NFS

Options for File Sharing between Windows & Linux hosts

• Samba | wikipedia.org | samba.org : Samba is a FOSS implementation of the SMB (Server Message Block) protocol. Samba runs on Windows and most Linux distros. Suitable for straightforward file sharing between Windows and Linux systems, especially in small to medium-sized environments. Samba is convenient because it supports the SMB protocol natively used by Windows, making it simple to configure cross-platform file sharing. Yet larger enterprises often use more advanced or specialized systems, especially when higher performance, scalability, or advanced features are required.

  • Samba services are implemented as two daemons:
    • smbd : Provides the file and printer sharing services.
      • Configuration : Located at either:
        • /etc/smb.conf
        • /etc/samba/smb.conf
    • nmbd : Provides the NetBIOS-to-IP-address name service.
  • SMB Versions:
    • SMB1 AKA CIFS: This version is deprecated and disabled by default on most modern systems because it has many security issues (such as susceptibility to man-in-the-middle attacks) and lacks the encryption and integrity checks present in later versions. Microsoft and other vendors strongly recommend disabling SMB1.
    • SMB2 & SMB3: These versions are current and secure, with SMB3 being the most recent and providing enhancements such as encryption, improved performance, and better resilience. SAMBA fully supports these versions.

• NFS (Network File System): Primarily used in Unix/Linux environments, though it can be used on Windows with a client installation. NFS is often preferred in Linux-heavy environments because it offers better performance with Linux file systems. Some organizations use both SAMBA and NFS depending on whether the client is Windows or Linux.

• NetApp & EMC Isilon: These are dedicated, enterprise-grade storage appliances that support multi-protocol access, including SMB, NFS, and sometimes iSCSI. They provide advanced features like snapshotting, replication, and high-availability configurations, which are beneficial for large-scale deployments.

  • NFS in vSphere/ESXi environment
  • Linux NFS AD Permissions Issues

• Ceph: An open-source distributed storage platform that supports multiple interfaces, including CephFS for file storage. Ceph can integrate with SAMBA for SMB shares or directly with NFS for Unix/Linux systems, making it a flexible option for mixed environments.

• Azure Files & AWS FSx: For enterprises moving to the cloud, managed storage solutions like Azure Files (with SMB and NFS support) or AWS FSx for Windows File Server (SMB support) are becoming popular for hybrid cloud environments. These services are fully managed, scalable, and offer high availability and integration with cloud-native services.

In most enterprises, the choice between these depends on factors like performance requirements, ease of management, security, scalability, and support for disaster recovery.

NetApp

Runs under ONTAP, a proprietary OS having a Unix-like CLI.

Use NFSv3, which abides Linux-client UID/GID permissions, requiring only minimal coupling of server-client configurations.

NFSv4 uses names of users and groups instead, and requires evermore coupling of server-client configurations. Moreover, if storage consumers include automated provisioners (e.g., for containerized workloads), the highly-coupled if not manual configuration requirements are worst fit.

@ Client machine(s)

# Remote NFS server (SERVER:EXPORT) params
server=192.168.0.216
export=/remote/export

# Local NFS client mount params
mount=/local/path
options='nfsvers=3,sec=sys,proto=tcp,port=2049,noacl,nolock'

# Prep the local mount point
sudo mkdir -p $mount
sudo chown :$aGID $mount
sudo chmod g+s $mount # So all files created thereunder/after are of group $aGID

# Mount now : does not survive reboot and is not mounted by `mount -a`
sudo mount -t nfs -o "$options" $server:$export $mount

# Mount persistently and by `mount -a` 
cat /etc/fstab |grep $mount ||
    echo "$server:$export    $mount    defaults,$options    0 0" |sudo tee -a /etc/fstab

• Required client services (RHEL)
• Enabling client-side caching of NFS content
• chmod g+s : SetGID bit (setgid) on mount point so all created thereunder inherit parent GID
• Mount options : "defaults,..."
  • nfsvers (NFS version) : Use instead of nfs if at RHEL 7+
  • sec (Security mode)
    • Use sys for authentication of NFS operations by local (client) UNIX UIDs/GIDs (AUTH_SYS)
    • Use krb5 for Kerberos V5 instead.
  • port, proto : 2049/TCP is the default for NFS, both NFSv3 and NFSv4, assigned by IANA.
    Hence those parameter declarations are often omitted.

@ /etc/fstab

192.168.0.216:/remote/export    /local/path    nfs    defaults,nfsvers=3,sec=sys,port=2049,proto=tcp,noacl,nolock    0 0