Solved NFS: Export part of a zpool readonly, another part writable?

I have been trying to configure a zpool so that I can export part of it readonly (let's say /tank/readable/) and another part with read and write privileges (say /tank/writable/). My reading of man exports and various posts is that the export process is fairly rigid for a file system/client pair - you can effectively only have one configuration. I've tested a variety of simple tricks but they simply failed; symlinks appear forbidden as an export root, and while I could export a folder with a symlink inside, the symlink was a link within the client's file system (not surprisingly, in retrospect).

I would be interested in any approaches people have used to address this issue. I suspect the approach would be with zfs create to make a new file system in the zpool; does that sound reasonable? I presume I would have to mv the data from /tank/writable/ to the new file system (since symlinks are out), but if there are other options that would allow the writable data to remain at the root level of the zpool I'd like to hear them.
 
As far as I can see it should be fairly easy to export 2 file systems, one read/write, one read only, to the same client(s). Haven't tested it but the man page suggests the following should work:

Code:
# zfs create tank/writable
# zfs create tank/readable
# zfs set sharenfs="-network=1.2.3.4/24" tank/writable
# zfs set sharenfs="-ro -network=1.2.3.4/24" tank/readable

Obviously both file systems have to be mounted separately on the client but that's always the case with NFS.

Edit: in fact, you could probably do it in one go if the filesystems don't already exist:
Code:
# zfs create -o sharenfs="..." filesystem

You can also do the following to doubly make sure nothing can change on the read only file system (even locally - you'd have to toggle this off then on to make any changes).

Code:
# zfs set readonly=on tank/readable
 
usdmatt said:
As far as I can see it should be fairly easy to export 2 file systems, one read/write, one read only, to the same client(s).

Ok, thanks; I've done more or less what you suggest, though I only made one additional file system. My /etc/exports looks like this:
Code:
/tank                         master.local
/tank/readA /tank/ReadB  -ro  client1.local client2.local
/tank/writeable               client1.local client2.local master.local

So /tank is the zpool, and readA and readB are root-level directories in the pool that are being made available to two clients, who only have read permissions there. The "master" machine is being given full read/write access to the pool. /tank/writeable is the new ZFS file system, and is being separately exported to all three machines. The master /etc/fstab has two entries (first mount the pool, then mount writeable), while the clients have three (mount ReadA, ReadB and writeable).

I never like increasing the number of moving parts, but this seems like the best mechanism to get around the strictures of NFS exports, and does not seem too onerous.
 
Back
Top