This topic describes how to create a file gateway and configure shares in the CSG console.

Prerequisites

  1. You have registered an Alibaba Cloud account and passed the real-name verification. For more information, see Sign up with Alibaba Cloud.
    Note We recommend that you log on to the CSG console as a RAM user. For more information, see Use RAM to implement account-based access control.
  2. You have activated the CSG service.

    When you log on to the for the first time, you can follow the instructions on the page to activate the CSG service.

  3. A Virtual Private Cloud (VPC) is available in the region where you want to create an in-cloud file gateway. For more information, see Create a VPC and a VSwitch.
  4. An Elastic Compute Service (ECS) instance is available in the region where you want to create an in-cloud file gateway. The ECS instance runs in the VPC that you have created. For more information, see Create an instance.
    Note If your local host has been connected to an Alibaba Cloud VPC through a leased line, you can also manage the file gateway on your local host.
  5. You have created an Object Storage Service (OSS) bucket. For more information, see Create buckets.
    Note
    • File gateways support OSS buckets of Standard, Infrequent Access (IA), and Archive storage classes.
    • If you do not enable a share to support the Archive storage class when you create the share, to read archives from the buckets, you must restore the archives from these buckets.

Step 1: Create a file gateway

  1. Log on to the CSG console.
  2. Select the region where you want to create a file gateway.
  3. In the left-side navigation pane, select Overview to go to the Overview page. In the Gateway Clusters section, click the target gateway cluster to go to the Gateway Cluster page, and then click Create.
    If you have not created any gateway cluster, on the Overview page, click Create Gateway Cluster to create a gateway cluster.
  4. On the Create Gateway dialog box that appears, set the following parameters, and click Next.
    Parameter Description
    Name Specify the name of the gateway that you want to create.

    The name must be 1 to 60 characters in length, and can contain letters, Chinese characters, digits, periods (.), underscores (_), and hyphens (-). It must start with a letter or a Chinese character.

    Location Specify the location where the target gateway is located. Valid values: On-premises and Alibaba Cloud.
    • On-premises: specifies a local file gateway that is deployed at your data center. You can deploy a local file gateway either in the CSG console or in the local file gateway console.
    • Alibaba Cloud: specifies an in-cloud file gateway that is deployed in Alibaba Cloud. You can deploy an in-cloud file gateway only in the CSG console.
    Type Specify the type of the gateway that you want to create. Set this parameter to File Gateway.
  5. Click Next to open the Configure Gateway tab, set the following parameters, and then click Next.

    If you set Location to Alibaba Cloud, you must specify the following gateway parameters.

    Parameter Description
    Model Specify the model of the gateway that you want to create. Valid values: Basic, Standard, Enhanced, and Advanced. For more information, see Specifications.
    VPC Specify the VPC where the target gateway is located.
    Note This must be the VPC where your ECS instance or local host is located.
    VSwitch Specify the VSwitch that connects to the target gateway.
    Note This must be the VSwitch that connects to your ECS instance or local host. If no gateway is available in the zone where the specified VSwitch is located, you can create a VSwitch in another zone.
  6. Click Next to go to the Paid Information tab, set the following parameters, and then click Next.
    Parameter Description
    Billing Method Specify the method that the system uses to calculate billing for the target gateway. Valid values: Pay-As-You-Go and Subscription. For more information, see Pricing.

    If you select Subscription, after you create the file gateway, you are redirected to the Cloud Storage Gateway (Subscription) page. Afterward, you must complete the payment on this page. For more information, see Purchase Cloud Storage Gateway.

    After Expiration Specify the way the system processes the target gateway after expiration. Valid values: Pay-As-You-Go and Release After Expiration.
  7. Click Next to go to the Summary tab, make sure that the specified information is correct, and then click OK.
    • After you create an in-cloud file gateway, the system completes the deployment in approximately 5 to 10 minutes. When the target gateway stays in the Running state, the gateway has been activated and deployed.
    • After you create a local file gateway, click Activate Gateway in the Actions column next to the gateway, and in the Activate Gateway dialog box that appears, set the parameters for activating the gateway. For more information, see Activate the gateway.

Step 2: Create a cache

Note This section describes how to create a cache disk for an in-cloud file gateway. To create a cache for a local file gateway, you must go to the platform where the local gateway console is deployed.
  1. Log on to the CSG console.
  2. Select the region where the target file gateway is located.
  3. Go to the Gateway Cluster page, find the target file gateway, and then click the name of the gateway to go to the Share tab.
  4. Click the Cache tab, and click Create Cache.
  5. On the Add Cache dialog box that appears, set the following parameters:
    • Size: specifies the size of the cache that you want to create. Valid values: 40 GB to 32 TB.
    • Type: specifies the type of the cache that you want to create. Valid values: Ultra Disk and SSD.
  6. Click OK.
    For a subscription file gateway, after you create a cache, you are redirected to the Cloud Storage Gateway Cache Disk (Subscription) page to pay for the cache. For more information, see Purchase a cache disk.

Step 3: Create a share

  1. Log on to the CSG console.
  2. Select the region where the target file gateway is located.
  3. Go to the Gateway Cluster page, find the target file gateway, and then click the name of the gateway to go to the Share tab.
  4. On the Share tab, click Create.
  5. On the Bucket Setting tab, set the following parameters, and click Next.
    Parameter Description
    Allow Cross-region Bucket
    • Yes: specifies that you can access the bucket that stays in the different region from the specified gateway.
    • No: specifies that you can access only the bucket that stays in the same region as the specified gateway.
    Bucket Endpoint Specify the endpoint of the target bucket.
    Bucket Name You can select an existing bucket from the drop-down list, or enter a subdirectory of the target bucket in the Path Prefix field.

    The Path Prefix field supports letters and digits only.

    Note For version 1.0.38 and later, you can map a root directory of the file system to a subdirectory of a bucket to isolate connections and secure data.

    You can specify an existing subdirectory or a subdirectory that does not exist in the bucket. After you create the share, the specified subdirectory works as the root directory, and stores all related files and directories in the follow-up management.

    Encryption Valid values: No Encryption and Server Encryption.

    If you select Server Encryption, you must set the CMK ID parameter. You can log on to the KMS console, and create a key. For more information, see Create a CMK.

    After you enable OSS server encryption, you can provide you own key. The system supports the key imported from Key Management Service (KMS).

    With OSS server encryption enabled, the system automatically uses the imported key to encrypt the files uploaded to OSS through the shared directory. You can call the Get Object API operation to check whether the specified file has been encrypted. In the response header, if the x-oss-server-side-encryption field value is KMS and the x-oss-server-side-encryption-key-id field value is the key ID, this response indicates that the file has been encrypted.

    Note
    • Only the users in a whitelist can use this feature.
    • When you create a key in the KMS console, you must select the same region as the target OSS bucket.
    Connect to Bucket over SSL Specify whether to connect to a bucket over SSL. Valid values: Yes and No.
  6. Click Next to go to the Basic Information tab, set the following parameters, and then click Next.
    Parameter Description
    File Share Name The name of the Network File System (NFS) and Server Message Block (SMB) share that you want to create. If you set the Protocol parameter to NFS, this parameter also specifies the pseudo path of Network File System version 4 (NFSv4).

    The value must be 1 to 32 characters in length, and can contain letters and digits. It cannot start with a digit.

    Note Versions earlier than 1.0.35 do not allow you to mount local directories to shares over NFSv3. You must run the showmount -e <IP address of the target gateway> command to obtain the path for mounting the share to the local directory.
    Protocol Specify the name of the protocol that you use to connect to OSS buckets. Valid values: NFS and SMB.
    • The NFS protocol is applicable to connection to Linux-based OSS resources.
    • The SMB protocol is applicable to connection to Windows-based OSS resources.
    Cache Specify the cache disk that you have created.
    Note For a cache disk of 5 TB or less, 20% of the space is used to store metadata. For a cache disk of 5 TB or more, the space of 1 TB is used to store metadata. For example, if you create a 40 GB cache disk, the actual available cache size is 32 GB. If you create a 20 TB cache disk, the actual available cache size is 19 TB.
    User Mapping

    Map an NFS client user to an NFS server user. This parameter is required only when you set the Protocol parameter to NFS.

    • none: specifies no mapping relationship between an NFS client user and the NFS server user nobody.
    • root_squash: maps only a root user of an NFS client to the NFS server user nobody.
    • all_squash: maps all NFS client users to the NFS server user nobody.
    • all_anonymous: maps all NFS client users to an anonymous NFS server user.
    Advanced Settings Select Advanced Settings to go to the Advanced Settings tab.
  7. On the Advanced Settings tab, set the following parameters, and then click Next.
    Parameter Description
    Cache Mode
    • Replication Mode: specifies that all data is stored with two backups. One backup is stored in a local cache and the other is stored in an OSS bucket.
    • Cache Mode: specifies that all metadata and frequently accessed user data are stored in the local cache. The OSS bucket retains all data.
    Optimize Fragments Specify whether to optimize the performance for some applications that frequently and randomly read and write small amounts of data. You can enable this feature as needed.
    Optimize Upload Release the cache in real time. You can enable this feature when you only synchronize backups to the cloud.
    Enable Remote Sync Refresh metadata stored in an OSS bucket to the local cache. This feature is applicable to such scenarios as disaster recovery, data restoration, and data sharing.
    Note During remote synchronization, the system scans all objects in the bucket. If a large number of objects exist, you have to pay for corresponding OSS API requests. For more information, see Pricing of OSS.
    Remote Sync Interval If you set the Enable Remote Sync parameter to Yes, you can set the Remote Sync Interval parameter. Valid values: 15 to 36000. Default value: 36000. Unit: seconds.
    Note If the bucket contains a large number of objects, we recommend that you specify a value higher than 3,600 seconds as the remote synchronization interval. Otherwise, periodic scans may cause a high cost of OSS API requests.
    Ignore Delete Ignore file deletion operations during data synchronization to OSS. The OSS bucket retains all data.
    Sync Delay Specify a delay before the system uploads the file that you have modified and closed. The Sync Delay feature avoids OSS fragments caused by frequent local modifications. Valid values: 0 to 120. Default value: 5. Unit: seconds.
  8. Click Next to go to the Summary tab, make sure that the specified information is correct, and then click OK.
  9. After you create the share, you can access the share by using a client. For more information, see Access an NFS share from a client.