This topic describes how to mount a Server Message Block (SMB) file system on a Linux Elastic Compute Service (ECS) instance. This topic also describes how to perform read and write operations on the SMB file system.

Prerequisites

  • An ECS instance is available in the region where you want to create a file system.

    The ECS instance must run one of the following Linux distributions. Unless otherwise specified, this topic addresses only these Linux distributions:

    • CentOS 7.6 64-bit (3.10.0-957.5.1.el7.x86_64)
    • Ubuntu 18.04 64-bit (4.15.0-48-generic)
    • Debian 9.9 64-bit (4.9.0-9-amd64)
    • SUSE Linux Enterprise Server 12 SP2 64-bit (4.4.74-92.35-default)
    • openSUSE 42.3 64-bit (4.4.90-28-default)
    • Aliyun Linux (4.19.34-11.al7.x86_64)
    • CoreOS (4.19.43-coreos VersionID=2079.4.0)
    Note If you use an inapplicable version of Linux, errors may occur on the SMB kernel client in some scenarios. In this case, Alibaba Cloud cannot ensure the reliability of SMB file systems.
  • The network is available.
    • The Linux ECS instance and the SMB file system reside in the same network, for example, in the same virtual private cloud (VPC).
    • The IP address of the Linux ECS instance is in the permission group of the SMB file system so that the instance can access the SMB file system.
    • Transmission Control Protocol (TCP) port 445 is open for the Linux ECS instance to access the SMB file system.

      If port 445 is closed, we recommend that you add a rule to a security group of the ECS instance for the port. For more information, see Add security group rules.

  • An SMB file system is created. For more information, see Create a file system.
  • A mount target is added to the SMB file system. For more information, see Create a mount target.
  • The required software is installed.

    The SMB kernel client is pre-installed on the Linux ECS instance. The cifs-utils package is installed.

Install the cifs-utils package

Install the SMB kernel client and the cifs-utils package by using the method that is specific to your Linux distribution:

  • If you are using Ubuntu or Debian, use the apt-get package manager to install the cifs-utils package.
    sudo apt-get update
    sudo apt-get install cifs-utils
  • If you are using Red Hat Enterprise Linux (RHEL), CentOS, or Aliyun Linux, use the Yellowdog Updater, Modified (YUM) package manager to install the cifs-utils package.
    sudo yum install cifs-utils
  • If you are using openSUSE or SUSE Linux Enterprise Server 12 Service Pack 2 (SLES 12 SP2), use the Zypper or Yet another Setup Tool (YaST) package manager to install the cifs-utils package.
    sudo zypper install cifs-utils
    sudo yast2 -> Software -> Software Management install cifs-utils
  • If you are using CoreOS, perform the following steps to install the cifs-utils package:
    1. Configure Security-Enhanced Linux (SELinux).
      sed -i 's/SELINUXTYPE=mcs/SELINUXTYPE=targeted/' /etc/selinux/config
    2. Compile and install the cifs-utils package on a CoreOS ECS instance.

      You can run the following command to create a Fedora container to compile the cifs-utils package. You can also download the cifs-utils package that Alibaba Cloud provides for CoreOS and copy the package to the /tmp or /bin directory.

      $ docker run -t -i -v /tmp:/cifs fedora /bin/bash
      
      fedora # yum groupinstall -y "Development Tools" "Development Libraries"
      
      fedora # yum install -y bzip2
      
      fedora # curl https://download.samba.org/pub/linux-cifs/cifs-utils/cifs-utils-
      
      6.9.tar.bz2 --output cifs-utils-6.9.tar.bz2;
      
      fedora # bunzip cifs-utils-6.9.tar.bz2; && tar xvf cifs-utils-6.9.tar
      
      fedora # cd cifs-utils-6.9; ./configure && make
      
      fedora # cp mount.cifs /cifs/
      
      fedora # exit

Mount a file system

  1. Log on to the Linux ECS instance as a root user or a sudo-enabled user.
  2. Run the following command to mount the file system:
    mount -t cifs //xxx-crf23.eu-west-1.nas.aliyuncs.com/myshare /mnt -o vers=2.0,guest,uid=0,gid=0,dir_mode=0755,file_mode=0755,mfsymlinks,cache=strict,rsize=1048576,wsize=1048576

    Command syntax: mount -t cifs //<Domain name of the mount target>/myshare <Path of the shared directory> -o <Mount options>

    Parameter Description
    File system type For an SMB file system, specify -t cifs in the command.
    Domain name of the mount target Specify the domain name of the mount target in the command. The domain name is automatically generated when you create the mount target. For more information about mount targets, see Manage mount targets.
    myshare share is the name of the SMB share. The name cannot be changed.
    Path of the shared directory The path of the directory to which the SMB file system is mounted. For example, you can specify /mnt/sharepath.
    Mount options

    Specify the required mount options following the -o argument in the mount command:

    • vers: specifies the version of the SMB protocol. Specify 2.0 for the option.
    • guest: specifies the account that you use to mount the file system. You must use the guest account that is authenticated based on the NT LAN Manager (NTLM) protocol. You can specify one of the following statements for the option: username=guest, password=guest, or guest.
      Note The NTLM, NTLMv2, and NTLM Security Support Provider (SSP) protocols are applicable. By default, the SMB client negotiates an applicable protocol with Apsara File Storage NAS to mount a file system. You can also set the sec option to ntlm, ntlmv2, or ntlmssp.
    • rsize: specifies the maximum size of a data packet that the SMB client can read from the SMB file system. In most cases, set this option to 1048576.
    • wsize: specifies the maximum size of a data packet that the SMB client can write to the SMB file system. In most cases, set this option to 1048576.

    The following options are optional:

    • uid: specifies the user to which the files in the file system belong after a successful mount. The default value of uid is 0.
    • gid: specifies the user group to which the files in the file system belong after a successful mount. The default value of gid is 0.
    • dir_mode: specifies the read, write, and execute permissions that you want to grant to the user on the share. The value must start with zero, for example, 0755 and 0644. The default value of dir_mode is 0755.
    • file_mode: specifies the read, write, and execute permissions that you want to grant to the user on files. The value must start with zero, for example, 0755 and 0644. The default value of file_mode is 0755.
    • mfsymlinks: specifies whether symbol links are supported.
    • cache:
      • If this option is set to strict, caching is enabled for the SMB client. The default value of cache is strict.
      • If this option is set to none, caching is disabled for the SMB client.
    • atime|relatime: If your business is not sensitive to file access time, we recommend that you do not set this option to atime. The default value of this option is relatime.
    Note
    • An authorized administrator of the Linux ECS instance has full control over the SMB file system.
    • You can run the mount | grep cifs command to view the information of a mount.
    • If you are using an inapplicable Linux distribution, we recommend that the kernel version of the distribution must be later than 3.10.0-514. If the kernel version of the distribution is earlier than or equal to 3.7, you must set the cache option to strict. You can run the uname -a command to view the kernel version.
  3. Run the mount -l command to view the mount result.

    The following figure shows an example of a successful mount.

  4. After you mount a file system, you can perform read and write operations on the file system.

    You can access the file system in the same way that you access a local directory. The following figure shows an example.

Scenarios

You can specify different mount options based on different scenarios. This section lists some typical scenarios and the corresponding mount options:

  • Shared access from multiple Linux ECS instances to a file system
    Multiple Linux ECS instances share access to a file system and you have no access control requirements. In this scenario, you can use an authorized administrator of each ECS instance to mount the file system on the ECS instances. The following command shows an example.
     mount -t cifs //smbfs.hangzhou-g.aliyun.com/myshare /mnt/sharepath -o vers=2.0,guest,mfsymlinks
  • Shared access from multiple Linux ECS instances to a home directory

    Multiple Linux ECS instances share access to a home directory and you need to control access from the users. You can set the uid, gid, dir_mode, and file_mode options in the mount command to manage permissions.

  • Shared access from multiple Linux ECS instances that function as web servers to a file system
    You can install web server applications such as Apache HTTP Server on multiple Linux ECS instances and use an SMB file system as shared file storage.
    Note
    • The SMB file system features shared access, horizontal scalability, and high availability. The performance of the SMB file system may be slightly compromised when users access small files in the SMB file system. This occurs because the mechanism of SMB file systems is different from that of local disks. In this scenario, we recommend that you store shared files in the SMB file system and other files in local disks to achieve optimal performance.
    • Apsara File Storage NAS provides an acceleration feature to bear heavy workloads of web server applications. You can contact Alibaba Cloud to enable this feature.
  • Shared access from both a Windows ECS instance and a Linux ECS instance to a file system

    A Windows ECS instance and a Linux ECS instance share access to an SMB file system. In this scenario, you must set the cache option to strict or use the default value of this option when you mount a file system on a Linux ECS instance.

For information about how to troubleshoot issues that you may encounter, see Troubleshoot issues when you access an SMB file system from a Linux ECS instance.