304   2G 83 Linux      建立一个2G的设备

Command (m for help): wq
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
[root@westos_storage ~]# dnf  install  targetcli   安装共享策略管理软件
[root@westos_storage ~]# systemctl enable --now target  启动服务
Created symlink /etc/systemd/system/multi-user.target.wants/target.service → /usr/lib/systemd/system/target.service.
[root@westos_storage ~]# targetcli  用此命令编写共享策略
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.51
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.

在这里插入图片描述

/> /backstores/block create westos:storage1 /dev/vdb1  westos:storage1表示在此软件中设备的别名
/dev/vdb1  表示系统中真实设备
Created block storage object westos:storage1 using /dev/vdb1.  内部指定设备
/> /iscsi create iqn.2021-08.org.westos:storage1  建立对外共享名称,iqn的命名方式iscs限定名称,格式为iqn.YYYY-MM.域名反写:别名
Created target iqn.2021-08.org.westos:storage1.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/> iscsi/iqn.2021-08.org.westos:storage1/tpg1/luns create /backstores/block/westos:storage1  把共享名称和内部指定设备关联
Created LUN 0.
/> iscsi/iqn.2021-08.org.westos:storage1/tpg1/acls create iqn.2021-08.org.westos:westoskey  为共享设定访问key ,westoskey表示加密字符
Created Node ACL for iqn.2021-08.org.westos:westoskey
Created mapped LUN 0.
/> exit   退出,共享完成
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json

在客户端:
[root@localhost nfs]# dnf install iscsi-initiator-utils.x86_64  -y  安装客户端软件
[root@localhost nfs]# systemctl status iscsid 对客户端控制配置服务
[root@localhost nfs]# systemctl status iscsi  客户端对资源利用服务
[root@localhost nfs]# iscsiadm -m discovery -t st -p 172.25.254.100
-m 表示类型
-t指定识别的设备类型
-p 表示指定资源主机ip(服务器)
iscsiadm: cannot make connection to 172.25.254.100: No route to host     表示连接100服务器失败需要设定火墙
iscsiadm: cannot make connection to 172.25.254.100: No route to host 
iscsiadm: cannot make connection to 172.25.254.100: No route to host
[root@westos_storage ~]# firewall-cmd --permanent --add-port=3260/tcp   开放服务的端口让客户端可以访问
success
[root@westos_storage ~]# firewall-cmd --reload 
success
[root@localhost nfs]# iscsiadm -m discovery -t st -p 172.25.254.100   共享信息可以查询
172.25.254.100:3260,1 iqn.2021-08.org.westos:storage1
[root@localhost nfs]# iscsiadm -m node -T iqn.2021-08.org.westos:storage1 -p 172.25.254.100 -l  挂载,-T表示指定共享设备名称 -l表示登陆共享设备
Logging in to [iface: default, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260]
iscsiadm: Could not login to [iface: default, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260].
iscsiadm: initiator reported error (24 - iSCSI login failed due to authorization failure)   认证失败,因为在客户端中未指定服务端的共享key所以无法登陆
iscsiadm: Could not log into all portals
[root@localhost nfs]# vim /etc/iscsi/initiatorname.iscsi  需要在客户端的此文件指定key
InitiatorName=iqn.2021-08.org.westos:westoskey    服务器中的共享key
[root@localhost nfs]# systemctl restart iscsid.service   重启服务
[root@localhost nfs]# iscsiadm -m node -T iqn.2021-08.org.westos:storage1 -p 172.25.254.100 -l  再次挂载,挂载成功
Logging in to [iface: default, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260]
Login to [iface: default, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260] successful.
[root@localhost nfs]# 
[root@localhost nfs]# fdisk -l
Disk /dev/vda: 8 GiB, 8589934592 bytes, 16777216 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x657e7edc

Device     Boot   Start      End  Sectors  Size Id Type
/dev/vda1  *       2048  1026047  1024000  500M 83 Linux
/dev/vda2       1026048  2050047  1024000  500M 82 Linux swap / Solaris
/dev/vda3       2050048 16777215 14727168    7G 83 Linux


Disk /dev/sda: 2 GiB, 2147483648 bytes, 4194304 sectors    在客户端系统中会出现一个新的硬盘,大小为服务器共享的设备大小
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
[root@localhost nfs]# fdisk /dev/sda 

Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0xc7c17f0d.

Command (m for help): n  
Partition type
   p   primary (0 primary, 0 extended, 4 free)
   e   extended (container for logical partitions)
Select (default p): p
Partition number (1-4, default 1): 
First sector (2048-4194303, default 2048): 
Last sector, +sectors or +size{K,M,G,T,P} (2048-4194303, default 4194303): 

Created a new partition 1 of type 'Linux' and of size 2 GiB.

Command (m for help): p
Disk /dev/sda: 2 GiB, 2147483648 bytes, 4194304 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xc7c17f0d

Device     Boot Start     End Sectors Size Id Type
/dev/sda1        2048 4194303 4192256   2G 83 Linux

Command (m for help): wq
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.

[root@localhost nfs]# mkfs.xfs /dev/sda1    格式化
meta-data=/dev/sda1              isize=512    agcount=4, agsize=131008 blks
         =                       sectsz=512   attr=2, projid32bit=1
         =                       crc=1        finobt=1, sparse=1, rmapbt=0
         =                       reflink=1
data     =                       bsize=4096   blocks=524032, imaxpct=25
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0, ftype=1
log      =internal log           bsize=4096   blocks=2560, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=1
realtime =none                   extsz=4096   blocks=0, rtextents=0
[root@localhost nfs]# mount /dev/sda1  /mnt/   挂载
设备就可以使用了 ,iscs直接把服务器中的设备共享出来了

13.客户端永久挂载设备方法

[root@localhost nfs]# blkid  查看设备id
/dev/vda1: UUID="3cc65186-5c1a-4b64-937d-76fa3feec0c8" TYPE="xfs" PARTUUID="657e7edc-01"
/dev/vda2: UUID="a0f0361a-8846-4d19-ac39-653b0b79aff8" TYPE="swap" PARTUUID="657e7edc-02"
/dev/vda3: UUID="0eb49537-4c55-4a43-986f-98bd31d7cfd2" TYPE="xfs" PARTUUID="657e7edc-03"
/dev/sda1: UUID="24a0d435-2066-4d1c-9d8a-3c216d74089d" TYPE="xfs" PARTUUID="c7c17f0d-01"
网络设备因网络通信的缘故可能发生名称变化所以推荐挂载时使用设备的id进行设备的指定
[root@localhost nfs]# vim /etc/fstab   编辑永久挂载文件,添加参数
UUID=24a0d435-2066-4d1c-9d8a-3c216d74089d  /mnt                   xfs     defaults       0 0   
[root@localhost nfs]# reboot  重启系统,会导致系统启动失败

在这里插入图片描述
如何解决此问题:

[root@localhost nfs]# vim /etc/fstab   编辑永久挂载文件,添加参数
UUID=24a0d435-2066-4d1c-9d8a-3c216d74089d  /mnt                   xfs     defaults,_netdev        0 0   
_netdev表示指定此设备在挂载时先启动网络iscs服务后在生效
[root@localhost ~]# reboot  重启系统,系统就可以正常启动
[root@localhost ~]# df   
Filesystem     1K-blocks    Used Available Use% Mounted on
devtmpfs          907616       0    907616   0% /dev
tmpfs             935412       0    935412   0% /dev/shm
tmpfs             935412    9452    925960   2% /run
tmpfs             935412       0    935412   0% /sys/fs/cgroup
/dev/vda3        7353344 4426496   2926848  61% /
/dev/vda1         506528  218600    287928  44% /boot
/dev/sda1        2085888   47580   2038308   3% /mnt                开机自动挂载
tmpfs             187080    1180    185900   1% /run/user/42
tmpfs             187080       4    187076   1% /run/user/0

14、iscsi的删除

客户端:
[root@localhost ~]# vim /etc/fstab    删除网络设备自动挂载信息
UUID=24a0d435-2066-4d1c-9d8a-3c216d74089d  /mnt                   xfs     defaults,_netdev        0 0  这一条信息删除
[root@localhost ~]# umount /mnt  卸载掉设备
[root@localhost ~]# tree /var/lib/iscsi/  在客户端读取到的服务器的所有数据存放目录
/var/lib/iscsi/
├── ifaces
├── isns
├── nodes
│   └── iqn.2021-08.org.westos:storage1
│       └── 172.25.254.100,3260,1
│           └── default
├── send_targets
│   └── 172.25.254.100,3260
│       ├── iqn.2021-08.org.westos:storage1,172.25.254.100,3260,1,default -> /var/lib/iscsi/nodes/iqn.2021-08.org.westos:storage1/172.25.254.100,3260,1
│       └── st_config
├── slp
└── static
[root@localhost ~]# iscsiadm -m node -T iqn.2021-08.org.westos:storage1 -p 172.25.254.100 -u  -u表示退出登陆
Logging out of session [sid: 1, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260]
Logout of [sid: 1, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260] successful.
[root@localhost ~]# fdisk -l   退出登陆后设备消失,但是数据还在重启iscs设备服务器后设备会自动出现
Disk /dev/vda: 8 GiB, 8589934592 bytes, 16777216 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x657e7edc

Device     Boot   Start      End  Sectors  Size Id Type
/dev/vda1  *       2048  1026047  1024000  500M 83 Linux
/dev/vda2       1026048  2050047  1024000  500M 82 Linux swap / Solaris
/dev/vda3       2050048 16777215 14727168    7G 83 Linux
[root@localhost ~]# systemctl restart iscsi  重启iscs服务
[root@localhost ~]# fdisk -l    查看设备,设备又回来了
Disk /dev/vda: 8 GiB, 8589934592 bytes, 16777216 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x657e7edc

Device     Boot   Start      End  Sectors  Size Id Type
/dev/vda1  *       2048  1026047  1024000  500M 83 Linux
/dev/vda2       1026048  2050047  1024000  500M 82 Linux swap / Solaris
/dev/vda3       2050048 16777215 14727168    7G 83 Linux


Disk /dev/sda: 2 GiB, 2147483648 bytes, 4194304 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xc7c17f0d

Device     Boot Start     End Sectors Size Id Type
/dev/sda1        2048 4194303 4192256   2G 83 Linux    设备又回来了
如何永久删掉 ??
[root@localhost ~]# iscsiadm -m node -T iqn.2021-08.org.westos:storage1 -p 172.25.254.100 -u  登出
Logging out of session [sid: 2, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260]
Logout of [sid: 2, target: iqn.2021-08.org.westos:storage1, portal: 172.25.254.100,3260] successful.
[root@localhost ~]# iscsiadm -m node -T iqn.2021-08.org.westos:storage1 -p 172.25.254.100 -o delete  ,delete作用:删除客户主机此网络设备的数据
[root@localhost ~]# tree /var/lib/iscsi/   可以发现数据信息不见了
/var/lib/iscsi/
├── ifaces
├── isns
├── nodes
├── send_targets
│   └── 172.25.254.100,3260
│       └── st_config
├── slp
└── static
[root@localhost ~]# systemctl restart iscsi  重启iscs服务
[root@localhost ~]# tree /var/lib/iscsi/     还是么有数据信息,这次就彻底删除了
/var/lib/iscsi/
├── ifaces
├── isns
├── nodes
├── send_targets
│   └── 172.25.254.100,3260
│       └── st_config
├── slp
└── static

服务端如何删除:
[root@westos_storage ~]# targetcli   
targetcli shell version 2.1.51
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.

/> ls
o- / ................................................................................................... [...]
  o- backstores ........................................................................................ [...]
  | o- block ............................................................................ [Storage Objects: 1]
  | | o- westos:storage1 ........................................... [/dev/vdb1 (2.0GiB) write-thru activated]
  | |   o- alua ............................................................................. [ALUA Groups: 1]
  | |     o- default_tg_pt_gp ................................................. [ALUA state: Active/optimized]
  | o- fileio ........................................................................... [Storage Objects: 0]
  | o- pscsi ............................................................................ [Storage Objects: 0]
  | o- ramdisk .......................................................................... [Storage Objects: 0]
  o- iscsi ...................................................................................... [Targets: 1]
  | o- iqn.2021-08.org.westos:storage1 ............................................................. [TPGs: 1]
  |   o- tpg1 ......................................................................... [no-gen-acls, no-auth]
  |     o- acls .................................................................................... [ACLs: 1]
  |     | o- iqn.2021-08.org.westos:westoskey ............................................... [Mapped LUNs: 1]
  |     |   o- mapped_lun0 ................................................. [lun0 block/westos:storage1 (rw)]
  |     o- luns .................................................................................... [LUNs: 1]
  |     | o- lun0 ..................................... [block/westos:storage1 (/dev/vdb1) (default_tg_pt_gp)]
  |     o- portals .............................................................................. [Portals: 1]
  |       o- 0.0.0.0:3260 ............................................................................... [OK]
  o- loopback ................................................................................... [Targets: 0]
/> clearconfig confirm=True    表示清空服务器中的共享数据
All configuration cleared
/> ls   查看,已经删除了
o- / ................................................................................................... [...]
  o- backstores ........................................................................................ [...]
  | o- block ............................................................................ [Storage Objects: 0]
  | o- fileio ........................................................................... [Storage Objects: 0]
  | o- pscsi ............................................................................ [Storage Objects: 0]
  | o- ramdisk .......................................................................... [Storage Objects: 0]
  o- iscsi ...................................................................................... [Targets: 0]
  o- loopback ................................................................................... 
/> exit 
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json





发表评论:

Copyright Your WebSite.Some Rights Reserved.