Efficient NFS Server Setup with Ansible on Red Hat

How to export NFS Share in RedHat-like Linux systems with Ansible?

I'm going to show you a live Playbook with some simple Ansible code. I'm Luca Berton and welcome to today's episode of Ansible Pilot.

See also: Efficient Web Server Setup Using Ansible Playbook

Export an NFS Share in RedHat-like systems

• install packages => ansible.builtin.yum • create directory => ansible.builtin.file • share in config => ansible.builtin.lineinfile • export shares => ansible.builtin.command • restart service => ansible.builtin.service • open firewall => ansible.posix.firewalld

Today we're talking about how to export an NFS Share in RedHat-like Linux systems. The full process requires six steps that you could automate with six different Ansible modules. Firstly you need to install the nfs-utils package and dependency using the ansible.builtin.yum Ansible module. Secondly, you need to create the share directory and assign the permission using the ansible.builtin.file Ansible module. Thirdly you need to add the share in the /etc/exports config file using the ansible.builtin.lineinfile Ansible module to add text lines in files. Fourthly you need to export shares executing the exportfs command line utility via ansible.builtin.command Ansible module, unfortunately there is not a specific module, yet. Fifthly you need to restart the nfs-server service and all the dependant using the ansible.builtin.service Ansible module. Sixthly you need to open the relevant firewall service-related ports using the ansible.posix.firewalld Ansible module.

## Playbook

Export NFS Share in RedHat-like systems with Ansible Playbook.

code

• nfs_server_redhat.yml

---
- name: nfs service Playbook
  hosts: all
  become: true
  vars:
    share: "/nfs/share"
    options: "192.168.0.0/24(rw,sync,root_squash)"
    permission: '0777'
  tasks:
    - name: NFS server installed
      ansible.builtin.yum:
        name:
          - nfs-utils
          - nfs4-acl-tools
        state: present
- name: share directory exists
      ansible.builtin.file:
        path: "{{ share }}"
        state: directory
        mode: "{{ permission }}"
        owner: root
        group: root
- name: share in /etc/exports file
      ansible.builtin.lineinfile:
        path: /etc/exports
        state: present
        line: '{{ share }} {{ options }}'
      notify: restart NFS server
- name: export share
      ansible.builtin.command: "exportfs -rav"
- name: firewall enabled
      ansible.posix.firewalld:
        service: "{{ item }}"
        state: enabled
        permanent: true
        immediate: true
      with_items:
        - nfs
        - rpc-bind
        - mountd
handlers:
    - name: restart NFS server
      ansible.builtin.service:
        name: nfs-server
        state: restarted
        enabled: true

execution

$ ansible-playbook -i virtualmachines/demo/inventory services/nfs_redhat.yml
PLAY [nfs service Playbook] ***************************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [demo.example.com]
TASK [NFS server installed] ***********************************************************************
changed: [demo.example.com]
TASK [share directory exists] *********************************************************************
changed: [demo.example.com]
TASK [share in /etc/exports file] *****************************************************************
changed: [demo.example.com]
TASK [export share] *******************************************************************************
changed: [demo.example.com]
TASK [firewall enabled] ***************************************************************************
changed: [demo.example.com] => (item=nfs)
changed: [demo.example.com] => (item=rpc-bind)
changed: [demo.example.com] => (item=mountd)
RUNNING HANDLER [restart NFS server] **************************************************************
changed: [demo.example.com]
PLAY RECAP ****************************************************************************************
demo.example.com           : ok=7    changed=6    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

before execution

$ ssh devops@demo.example.com
[devops@demo ~]$ sudo su
[root@demo devops]# cat /etc/redhat-release 
Red Hat Enterprise Linux release 8.4 (Ootpa)
[root@demo devops]# rpm -qa | grep nfs-utils
[root@demo devops]# systemctl status nfs-server.service
Unit nfs-server.service could not be found.
[root@demo devops]# exportfs -s
bash: exportfs: command not found
[root@demo devops]# cat /etc/exports
[root@demo devops]# ls -al /etc/exports
-rw-r--r--. 1 root root 0 Sep 10  2018 /etc/exports
[root@demo devops]# ls -al /nfs/share
ls: cannot access '/nfs/share': No such file or directory
[root@demo devops]# firewall-cmd --state
running
[root@demo devops]# firewall-cmd --list-services
cockpit dhcpv6-client ssh
[root@demo devops]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: cockpit dhcpv6-client ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
[root@demo devops]#

after execution

$ ssh devops@demo.example.com
Last login: Sun Nov 28 16:52:14 2021 from 192.168.0.103
[devops@demo ~]$ sudo su
[root@demo devops]# rpm -qa | grep nfs-utils
nfs-utils-2.3.3-46.el8.x86_64
[root@demo devops]# systemctl status nfs-server.service
● nfs-server.service - NFS server and services
   Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; enabled; vendor preset: disabled)
  Drop-In: /run/systemd/generator/nfs-server.service.d
           └─order-with-mounts.conf
   Active: active (exited) since Sun 2021-11-28 16:51:39 UTC; 1min 22s ago
  Process: 7484 ExecStart=/bin/sh -c if systemctl -q is-active gssproxy; then systemctl reload gss>
  Process: 7472 ExecStart=/usr/sbin/rpc.nfsd (code=exited, status=0/SUCCESS)
  Process: 7471 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
 Main PID: 7484 (code=exited, status=0/SUCCESS)
Nov 28 16:51:39 demo.example.com systemd[1]: Starting NFS server and services...
Nov 28 16:51:39 demo.example.com systemd[1]: Started NFS server and services.
[root@demo devops]# exportfs -s
/nfs/share  192.168.0.0/24(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,root_squash,no_all_squash)
[root@demo devops]# cat /etc/exports
/nfs/share 192.168.0.0/24(rw,sync,root_squash)
[root@demo devops]# ls -al /nfs/share
total 0
drwxrwxrwx. 2 root root  6 Nov 28 16:51 .
drwxrwxrwx. 3 root root 19 Nov 28 16:51 ..
[root@demo devops]# firewall-cmd --state
running
[root@demo devops]# firewall-cmd --list-services
cockpit dhcpv6-client mountd nfs rpc-bind ssh
[root@demo devops]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: cockpit dhcpv6-client mountd nfs rpc-bind ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
[root@demo devops]#

code with ❤️ in GitHub

Conclusion

Now you know how to export NFS Share in RedHat-like Linux systems with Ansible.

See also: Deploy Squid Proxy on RedHat Systems with Ansible

Related Articles

• handler ordering in Ansible • using become for sudo in Ansible • how Ansible inventory works • state=absent with ansible.builtin.file • role-based playbook organization in Ansible

See also

• Ansible subscription-manager: Register RHEL with redhat_subscription Module