This topic describes how to manage shares in the Cloud Storage Gateway (CSG) console. These management operations include creating, deleting, and configuring NFS and SMB shares.

Prerequisites

  1. You have created a gateway. For more information, see Create a file gateway.
  2. You have added a cache disk to the gateway. For more information, see Add a cache disk.
  3. You have created an Object Storage Service (OSS) bucket. For more information, see Create buckets.
    Note
    • CSG supports Standard, IA, and Archive OSS buckets.
    • If you do not enable the archive feature when you create a share, you must restore archived files before you can read them.

Create a share

  1. Log on to the CSG console.
  2. Select the region where the file gateway is located.
  3. On the Gateway Clusters page, find and click the target file gateway.
  4. Click the Share tab, and then click Create.
  5. On the Bucket Setting tab, set the following parameters and click Next.
    Parameter Description
    Cross-Region Binding
    • Yes: You can access OSS buckets that are not deployed in the same region as the gateway.
    • No: You can only access OSS buckets that are deployed in the same region as the gateway.
    Bucket Endpoint Select the endpoint of the target bucket.
    Bucket Name You can select an existing bucket from the drop-down list, or enter a subdirectory of the target bucket in the Path Prefix field.

    The Path Prefix field supports only letters and digits.

    Note
    • Beginning with version 1.0.38, you can map the root directory of a file system to a subdirectory of a bucket to allow separate file access between users.
    • You can specify an existing subdirectory or a subdirectory that does not exist in the bucket. After you create the share, the specified subdirectory works as the root directory, and stores all related files and directories.
    Encryption You can select No Encryption or Server Side Encryption.

    If you select Server Side Encryption, you must also set the CMK ID parameter. You can log on to the KMS console and create a key. For more information, see Create a CMK.

    After you enable OSS server-side encryption, you can provide your own key. The system supports keys imported from Key Management Service (KMS).

    After OSS server-side encryption is enabled, the system automatically uses the imported key to encrypt files uploaded to OSS through the shared directory. You can call the GetObject operation to check whether the specified file has been encrypted. In the response header, if the x-oss-server-side-encryption field value is KMS and the x-oss-server-side-encryption-key-id field value is the key ID, it indicates that the file has been encrypted.

    Note
    • This feature is available to selected users only.
    • When you create a key in the KMS console, you must select the same region as the target OSS bucket.
    Connect to Bucket Using SSL If you select Yes, you can connect to the OSS bucket over SSL.
  6. On the Basic Information tab, set the following parameters and click Next.
    Parameter Description
    File Shares Name Specify a name for the share. If you set the Protocol parameter to NFS, the share name also specifies the virtual path of Network File System version 4 (NFSv4).

    The name must be 1 to 32 characters in length and can contain letters and digits. It cannot start with a digit.

    Note Versions earlier than 1.0.35 do not allow you to mount shares to local directories over NFSv3. You must run the showmount -e <IP address of the target gateway> command to obtain the path for mounting the share to the local directory.
    Protocol Select NFS or SMB as needed.
    • The NFS protocol is suitable for scenarios where you need to access Object Storage Service (OSS) buckets from a Linux operating system.
    • The SMB protocol is suitable for scenarios where you need to access OSS buckets from a Windows operating system.
    Cache Select an existing cache disk.
    Note For a cache disk smaller than 5 TB, 20% of the space is used to store metadata. For a cache disk of 5 TB or larger, 1 TB of the space is used to store metadata. For example, if you create a cache disk of 40 GB, the actual available cache space is 32 GB. If you create a cache disk of 20 TB, the actual available cache space is 19 TB.
    User Mapping

    Maps an NFS client user to an NFS server user. This parameter is required only when you set the Protocol parameter to NFS.

    • none: NFS client users are not mapped to "nobody" on the NFS server.
    • root_squash: restricts root user permissions. NFS clients using the root identity are mapped to "nobody" on the NFS server.
    • all_squash: restricts all user permissions. No matter what identity an NFS client uses, it is always mapped to "nobody" on the NFS server.
    • all_anonymous: restricts all user permissions. No matter what identity an NFS client uses, it is always mapped to "anonymous" on the NFS server.
    Support Archive You can enable this feature only if you set Protocol to NFS.
    • If you select Yes, archiving is enabled. Reading an archived file initiates a request to restore the file. The request will not trigger any error message, but will increase the latency to read the file.
    • If you select No, archiving is disabled. Reading an archived file initiates a request to restore the file. You must restore the archived file first. Otherwise, an error message appears.
    Note File gateways of the Basic model do not support the Archive feature.
    Join Sync Group If you enable the express sync feature for the share and add it to a sync group, any changes made to the data stored in the associated OSS bucket will be synchronized to the local client of the share. After you select the Join Sync Group check box, the Remote Sync check box is cleared automatically.
    Note
    • To enable this feature, create a sync group first. Make sure that the sync group and the share use the same OSS bucket. For more information about creating a sync group, see Express synchronization.
    • Currently, only standard, enhanced, and advanced gateways support the express sync feature.
    • The express sync feature must work with Alibaba Cloud Message Service. After you add a share to a sync group, service fees of Message Service are incurred. For more information, see the background information in Express synchronization.
    Advanced Settings After you select Advanced Settings, the Advanced Settings tab appears.
  7. On the Advanced Settings tab, set the following parameters, and then click Next.
    Parameter Description
    Cache Mode
    • Replication Mode: In this mode, two backups of all data are created. One is stored in the local cache disk and the other is stored in the associated OSS bucket.
    • Cache Mode: In this mode, the backup stored in the local cache disk only contains metadata and frequently accessed user data. The backup stored in the OSS bucket contains all data.
    Transfer Acceleration This feature accelerates the data transfer rate across regions by using the Internet bandwidth of the gateway. Before you use this feature, make sure that the associated OSS bucket already has this feature enabled.
    Optimize Fragments Specify whether to optimize the performance for applications that frequently and randomly read and write small amounts of data. You can enable this feature based on your needs.
    Direct IO Data is directly read from and written to the cache disk.
    Optimize Upload This feature releases the cache in real time. You can enable this feature if you synchronize only backups to the cloud.
    Enable Remote Sync Specify whether to synchronize metadata stored in the OSS bucket to the local cache disk. This feature is suitable for use in disaster recovery, data restoration, and data sharing scenarios.
    Note
    • During remote synchronization, the system scans all objects in the bucket. If the number of objects is large, fees are incurred for calling the OSS API. For more information, see Pricing of OSS.
    • If you have selected the Join Sync Group check box on the Basic Information tab, this option is unavailable.
    Remote Sync Time Interval If you set Enable Remote Sync to Yes, you must set the Remote Sync Time Interval parameter. Valid values: 15 to 36000. Default value: 36000. Unit: seconds.
    Note If the bucket contains a large number of objects, we recommend that you set the interval to longer than 3,600 seconds. Otherwise, repeated scans frequently call the OSS API, incurring a large amount of fees.
    Ignore Delete During the data synchronization process, the OSS bucket ignores all data deletion operations. The backup stored in the OSS bucket contains all data.
    Sync Delay You can specify a period of time to delay the upload of files that you have modified and closed. The Sync Delay feature avoids OSS file fragmentation caused by frequent local modifications. The default value is 5 seconds and the maximum is 120 seconds.
    Replication Mode Advanced Settings If you set Cache Mode to Replication Mode, you can select the Replication Mode Advanced Settings check box. The Replication Mode Advanced tab appears.
  8. On the Replication Mode Advanced tab, set the following parameters, and then click Next.
    Parameter Description
    Configure Replication Directories This parameter specifies the files on which replication mode is applied.
    • If you do not select this check box, replication mode is applied to all data in the share.
    • After you select the check box, click Add Directory to add directories. Replication mode is applied to the specified directories, while the rest of the data adopts cache mode.
    Note
    • If you change the mode of a directory from cache to replication, files under the directory can be synchronized only if the data replication feature is also enabled. We recommend that you enable data replication.
    • You can specify relative directories under the shared root directory. For example, if the target directory is /mnt/myshare/mydir/, and the mount point is /mnt/myshare, you can enter /mydir/.
    Data Replication By default, the remote sync and the express sync features synchronize the metadata between the OSS bucket and the local client. The data replication feature allows you to replicate data under specific paths or all data to the local client. After you enable Remote Sync or Express synchronization, you can select Yes to enable Data Replication.
    Note
    • Data replication requires the capacity of the cache disk to be 1.1 times larger than the file size to be replicated. Specify the cache capacity properly based on the expected growth of the bucket usage.
    • If this is your first time enabling data replication, a full scan is triggered. This process may reduce the performance of the gateway. Enable data replication during off-peak hours and wait for the system to replicate all the data.
    • Data replication allows only a single user to write data to the bucket and multiple users to read data from the bucket simultaneously. If multiple users access the bucket at the same time (whether through the gateway or direct access to the OSS bucket), only a single user is allowed to upload files to the bucket, and other users can only download data. Data loss may occur if multiple users write data to while multiple users read data from the bucket at the same time. Proceed with caution.
    Download Limit After you enable Data Replication, set this parameter. The download speed must not be lower than 0 MB/s and not be higher than 1,280 MB/s. If you set this parameter to 0 MB/s, it indicates that the download speed is not limited.
    Remote Sync Time Interval After you enable Data Replication, set this parameter. Valid values: 3600 to 36000. Default value: 36000. Unit: seconds.
    Note
    • If the bucket contains a large number of objects, we recommend that you set the interval to longer than 3,600 seconds. Otherwise, repeated scans may frequently call the OSS API, incurring a large amount of fees.
    • Remote sync is triggered only when the shared directory is accessed. To make sure that existing and incremental data in the shared directory can be synchronized to the local client when no user accesses the directory, we recommend that you enable express sync. For more information, see Express synchronization.
  9. Click Next to go to the Summary tab, make sure that the specified information is correct, and then click OK.

Configure an NFS share

If you select the NFS protocol when you create a share, click Set in the Actions column to configure the NFS share.

  1. On the Share page, find the target share, and then click Set in the Actions column.
  2. In the NFS Share Setting dialog box that appears, set the following parameters.
    • User Mapping: Select an NFS identity mapping to map NFS client users to NFS server users.
      • none: NFS client users are not mapped to "nobody" on the NFS server.
      • root_squash: restricts root user permissions. NFS clients using the root identity are mapped to "nobody" on the NFS server.
      • all_squash: restricts all user permissions. No matter what identity an NFS client uses, it is always mapped to "nobody" on the NFS server.
      • all_anonymous: restricts all user permissions. No matter what identity an NFS client uses, it is always mapped to "anonymous" on the NFS server.
    • Read/Write Client IPs: Specify IP addresses or CIDR blocks allowed to read and write the NFS share.

      For example, enter 192.168.10.10 or 192.168.0.0/24. You can enter multiple IP addresses or CIDR blocks.

    • Read-only Client IPs: Specify IP addresses or CIDR blocks only allowed to read the NFS share.

      For example, enter 192.168.10.10 or 192.168.0.0/24. You can enter multiple IP addresses or CIDR blocks.

    • Max Write Speed: The maximum write rate is 1,280 MB/s. The default value is 0, indicating that the write rate is not limited.
    • Max Upload Speed: The maximum upload rate is 1,280 MB/s. The default value is 0, indicating that the upload rate is not limited
      Note When you customize the maximum write and upload rates, make sure that the maximum upload rate is not lower than the maximum write rate.

Configure an SMB share

If you select the SMB protocol when you create a share, you can click Set in the Actions column to configure the SMB share.

  1. On the Share page, find the target share and click Set in the Actions column.
  2. In the SMB Share Setting dialog box that appears, set the parameters.
    • Browsable: Specify whether the share can be discovered by Network Neighborhood.
    • Read/write Users: Specify users allowed to read and write the SMB share.
    • Read-only Users: Specify users only allowed to read the SMB share.
      Note If you grant a user both the read-only and read/write permissions, only the read-only permission takes effect.
    • Max Write Speed: The maximum write rate is 1,280 MB/s. The default value is 0, indicating that the write rate is not limited.
    • Max Upload Speed: The maximum upload rate is 1,280 MB/s. The default value is 0, indicating that the upload rate is not limited.
      Note When you customize the maximum write and upload rates, make sure that the maximum upload rate is not lower than the maximum write rate.

Other supported operations

On the Share page, you can also perform the following operations.

Operation Description
Change advanced settings Find the target share and click Advanced Set in the Actions column. For more information, see Create a share.
Delete a share Find the target share and click Delete in the Actions column.
Note
  • This operation does not delete the data stored in the associated OSS bucket.
  • This operation does not remove the attached cache disk.
  • This operation does not delete the data stored in the attached cache disk.
  • When you create a new share, you must attach a cache disk and an OSS bucket to the share.
Restart NFS shares Click Restart NFS Shares to restart all the shares connected to the gateway.
Restart SMB shares Click Restart SMB Shares to restart all the SMB shares connected to the gateway.
Hide tasks Click Hide Tasks to hide the task list at the bottom of the page.
View the upload and download queues Find the target share, and click the plus sign (+) next to the share name to view the upload and download queues.
  • If the number of objects in the upload queue is not 0, it indicates that objects are waiting to be uploaded to the associated OSS bucket.
  • If the number of objects in the download queue is not 0, it indicates that objects are waiting to be downloaded.
  • If the numbers of files in the upload and download queues are both 0, it indicates that the data in the gateway and OSS bucket has been synchronized.

What to do next

Access a share