FSx for NetApp - mount.nfs: access denied by server while mounting

0

Cannot figure out what export-policy I should configure via ONTAP CLI to test mounting an FSx for NetApp NFS Volume from a Linux VM.

I did try many combinations of export policies but there is something which is still blocking the VM from mounting the NFS, can you assist with a sample policy that would work for all attempts or maybe point me to some log files I can check to find reason?

https://docs.netapp.com/us-en/ontap/nfs-config/add-rule-export-policy-task.html

asked a year ago1789 views
1 Answer
0

Here is an example export policy that should allow mounting an FSx for NetApp ONTAP NFS volume from a Linux VM:

export-policy policy_name 
{
  rules 
  {
    nfs_rule_1 
    {
      clients {0.0.0.0/0;} 
      ro_rule {sys; }
      rw_rule {sys;}
    }
  }
}

vserver vserver_name 
nfs modify -vserver vserver_name -export-policy policy_name /fsx_volume

This export policy allows read-write access from all IP addresses (0.0.0.0/0) to the /fsx_volume path.

Some things to check:

  • Make sure the security group for the FSx ONTAP file system allows inbound NFS traffic from the VM's security group
  • Confirm the mount command on the VM is using the correct FSx DNS name and path
  • Check export-policy rule show on ONTAP for any deny rules blocking access
  • Check ONTAP logs at /mroot/etc/log/ for any relevant entries
  • Try mounting first using IP address instead of DNS name
  • Verify NFSv3 or NFSv4 is enabled on the volume in ONTAP

Start with a permissive export policy allowing full access, then tighten it down once basic mounting is working. The ONTAP logs and export-policy commands should help identify any specific policies blocking access.

profile pictureAWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions