NFS Server - Export an NFS Share in RedHat-like systems: RHEL, CentOS, CentOS Stream, Fedora - Ansible modules yum, file, lineinfile, command, firewalld, service

How to automate the configuration of an NFS Server with Ansible in six tasks: install packages, create the NFS share directory, add share in the config, export shares, restart NFS service and enable on boot, and open firewall service ports on boot in a RedHat-like Linux target system: RedHat Enterprise Linux, CentOS, CentOS Stream, Fedora, ClearOS, Oracle Linux, EuroLinux, Fermi Linux, EulerOS, ROSA Linux, Springdale Linux, Asianux
How to export NFS Share in RedHat-like Linux systems with Ansible?
I’m going to show you a live demo with some simple Ansible code. I’m Luca Berton and welcome to today’s episode of Ansible Pilot.
Export an NFS Share in RedHat-like systems
- install packages => ansible.builtin.yum
- create directory => ansible.builtin.file
- share in config => ansible.builtin.lineinfile
- export shares => ansible.builtin.command
- restart service => ansible.builtin.service
- open firewall => ansible.posix.firewalld
Today we’re talking about how to export an NFS Share in RedHat-like Linux systems.
The full process requires six steps that you could automate with six different Ansible modules.
Firstly you need to install the nfs-utils
package and dependency using the ansible.builtin.yum
Ansible module.
Secondly, you need to create the share directory and assign the permission using the ansible.builtin.file
Ansible module.
Thirdly you need to add the share in the /etc/exports
config file using the ansible.builtin.lineinfile
Ansible module to add text lines in files.
Fourthly you need to export shares executing the exportfs
command line utility via ansible.builtin.command
Ansible module, unfortunately there is not a specific module, yet.
Fifthly you need to restart the nfs-server
service and all the dependant using the ansible.builtin.service
Ansible module.
Sixthly you need to open the relevant firewall service-related ports using the ansible.posix.firewalld
Ansible module.
demo
Export NFS Share in RedHat-like systems with Ansible Playbook.
code
- nfs_server_redhat.yml
---
- name: nfs service demo
hosts: all
become: true
vars:
share: "/nfs/share"
options: "192.168.0.0/24(rw,sync,root_squash)"
permission: '0777'
tasks:
- name: NFS server installed
ansible.builtin.yum:
name:
- nfs-utils
- nfs4-acl-tools
state: present
- name: share directory exists
ansible.builtin.file:
path: "{{ share }}"
state: directory
mode: "{{ permission }}"
owner: root
group: root
- name: share in /etc/exports file
ansible.builtin.lineinfile:
path: /etc/exports
state: present
line: '{{ share }} {{ options }}'
notify: restart NFS server
- name: export share
ansible.builtin.command: "exportfs -rav"
- name: firewall enabled
ansible.posix.firewalld:
service: "{{ item }}"
state: enabled
permanent: true
immediate: true
with_items:
- nfs
- rpc-bind
- mountd
handlers:
- name: restart NFS server
ansible.builtin.service:
name: nfs-server
state: restarted
enabled: true
execution
$ ansible-playbook -i virtualmachines/demo/inventory services/nfs_redhat.yml
PLAY [nfs service demo] ***************************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [demo.example.com]
TASK [NFS server installed] ***********************************************************************
changed: [demo.example.com]
TASK [share directory exists] *********************************************************************
changed: [demo.example.com]
TASK [share in /etc/exports file] *****************************************************************
changed: [demo.example.com]
TASK [export share] *******************************************************************************
changed: [demo.example.com]
TASK [firewall enabled] ***************************************************************************
changed: [demo.example.com] => (item=nfs)
changed: [demo.example.com] => (item=rpc-bind)
changed: [demo.example.com] => (item=mountd)
RUNNING HANDLER [restart NFS server] **************************************************************
changed: [demo.example.com]
PLAY RECAP ****************************************************************************************
demo.example.com : ok=7 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
before execution
$ ssh [email protected]
[[email protected] ~]$ sudo su
[[email protected] devops]# cat /etc/redhat-release
Red Hat Enterprise Linux release 8.4 (Ootpa)
[[email protected] devops]# rpm -qa | grep nfs-utils
[[email protected] devops]# systemctl status nfs-server.service
Unit nfs-server.service could not be found.
[[email protected] devops]# exportfs -s
bash: exportfs: command not found
[[email protected] devops]# cat /etc/exports
[[email protected] devops]# ls -al /etc/exports
-rw-r--r--. 1 root root 0 Sep 10 2018 /etc/exports
[[email protected] devops]# ls -al /nfs/share
ls: cannot access '/nfs/share': No such file or directory
[[email protected] devops]# firewall-cmd --state
running
[[email protected] devops]# firewall-cmd --list-services
cockpit dhcpv6-client ssh
[[email protected] devops]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0 eth1
sources:
services: cockpit dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[[email protected] devops]#
after execution
$ ssh [email protected]
Last login: Sun Nov 28 16:52:14 2021 from 192.168.0.103
[[email protected] ~]$ sudo su
[[email protected] devops]# rpm -qa | grep nfs-utils
nfs-utils-2.3.3-46.el8.x86_64
[[email protected] devops]# systemctl status nfs-server.service
● nfs-server.service - NFS server and services
Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; enabled; vendor preset: disabled)
Drop-In: /run/systemd/generator/nfs-server.service.d
└─order-with-mounts.conf
Active: active (exited) since Sun 2021-11-28 16:51:39 UTC; 1min 22s ago
Process: 7484 ExecStart=/bin/sh -c if systemctl -q is-active gssproxy; then systemctl reload gss>
Process: 7472 ExecStart=/usr/sbin/rpc.nfsd (code=exited, status=0/SUCCESS)
Process: 7471 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
Main PID: 7484 (code=exited, status=0/SUCCESS)
Nov 28 16:51:39 demo.example.com systemd[1]: Starting NFS server and services...
Nov 28 16:51:39 demo.example.com systemd[1]: Started NFS server and services.
[[email protected] devops]# exportfs -s
/nfs/share 192.168.0.0/24(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,root_squash,no_all_squash)
[[email protected] devops]# cat /etc/exports
/nfs/share 192.168.0.0/24(rw,sync,root_squash)
[[email protected] devops]# ls -al /nfs/share
total 0
drwxrwxrwx. 2 root root 6 Nov 28 16:51 .
drwxrwxrwx. 3 root root 19 Nov 28 16:51 ..
[[email protected] devops]# firewall-cmd --state
running
[[email protected] devops]# firewall-cmd --list-services
cockpit dhcpv6-client mountd nfs rpc-bind ssh
[[email protected] devops]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0 eth1
sources:
services: cockpit dhcpv6-client mountd nfs rpc-bind ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[[email protected] devops]#
Recap
Now you know how to export NFS Share in RedHat-like Linux systems with Ansible. Subscribe to the YouTube channel, Medium, Website and Twitter to not miss the next episode of the Ansible Pilot.
Academy
Learn the Ansible automation technology with some real-life examples in my
My book Ansible By Examples: 100+ Automation Examples For Linux and Windows System Administrator and DevOps
Donate
Want to keep this project going? Please donate