First of all, you have to create the directory where the logs will be mounted, as well as the backup directories.
[root@server ~]# mkdir -p /mnt/shared/logs
[root@server ~]# mkdir -p /backup/logs/nfs /backup/logs/samba
So that SELinux allows Apache to access a directory brought by NFS or Samba, you have to enable the variables httpd_use_nfs and httpd_use_cifs. In addition, you have to change the SELinux security context of each directory imported.
[root@server ~]# setsebool -P httpd_use_nfs=on httpd_use_cifs=on
[root@server ~]# chcon -R -u system_u /mnt/shared/logs
[root@server ~]# chcon -R -t httpd_sys_content_t /mnt/shared/logs
Because the log server will not share any data through NFS and will offer no service by means of portmap, you will be able to deactivate the nfslock service.
[root@server ~]# service nfslock stop
[root@server ~]# chkconfig nfslock off
If you want to mount the NFS remote directory from client by hand, run the following order.
[root@server ~]# mount -t nfs -o soft,intr client.local:/var/log /mnt/shared/logs
And for the case of Samba.
[root@server ~]# mount -t cifs -o username=samba_logs,password=xxxxxx,soft //client.local/logs /mnt/shared/logs
The problem of mounting a remote directory statically is that the traffic passed down over the network is also increased, since when a file is updated, it is refreshed in the destination in the same way.
Moreover, you have to take into account another severe problem related to mount file systems via Samba, and is that if the connection is cut off (restarted, some network problem, etc.), Samba does not reconnect and the mount point can remain in an unstable state, thereby any existing synchronization would be lost. Thus, it is really important to always mount file systems by using automount.
Automount is a useful tool which takes care of mounting a directory when it is really accessed. It has got a timeout (600 sg by default) that when it is completed, the directory is automatically unmounted. This situation leads to reduce the network traffic (there may be long periods where you are not accessing the shared space) and avoid loss of synchronization. Also say that automount is managed by the autofs daemon.
This is the configuration used by automount to mount the log directory from client.
[root@server ~]# yum install autofs
[root@server ~]# vim /etc/auto.master
...
/mnt/shared/logs /etc/auto.logs -g,--timeout=300
[root@server ~]# cat /etc/auto.logs
nfs -fstype=nfs,soft,intr client.local:/var/log
samba -fstype=cifs,username=samba_logs,password=xxxxxx,iocharset=utf8,soft ://client.local/logs
[root@server ~]# chmod 600 /etc/auto.logs
[root@server ~]# service autofs restart
The soft option is used for an application which is trying to access the shared area does not keep blocked if the connection is lost, and brings the control back to the system after 0.7 sg. With intr, allows the user to send an interruption signal if the application which uses NFS hangs.
If instead of hooking up to a Linux machine via Samba you have a Windows machine inside a domain, you would have to specify the domain name through the domain parameter.
Also mention that when you are mounting a directory from a Windows server, it might happen that strange characters turn up. This is due to the character conversion. So as to fix it, you have to use the iocharset=utf8 option for each mount point.
No comments:
Post a Comment