[root@cu3 data]# yum install nfs-utils -y 
[root@cu3 data]# chmod -R 777 /data/k8s-dta

systemctl enable rpcbind
systemctl enable nfs-server
systemctl enable nfs-lock
systemctl enable nfs-idmap

systemctl start rpcbind
systemctl start nfs-server
systemctl start nfs-lock
systemctl start nfs-idmap

[root@cu3 data]# vi /etc/exports
/data/k8s-dta 192.168.0.0/24(rw,sync,no_root_squash,no_all_squash)

/data/k8s-dta – 共享目录
192.168.0.0/24 – 允许访问NFS的客户端IP地址段
rw – 允许对共享目录进行读写
sync – 实时同步共享目录
no_root_squash – 允许root访问
no_all_squash - 允许用户授权
no_subtree_check - 如果卷的一部分被输出，从客户端发出请求文件的一个常规的调用子目录检查验证卷的相应部分。如果是整个卷输出，禁止这个检查可以加速传输。
no_subtree_check - If only part of a volume is exported, a routine called subtree checking verifies that a file that is requested from the client is in the appropriate part of the volume. If the entire volume is exported, disabling this check will speed up transfers. Setting Up an NFS Server

systemctl restart nfs-server

firewall-cmd --permanent --zone=public --add-service=ssh
firewall-cmd --permanent --zone=public --add-service=nfs
firewall-cmd --reload

[root@cu2 opt]# yum install -y nfs-utils

[root@cu2 opt]# mount cu3:/data/k8s-dta dta
[root@cu2 opt]# touch dta/abc
[root@cu2 opt]# ll dta
total 0
-rw-r--r-- 1 root root 0 Aug  3  2017 abc

[root@cu3 data]# ll k8s-dta/
total 0
-rw-r--r-- 1 root root 0 Aug  3 15:19 abc

# In this post 10.8.133.83 will be the IP of our NFS Server.
$ apt update && sudo apt upgrade -y
$ sudo apt-get install nfs-kernel-server nfs-common -y

$ mkdir /vol
$ chown -R nobody:nogroup /vol

# We need to set in the exports file, the clients we would like to allow:
# 
# rw: Allows Client R/W Access to the Volume.
# sync: This option forces NFS to write changes to disk before replying. More stable and Consistent. Note, it does reduce the speed of file operations.
# no_subtree_check: This prevents subtree checking, which is a process where the host must check whether the file is actually still available in the exported tree for every request. This can cause many problems when a file is renamed while the client has it opened. In almost all cases, it is better to disable subtree checking.
# In order for the containers to be able to change permissions, you need to set (rw,async,no_subtree_check,no_wdelay,crossmnt,insecure,all_squash,insecure_locks,sec=sys,anonuid=0,anongid=0)
$ echo '/vol 10.8.133.83(rw,sync,no_subtree_check) 10.8.166.19(rw,sync,no_subtree_check) 10.8.142.195(rw,sync,no_subtree_check)' >> /etc/exports

$ sudo systemctl restart nfs-kernel-server
$ sudo systemctl enable nfs-kernel-server

$ sudo apt-get install nfs-common -y

$ sudo mount 10.8.133.83:/vol /mnt
$ sudo umount /mnt
$ df -h

$ sudo bash -c "echo '10.8.133.83:/vol /mnt nfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0' >> /etc/fstab"
$ sudo mount -a
$ df -h