I sometimes notice this role hangs on the the task:

NOTIFIED: [geerlingguy.nfs | restart nfs] *************************************

Digging into the /var/log/messages log, I noticed that NFS kept trying to bind, but wouldn't. This forum thread gave me the hint that maybe rpcbind wasn't running. Starting it allowed the restart to succeed.

Therefore, maybe this role should just start rpcbind no matter what, and just start the NFS daemon if there are exports configured.

As the title says... I want to see if things will work as well with Molecule.

RedHat's documentation is, admittedly, a little light on reasoning, but they seem to suggest that changes to /etc/exports should be handled by running exportfs -ar instead of restarting nfsd:

• exportfs syncs current exports without restarting nfs
• Restarting NFS reloads /etc/exports and also /etc/sysconfig/nfs

I'm not entirely clear on the client impact, but it seems preferable to keep the nfs server running during the config update, and able to negotiate with clients. In pseudocode (or rather, borrowed from one of my roles…) the new handlers would look something like:

- name: Re-export all shared directories
  command: /usr/sbin/exportfs -r -a
  listen:
    - nfs__event__export_directory_created
    - nfs__event__exports_reconfigured

- name: Restart NFS
  service:
    name: "{{ nfs__service_name }}"
    state: restarted
  listen:
    - nfs__event__nfsd_reconfigured

What are your thoughts on this?

Edit: On inspection, it looks like service nfs reload on RHEL/CentOS6 is actually just a wrapper over exportfs. Not sure how universal that is, but it makes for a cleaner method of reloading /etc/exports.

Debian/Ubuntu systems won't set up the NFS shares correctly without rpcbind running.

`

tree .
.
├── defaults
│   └── main.yml
├── handlers
│   └── main.yml
├── LICENSE
├── meta
│   └── main.yml
├── molecule
│   └── default
│   ├── converge.yml
│   └── molecule.yml
├── README.md
├── tasks
│   ├── main.yml
│   ├── setup-Debian.yml
│   └── setup-RedHat.yml
├── templates
│   └── exports.j2
└── vars
├── Debian.yml
├── Fedora.yml
├── RedHat-6.yml
└── RedHat.yml

8 directories, 15 files
/home/vagrant/ansible/playbooks/httpd/ansible-role-nfs

molecule test
--> Test matrix

└── default
├── dependency
├── lint
├── cleanup
├── destroy
├── syntax
├── create
├── prepare
├── converge
├── idempotence
├── side_effect
├── verify
├── cleanup
└── destroy

--> Scenario: 'default'
--> Action: 'dependency'
Skipping, missing the requirements file.
Skipping, missing the requirements file.
--> Scenario: 'default'
--> Action: 'lint'
--> Executing: set -e
yamllint .
ansible-lint
./.travis.yml
17:121 warning line too long (173 > 120 characters) (line-length)

--> Scenario: 'default'
--> Action: 'cleanup'
Skipping, cleanup playbook not configured.
--> Scenario: 'default'
--> Action: 'destroy'
Skipping, destroy action has no playbook.
--> Scenario: 'default'
--> Action: 'syntax'
ERROR! the role 'geerlingguy.nfs' was not found in /home/vagrant/ansible/playbooks/httpd/a
sible-role-nfs/molecule/default/roles:/home/vagrant/.cache/molecule/ansible-role-nfs/defau
t/roles:/home/vagrant/ansible/playbooks/httpd:/home/vagrant/.ansible/roles:/usr/share/ansi
le/roles:/etc/ansible/roles:/home/vagrant/ansible/playbooks/httpd/ansible-role-nfs/molecul
/default

The error appears to be in '/home/vagrant/ansible/playbooks/httpd/ansible-role-nfs/molecul
/default/converge.yml': line 13, column 7, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

roles:
- role: geerlingguy.nfs
^ here
ERROR:
An error occurred during the test sequence action: 'syntax'. Cleaning up.
--> Scenario: 'default'
--> Action: 'cleanup'
Skipping, cleanup playbook not configured.
--> Scenario: 'default'
--> Action: 'destroy'
Skipping, destroy action has no playbook.
--> Pruning extra files from scenario ephemeral directory

~/a/p/h/ansible-role-nfs on master !1

                                                                                    `

See title.

Starting today, i get the following error when i try to install nfs role:

07:15:05 TASK [geerlingguy.nfs : Ensure NFS utilities are installed.] ******************* 07:15:07 fatal: [40.127.105.50]: FAILED! => {"cache_update_time": 1591785932, "cache_updated": false, "changed": false, "msg": "'/usr/bin/apt-get -y -o \"Dpkg::Options::=--force-confdef\" -o \"Dpkg::Options::=--force-confold\" install 'nfs-common' 'nfs-kernel-server'' failed: E: Failed to fetch http://azure.archive.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.2.8-9ubuntu12.2_amd64.deb 404 Not Found\n\nE: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?\n", "rc": 100, "stderr": "E: Failed to fetch http://azure.archive.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.2.8-9ubuntu12.2_amd64.deb 404 Not Found\n\nE: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?\n", "stderr_lines": ["E: Failed to fetch http://azure.archive.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.2.8-9ubuntu12.2_amd64.deb 404 Not Found", "", "E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?"], "stdout": "Reading package lists...\nBuilding dependency tree...\nReading state information...\nThe following package was automatically installed and is no longer required:\n grub-pc-bin\nUse 'sudo apt autoremove' to remove it.\nThe following additional packages will be installed:\n libnfsidmap2 libtirpc1 rpcbind\nSuggested packages:\n watchdog\nThe following NEW packages will be installed:\n libnfsidmap2 libtirpc1 nfs-common nfs-kernel-server rpcbind\n0 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.\nNeed to get 420 kB of archives.\nAfter this operation, 1717 kB of additional disk space will be used.\nGet:1 http://azure.archive.ubuntu.com/ubuntu xenial/main amd64 libnfsidmap2 amd64 0.25-5 [32.2 kB]\nGet:2 http://azure.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libtirpc1 amd64 0.2.5-1ubuntu0.1 [75.4 kB]\nGet:3 http://azure.archive.ubuntu.com/ubuntu xenial/main amd64 rpcbind amd64 0.2.3-0.2 [40.3 kB]\nErr:4 http://azure.archive.ubuntu.com/ubuntu xenial-updates/main amd64 nfs-common amd64 1:1.2.8-9ubuntu12.2\n 404 Not Found\nGet:5 http://azure.archive.ubuntu.com/ubuntu xenial-updates/main amd64 nfs-kernel-server amd64 1:1.2.8-9ubuntu12.2 [87.7 kB]\nFetched 236 kB in 0s (7607 kB/s)\n", "stdout_lines": ["Reading package lists...", "Building dependency tree...", "Reading state information...", "The following package was automatically installed and is no longer required:", " grub-pc-bin", "Use 'sudo apt autoremove' to remove it.", "The following additional packages will be installed:", " libnfsidmap2 libtirpc1 rpcbind", "Suggested packages:", " watchdog", "The following NEW packages will be installed:", " libnfsidmap2 libtirpc1 nfs-common nfs-kernel-server rpcbind", "0 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.", "Need to get 420 kB of archives.", "After this operation, 1717 kB of additional disk space will be used.", "Get:1 http://azure.archive.ubuntu.com/ubuntu xenial/main amd64 libnfsidmap2 amd64 0.25-5 [32.2 kB]", "Get:2 http://azure.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libtirpc1 amd64 0.2.5-1ubuntu0.1 [75.4 kB]", "Get:3 http://azure.archive.ubuntu.com/ubuntu xenial/main amd64 rpcbind amd64 0.2.3-0.2 [40.3 kB]", "Err:4 http://azure.archive.ubuntu.com/ubuntu xenial-updates/main amd64 nfs-common amd64 1:1.2.8-9ubuntu12.2", " 404 Not Found", "Get:5 http://azure.archive.ubuntu.com/ubuntu xenial-updates/main amd64 nfs-kernel-server amd64 1:1.2.8-9ubuntu12.2 [87.7 kB]", "Fetched 236 kB in 0s (7607 kB/s)"]}

I see it cannot find http://azure.archive.ubuntu.com/ubuntu/pool/main/n/nfs-utils/nfs-common_1.2.8-9ubuntu12.2_amd64.deb 404 Not Found and looking in http://azure.archive.ubuntu.com/ubuntu/pool/main/n/nfs-utils/ it is indeed not there anymore. The library was upgraded 2 days ago to 1.2.8-9ubuntu12.3:

  | nfs-common_1.2.8-9ubuntu12.3_amd64.deb | 2020-06-22 13:32 | 181K
  | nfs-common_1.2.8-9ubuntu12.3_i386.deb | 2020-06-22 13:32 | 187K

Can you please update the library in the ansible role as well?

Thanks!

Any thoughts on creating a NFSv4 server role - avoiding rpcbind/portmap?

See title.

Hi,

I tested the role and it works very well, but when I mount the exported shares on an other host, nobody can create files. I used become: true so the access right on the created folder is 755 with user:root and group:root.

To make the shares available a setfacl or chmod is needed. Or how do you handle this in playbooks? Shall I add a seperate role to add the functionality, or adding a PR for this role?

Regards
Christoph

CentOS 7.

Service named nfs-server.

Task:

    - name: Ensure nfs is running.
      service: "name=nfs-server state=started enabled=yes"

works

I only want to mount nfs shares from remote servers but this role changes /etc/exports and notifies nfs server => so it's get started.
But I don't want nfs be started 'cause all I need is to mount remote shares.

Leaving exports in just one line blocks evolutions of the role,

I let you a PR with enhancements

Hi,

I get the following message using your role:

[DEPRECATION WARNING]: The use of 'include' for tasks has been deprecated. Use 'import_tasks' for static 
inclusions or 'include_tasks' for dynamic inclusions. This feature will be removed in a future release. 
Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: include is kept for backwards compatibility but usage is discouraged. The module 
documentation details page may explain more about this rationale.. This feature will be removed in a future 
release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

I would suggest update the 2 followings in tasks/main.yml:

• - include: setup-RedHat.yml
• - include: setup-Debian.yml

Would be nice to have the ability to change the dynamic NFS port created by rpcbind to a fixed/static port.

Useful if you are firewalling the NFS server.

I'm afraid I don't know much more but until I perform a restart of the target system (plain Ubuntu server) i get errors on mounting (rejected by server) The share is exposed though.

Any idea?

• Issue type: Bug

Issue Description

I'm unable to run the role because I keep getting the error:

"E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)", "E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?"],

Here is my playbook definition:

    - name: "Install NFS"
      include_role:
        name: geerlingguy.nfs
        become: yes
      vars:
        nfs_exports: ["/mnt/efs/vault  *(ro, sync, no_root_squash)"]

I tried moving become: yes to under vars: but it still returns permission denied error. Then I tried moving it to under include_role: like above, but then it says:

ERROR! Invalid options for include_role: become

Can you help me with this please?

It is all over the place with Ansible 2.3.3.0 .

Is there any way to suppress warning at least ?