How to Install and Configure NFS Server for Kubernetes on Debian 12

admin Linux

Setting up a Network File System (NFS) server on Debian 12 is a crucial step for enabling persistent storage in Kubernetes clusters. NFS allows multiple Kubernetes nodes to access shared storage, making it ideal for stateful applications such as databases, file servers, and distributed services.

This guide walks you through installing and configuring an NFS server on Debian 12 to be used with Kubernetes.

Prerequisites

  • A Debian 12 server with root or sudo access
  • Static IP address configured on the NFS server
  • Basic knowledge of Linux command line and file system management
  • Kubernetes cluster (worker nodes will connect to this NFS server)

Step 1: Update the System

Before installing any packages, ensure your system is up to date:

sudo apt update && sudo apt upgrade -y

Step 2: Install NFS Kernel Server

Install the nfs-kernel-server package, which provides the NFS server functionality:

sudo apt install nfs-kernel-server -y

This package includes all necessary tools and daemons to run an NFS server.

Step 3: Create Shared Directory

Create a directory that will be exported via NFS. In this example, we’ll use /data/nfs as the shared folder:

sudo mkdir-p /data/nfs

Ensure proper permissions so that clients can read and write data:

sudo chown nobody:nogroup /data/nfs
sudo chmod 777 /data/nfs

Note: Adjust permissions based on your security requirements. Using 777 is permissive and suitable for testing environments.

Step 4: Configure NFS Exports

Edit the /etc/exports file to define which directories are shared and with what permissions:

sudo nano /etc/exports

Add the following line to allow all Kubernetes nodes (or a specific subnet) to access the share:

/data/nfs *(rw,sync,no_subtree_check,no_root_squash)

Explanation of Options:

  • rw: Allows read and write access.
  • sync: Ensures data is written to disk before replying (safer than async).
  • no_subtree_check: Disables subtree checking for improved reliability.
  • no_root_squash: Preserves root privileges from clients — useful for Kubernetes, but use with caution in production.

🔐 Security Tip: Replace * with specific IP addresses or subnets (e.g., 192.168.1.0/24) in production to restrict access.

Example with subnet:

/data/nfs 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)

Step 5: Export the Shared Directory

Apply the configuration by exporting the shares:

sudo exportfs -r

This command reloads the export table and makes the directory available over NFS.

To verify current exports:

sudo exportfs -v

You should see output like:

/data/nfs *(rw,sync,wdelay,no_root_squash,no_subtree_check)

Step 6: Start and Enable NFS Services

Ensure the NFS server is running and enabled at boot:

sudo systemctl enable nfs-server
sudo systemctl start nfs-server

Check the status:

sudo systemctl status nfs-server

You should see active (running) if everything is set up correctly.

Step 7: Configure Firewall (Optional)

If you’re using ufw, allow NFS traffic:

sudo ufw allow from 192.168.1.0/24 to any port nfs

Replace the subnet with your actual network range.

Alternatively, open standard NFS ports:

  • Port 2049 (NFS)
  • Port 111 (portmapper)
sudo ufw allow 2049
sudo ufw allow 111

Step 8: Test NFS Share from a Client

From a Kubernetes node (or test client), install the NFS client:

sudo apt install nfs-common -y

Create a mount point and test mounting:

sudo mkdir -p /mnt/nfs-test
sudo mount 192.168.1.100:/data/nfs /mnt/nfs-test

Replace 192.168.1.100 with your NFS server’s IP.

Verify the mount:

df -h | grep nfs

Create a test file:

echo "NFS Test" | sudo tee /mnt/nfs-test/testfile.txt

Check on the NFS server:

cat /data/nfs/testfile.txt

Unmount when done:

sudo umount /mnt/nfs-test

Step 9: Use NFS in Kubernetes

To use NFS with Kubernetes, deploy an NFS client provisioner or use a CSI driver. One popular method is using the NFS Subdir External Provisioner.

Example: Deploy NFS Client Provisioner

  1. Add the Helm repository:
helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner
  1. Install the provisioner:
helm install nfs-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \

--set nfs.server=192.168.1.100 \

--set nfs.path=/data/nfs
  1. Now you can create PersistentVolumeClaims (PVCs) that dynamically provision storage via NFS.

Conclusion

You’ve successfully installed and configured an NFS server on Debian 12 for use with Kubernetes. This shared storage setup enables persistent volumes across your cluster, supporting stateful applications efficiently.

Final Tips:

  • Monitor disk usage of /data/nfs.
  • Back up critical data regularly.
  • Restrict access via IP and consider using firewalls or VLANs.
  • For production, consider high availability using clustered NFS or distributed file systems.

With this foundation, your Kubernetes cluster now has scalable, shared storage powered by NFS on Debian 12.

Leave a Reply

Your email address will not be published. Required fields are marked *