Configure the NFS Gateway
You must ensure that the proxy user for the NFS Gateway can proxy all the users accessing the NFS mounts. In addition, you must configure settings specific to the Gateway.
- 
                Ensure that the proxy user for the NFS Gateway can proxy all the users
                    accessing the NFS mounts.
                In non-secure mode, the user running the Gateway is the proxy user, while in secure mode the user in Kerberos keytab is the proxy user.If a usernfsserveris running the Gateway and there are users belonging to groupsnfs-users1andnfs-users2, then set the following values incore-site.xmlon the NameNode. Note NoteReplace nfsserverwith the user account that starts the Gateway in your cluster.<property> <name>hadoop.proxyuser.nfsserver.groups</name> <value>nfs-users1,nfs-users2</value> <description> The 'nfsserver' user is allowed to proxy all members of the 'nfs-users1' and 'nfs-users2' groups. Set this to '*' to allow nfsserver user to proxy any group. </description> </property> <property> <name>hadoop.proxyuser.nfsserver.hosts</name> <value>nfs-client-host1.com</value> <description> This is the host where the nfs gateway is running. Set this to '*' to allow requests from any hosts to be proxied. </description> </property>For a Kerberized cluster, set the following properties inhdfs-site.xml:<property> <name>dfs.nfsgateway.keytab.file</name> <value>/etc/hadoop/conf/nfsserver.keytab</value> <!-- path to the nfs gateway keytab --> </property> <property> <name>dfs.nfsgateway.kerberos.principal</name> <value>nfsserver/_HOST@YOUR-REALM.COM</value> </property>
- 
                Configure settings for the NFS Gateway. 
                The NFS Gateway uses the same settings that are used by the NameNode and DataNode. Configure various properties based on your application's requirements:- 
                        Edit the hdfs-site.xml file on your NFS Gateway
                            machine. 
                        <property> <name>dfs.namenode.accesstime.precision</name> <value>3600000</value> <description> The access time for HDFS file is precise up to this value. The default value is 1 hour. Setting a value of 0 disables access times for HDFS. </description> </property> NoteIf the export is mounted with access time update allowed, ensure that this property is not disabled in the configuration file. Only the NameNode needs to restart after this property is changed. If you have disabled access time update by mounting with NoteIf the export is mounted with access time update allowed, ensure that this property is not disabled in the configuration file. Only the NameNode needs to restart after this property is changed. If you have disabled access time update by mounting withnoatime, you do NOT have to change this property nor restart your NameNode.
- 
                        Add the value of the dfs.nfs3.dump.dirproperty inhdfs-site.xml.<property> <name>dfs.nfs3.dump.dir</name> <value>/tmp/.hdfs-nfs</value> </property> NoteThe NFS client often reorders writes. Sequential writes can arrive at the NFS Gateway in a random order. This directory is used to temporarily save out-of-order writes before writing to HDFS. Ensure that the directory has enough space. For example, if the application uploads 10 files with each having 100MB, it is recommended for this directory to have 1GB space in case a write reorder happens to every file. NoteThe NFS client often reorders writes. Sequential writes can arrive at the NFS Gateway in a random order. This directory is used to temporarily save out-of-order writes before writing to HDFS. Ensure that the directory has enough space. For example, if the application uploads 10 files with each having 100MB, it is recommended for this directory to have 1GB space in case a write reorder happens to every file.
- 
                        Update the value of the dfs.nfs.exports.allowed.hostsproperty inhdfs-site.xmlas specified.<property> <name>dfs.nfs.exports.allowed.hosts</name> <value>* rw</value> </property> NoteBy default, the export can be mounted by any client. You must update this property to control access. The value string contains the machine name and access privilege, separated by whitespace characters. The machine name can be in single host, wildcard, or IPv4 network format. The access privilege uses NoteBy default, the export can be mounted by any client. You must update this property to control access. The value string contains the machine name and access privilege, separated by whitespace characters. The machine name can be in single host, wildcard, or IPv4 network format. The access privilege usesrworroto specifyreadwriteorreadonlyaccess to exports. If you do not specify an access privilege, the default machine access to exports isreadonly. Separate machine entries by;. For example,192.168.0.0/22 rw ; host*.example.com ; host1.test.org ro;.
- Restart the NFS Gateway.
- Optional: 
                        Customize log settings by modifying the log4j.propertyfile.To change the trace level, add the following:log4j.logger.org.apache.hadoop.hdfs.nfs=DEBUGTo view more information about ONCRPC requests, add the following:log4j.logger.org.apache.hadoop.oncrpc=DEBUG
 
- 
                        Edit the hdfs-site.xml file on your NFS Gateway
                            machine. 
                        
- 
                Specify JVM heap space (HADOOP_NFS3_OPTS) for the NFS
                    Gateway. 
                You can increase the JVM heap allocation for the NFS Gateway using this option. To set this option, specify the following inhadoop-env.sh:export HADOOP_NFS3_OPTS=<memory-setting(s)>The following example specifies a 2GB process heap (2GB starting size and 2GB maximum):export HADOOP_NFS3_OPTS="-Xms2048m -Xmx2048m"
- 
                To improve the performance of large file transfers, you can increase the values
                    of the dfs.nfs.rtmax and dfs.nfs.wtmax
                    properties.
                These properties are configuration settings on the NFS Gateway server that change the maximum read and write request size supported by the Gateway. The default value for both settings is 1MB.

