I'm unable to add a Windows Server 2008 R2 NFS share. When I try to add the share I receive the following error:
"HostDatastoreSystem.CreateNasDatastore" for object "ha-datastoresystem" on ESXi "192.168.1.24" failed.
NFS mount server1:nfs failed: The mount request was denied by the NFS server. Check that the export exists and that the client is permitted to mount it.
I have enabled the NFS service in server 2008 R2 and shared using NFS setting (as referenced here: http://www.kasraeian.com/2011/02/nfs-on-windows-server-2008-r2/)
I have also checked that the "NFS Client" is ticked on ESXi Client firewall settings.
Windows Firewall has been disabled.
I have tried using both the host name and IP when creating the NFS storage, but results with the same error which looks like it is related to permissions. The Windows NFS share has "everyone" and "anonymous" with full access to the share.
Unfortunately I have limited knowledge with NFS/Unix shares therefore am unsure of the best way to test these are setup correctly. I am also very new to vSphere, so all the advise would be helpful. This setup is in a new environment, with 1 single host connected on the same network by vSphere client. Can anyone advise a step-by-step guide to obtain log files?
Many Thanks
Check if UNIX Clientt have permission to mount the NFS volume or probably you have to create User Name mapping (http://technet.microsoft.com/en-us/library/bb463218.aspx) and also make sure you have VMkernel port enabled on the ESXi host
Please post the log from /var/log/messages
Can you check i "Allow root access is enabled" in permission tab
Thanks for your time responding.
From my understanding username mapping has been removed from Windows Server 2008 R2 and it therefore unavailable. I have configured full access and the domain name settings in the Windows "Services for Network File System" interface under the "Client NFS" properties.
Error shown in var/log/vmkernal.log is:
2012-02-26T22:07:59.685Z cpu1:3369)NFS: 157: Command: (mount) Server: (192.168.1.40) IP: (192.168.1.40) Path: (nfs) Label: (nfs) Options: (None)
I have also checked the "Allow root access is enabled" in the permission tab and it matches the configuration your screenshot shows.
All settings have been factory reset and the networking has the VMkernel listed. The iSCSI port binding is greyed out if relative.
Do you have VMkernel port in 192.168.1.* network?
Are you able to ping VMkernel IP address from your Windows 2008R2 (NFS) server and vice-versa?
Please post your host network seting
Please refer step-by-setp guides as per above link and see if your Windows has correct settings.
Thanks for the link. There is a slightly different interface for R2. But all the settings appear to be the same "cmd -> ntfsshare nfs"
Alias = NFS
Path = S:\NFS
Supported security flavors are SYS
Encoding = ansi
UNMAPPED UNIX USER access disallowed
ANONYMOUS access allowed
Anonymous UID = -2
Anonymous GID = -2
HOST ACCESS :
ALL MACHINES read-write Root Access Allowed ansi
There is an additional output "UNMAPPED UNIX USER access disallowed" - If I edit the NFS share and select "Allow unmapped user Unix access (by UID/GID)" I get this printout.
Alias = NFS
Path = S:\NFS
Supported security flavors are SYS
Encoding = ansi
UNMAPPED UNIX USER access allowed
ANONYMOUS access disallowed
Anonymous UID = -2
Anonymous GID = -2
HOST ACCESS :
ALL MACHINES read-write Root Access Allowed ansi
If I select "Allow unmapped user Unix access (by UID/GID)" or "Allow anonymous access" with "UID -2" "GID -2" I see get the same error within ESXi.
It's frustrating as there must be some simple tickbox that i'm missing :smileyconfused: but not many articals relate to 2008 R2
Take a look at this video
Thank you for the responses. I was unable to test yesterday.
I'm fairly confident that the NFS shares are configured correctly looking at all the tutorials and guides.
I've setup another NFS share from a new Windows Server 2008 VM using the exact steps listed. I still receive the same error listed which points me towards the network config in ESXi.
C:\Users\server>nfsshare
NFS = C:\NFS
C:\Users\server>nfsshare nfs
Alias = NFS
Path = C:\NFS
Encoding = ansi
ANONYMOUS access allowed
Anonymous UID = -2
Anonymous GID = -2
HOST ACCESS :
ALL MACHINES read-write Root Access Allowed ansi
Is there any specific system log that I can export and look at to confirm the network settings are correct?
Hi Edward,
error 2 usually stands for: The system cannot find.....
I might be wrong, but in general the value used for path should always start with / (slash).
You should retry the mount with the following parameters.
Good luck
Ralf
I finally figured out the problems was very simple (I through it would be something I was missing, it always is!)
The NFS share is case sensitive.
My share was created in UPPERCASE and I was adding the share /nfs. Added /NFS and all working. I didn't realise that it was so Finicky.
Many Thanks for all the replys and answers. I really am grateful and learnt a lot from this!
One thing is important: anonymous acces to Windows NFS is not supported on Windows 2008 R2 Cluster.
Hi ,
Since you are getting "The mount request was denied by the NFS server. Check that the export exists and that the client is permitted to mount it. An unknown error has occurred."
simple step , if you think that you have fulfilled all the mandatory steps mentioned in many of the blogs and KB article.
Try : in ESXI add storage GUI Option
server : IP address only
folder :C:\Users\Administrator\Desktop\Share (description below)
<if you are using windows native NFS share , Using below command you can see the complete path and please give the same here c:\Users\Administrator\Desktop\Share >
Issue below command with your share name in windows host ,
C:\Users\Administrator>nfsshare share
Alias = Share
Path = C:\Users\Administrator\Desktop\Share
Supported security flavors are SYS
Encoding = ansi
UNMAPPED UNIX USER access allowed
ANONYMOUS access disallowed
Anonymous UID = -2
Anonymous GID = -2
HOST ACCESS :
ALL MACHINES read-write Root Access Allowed ansi
I hope below troubleshooting will also help if you have some different issue
Enable SSH on ESXI and putty log in to targeted ESXI and ping using vmkernel . I believe each esxi having vmkernel configured.
vmkping nfsserverip (vmkping command only support from esxi shell , it is not a part of vMA as of now .)
if it is pinging to destination Windows NFS IP . you have done . you can try the FQDN ping also here .
Regards
Hari Rajan
Thanks & Regards in Plenteous .
Hari Rajan
just tested it today, these settings worked on my test environment (my nfs server setup is not secured though).
On Windows 2008 R2
1) Server Manager > Add role > File Services > Added File Services and Services for Network File System
2) After the role is installed Server Manager > File Services > Share and Storage Management > Provision Share wizard (on the Actions Pane)
3) Select the Location of the Folder to be Shared (on my case E:\NFS-Share3)
4) On Share Protocol, select “NFS”
5) On NFS Authentication, don’t check both Kerberos checkbox, select “Enable unmapped user access” and “Allow unmapped user Unix access (by UID/GID)
6) On the NFS Permission, Edit the default, set “Access Permission” to Read-Write and put a check on “Allow root access”.
And you are set.
On ESXi 5
On the host where you want to add the NFS share:
1) Navigate to Configuration > Security Profile > Firewall > Properties
2) Put a check on NFS Client
3) Navigate to Storage> Add Storage > Network File System
4) Key in the ip address or hostname of your Win2k8 R2 NFS server, (e.x. 10.10.11.10) then on the Folder, key in the name of your NFS Share (e.x. NFS-Share3) (case sensitive) and the name of the Datastore (e.x. NFS-3)
i have attached the screenshots.
i hope it helps
I had this same issue and found that it was a UDP versus TCP issue on the Windows NFS server. I have written a short blog entry about it. DaveOnline: Using Windows 2012 NFS with VMware ESX