Share a filesystem (like nfs) across the Internet

raindog308 · Feb 27, 2014

What do you use to share a filesystem across the Internet?

Like nfs, but

works on OpenVZ
works well across the Internet

In other words, server1 shares /foo and server2 mounts /foo and can reader/write to /foo.

sshfs? My only concern there is that I believe it runs over the ssh port...typically my ssh port is open to the world. I'd prefer something I could lock down a bit more with iptables.

I've used nfs extensively on the lan but...not across the net. I'm not sure it's well-supported in OvZ.

I don't need a lot of performance...but ideally something that can tolerate the usual network hiccups that happen across the 'net.

WebSearchingPro · Feb 27, 2014

SSHFS

dano · Feb 27, 2014

Pretty sure you know of gluster:

"The final volume may then be mounted by the client host using its own native protocol via the FUSE mechanism"

I usually use nfs for sharing gluster machine's data -- I guess it does have it's own way also(api as well), although I haven't tried it, but it could be an alternative for you, for multiple machines with sharing ability.

perennate · Feb 27, 2014

My only concern there is that I believe it runs over the ssh port...typically my ssh port is open to the world. I'd prefer something I could lock down a bit more with iptables.

SSHFS is a nice wrapper on top of SFTP for mounting, I don't really understand your problem with it.

KuJoe · Feb 27, 2014

I use NFS personally. I run the nsfd server on an OpenVZ VPS and mount the share across all of my ESXi hosts (GA, NC, and CO). It works really nice.

raindog308 · Feb 27, 2014

perennate said:
SSHFS is a nice wrapper on top of SFTP for mounting, I don't really understand your problem with it.

If I say in iptables that only certain IPs can access that port, then I can only ssh from those IPs, right?

NodeBytes · Feb 27, 2014

I'm using AFP (Apple File Protocol) across all my servers and machines. It works well and integrates with my macbook and servers really well.

howardsl2 · Feb 27, 2014

You can run multiple SSHD processes each having its own config file and listen on different ports. There are tutorials on Google. After that, make a dedicated user for sshfs e.g. autossh, use AllowUsers to restrict the first SSHD to root, for example, and the second SSHD to autossh only. Also under match user autossh, allow only sftp with chroot. Problem solved.

rapidnode · Feb 27, 2014

sshfs with key based auth of course. You should be able to restrict users per IP like this: AllowUsers [email protected] sshfsuser

NickM · Feb 27, 2014

I'm with @KuJoe on this one. NFS over the internet has worked fine, in my experience. If you're going over the internet, use NFSv4 with kerberos, or NFSv3 with a VPN. I particularly like tinc for this. In fact, this is how HostGuard handles sharing ISOs/templates by default - NFS over a tinc VPN, with the NFS server only allowing NFS connections from the tinc subnet.

Edit: It works fine in OpenVZ if the container has --features "nfsd

n" (for NFS servers) or --features "nfs

n" for clients.

Share a filesystem (like nfs) across the Internet

raindog308

vpsBoard Premium Member

WebSearchingPro

VPS Peddler

dano

New Member

perennate

New Member

KuJoe

Well-Known Member

raindog308

vpsBoard Premium Member

NodeBytes

Dedi Addict

howardsl2

New Member

rapidnode

New Member

NickM

New Member