All Products
Search
Document Center

Cloud Storage Gateway:Manage shares

Last Updated:Jan 31, 2024

This topic describes how to manage shares in the Cloud Storage Gateway (CSG) console. You can create, delete, and configure Network File System (NFS) and Server Message Block (SMB) shares.

Prerequisites

  1. A gateway is created. For more information, see Create a file gateway.

  2. A cache disk is added to the gateway. For more information, see Attach a cache disk.

  3. An Object Storage Service (OSS) bucket is created. For more information, see Create buckets.

    Note
    • CSG supports Standard, Infrequent Access (IA), and Archive OSS buckets.

    • If you request to read an archived file from a gateway for which the archive feature is disabled, a request to restore the file is initiated. If the file gateway uses a Network File System (NFS) share, no error is returned, but a certain level of I/O latency occurs. If the file gateway uses a Server Message Block (SMB) share, a short-lived error occurs, and the read operation is successful after the restoration process is complete.

    • When a client writes a file to a file gateway, the gateway records at least two actions: writing the file and setting the file modification time. The gateway merges the two actions where possible. However, the gateway may still initiate multiple operations on the object to the bucket where the object is stored. The CopyObject operation is called to store the file modification time as a piece of metadata of the object in the bucket. If the object is an Archive or Cold Archive object, this operation requires object restoration, which takes some time to complete. This increases the time required for object uploads and even causes upload failures if not enough time is left to upload data in the cache. We recommend that you do not connect a gateway to an Archive bucket. If files that are written from a file gateway to OSS are infrequently modified, we recommend that you store the files in a Standard or IA bucket first and configure a lifecycle rule that changes the storage class of the files to Archive or Cold Archive. This reduces unnecessary restoration operations and optimizes storage costs and efficiency.

Create a share

  1. Log on to the CSG console.

  2. At the top of the page, select the region where the file gateway resides.

  3. In the left-side navigation pane, click Gateways. On the page that appears, locate the file gateway and click the ID of the file gateway.

  4. In the left-side navigation pane, click Share. On the Shares page, click Create.

  5. In the Bucket Settings step, configure the parameters and click Next. The following table describes the parameters.

    Parameter

    Description

    Cross-region Binding

    • If you select Yes, you can access a bucket that resides in a different region from the gateway.

    • If you select No, you can access a bucket that resides only in the same region as the gateway.

    OSS Endpoint

    Select the endpoint for the region in which the bucket is located.

    Bucket Name

    You can select an existing bucket from the drop-down list. You can also select the Subdirectory check box and enter a subdirectory of the bucket in the text box that appears.

    Note
    • The name of a subdirectory can contain only letters and digits.

    • Starting from V1.0.38, you can map the root directory of a file system to a subdirectory of the bucket. This way, you can isolate file access requests.

    • You can specify an existing subdirectory or a subdirectory that does not exist in the bucket. After you create a share, the specified subdirectory serves as the root directory and stores all related files and directories.

    • Buckets for which back-to-origin routing is configured are not supported.

    • CSG cannot guarantee that only one write operation is performed on an object. Therefore, buckets for which retention policies are configured are not supported.

    Encrypt

    Specify whether to perform encryption. Valid values: None, Server-side Encryption, and Gateway-side Encryption.

    If you select Server-side Encryption, you must specify a Key ID. You can create a key in the Key Management Service (KMS) console. For more information, see Create a CMK.

    If you enable the server-side encryption feature in OSS, you can bring your own key (BYOK). Keys that are imported from KMS are supported.

    After you enable server-side encryption, files that are uploaded to OSS from the share are encrypted by using KMS-managed keys. You can call the GetObject operation to check whether the specified file is encrypted. If the value of the x-oss-server-side-encryption field is KMS and the value of the x-oss-server-side-encryption-key-id field is the key ID in the response header, the file is encrypted.

    Note
    • Only users in the whitelist can use this feature. The gateway-side encryption feature is available only for enhanced and performance-optimized gateways. For more information, see Enable gateway encryption.

    • When you create a key in the KMS console, you must select the region in which the OSS bucket resides.

    Use SSL to Connect Bucket

    If you select Yes, the share is connected to the OSS bucket over SSL.

  6. On the Basic Information tab, set the parameters and click Next. The following table describes the parameters.

    Parameter

    Description

    Share Name

    The name of the NFS or SMB share that you want to create. If you set the Protocol parameter to NFS, the share name also specifies the virtual path of NFS version 4 (NFSv4).

    The name must be 1 to 32 characters in length, and can contain letters and digits. The name cannot start with a digit.

    Protocol

    The name of the protocol that you use to connect to OSS buckets. Valid values: NFS and SMB.

    • The NFS protocol is suitable if you need to access OSS buckets from a Linux operating system.

    • The SMB protocol is suitable if you need to access OSS buckets from a Windows operating system.

    Cache

    Select an existing cache disk.

    Note

    For a cache disk whose capacity is smaller than 5 TB, 20% of the space is used to store metadata. For a cache disk whose capacity is 5 TB or larger, 1 TB of the space is used to store metadata. For example, if you create a cache disk of 40 GB, the available cache space is 32 GB. If you create a cache disk of 20 TB, the available cache space is 19 TB.

    User Mapping

    Maps an NFS client user to an NFS server user. This parameter is available only when you set Protocol to NFS.

    • none: NFS client users are not mapped to the nobody user on the NFS server.

    • root_squash: restricts the use of root user permissions. NFS clients that use the root identity are mapped to the nobody user on the NFS server.

    • all_squash: restricts all user permissions. The NFS client is mapped to the nobody user on the NFS server regardless of the identity that the client uses.

    • all_anonymous: restricts all user permissions. The NFS client is mapped to the anonymous user on the NFS server regardless of the identity that the client uses.

    Archive

    This parameter is available only if you set the Protocol parameter to NFS and the User Mapping parameter to none.

    • If you select Yes, the archive feature is enabled. You can use the archive management tool to archive and restore files in a share.

    • If you select No, the archive feature is disabled. You cannot use the archive management tool to manage files. When you read data from an archived file, the system initiates a request to restore the file. Latency may occur during the restoration, but no error occurs.

    Note

    Basic file gateways do not support the archive feature.

    Add to Sync Group

    You can enable the express synchronization feature for the share and add the share to a synchronization group. Then, all changes made to the data stored in the associated OSS bucket are synchronized to the on-premises client of the share. After you select the Add to Sync Group check box, the Reverse Sync check box is automatically cleared.

    Note
    • To enable this feature, create a synchronization group first. Make sure that the synchronization group and the share use the same OSS bucket. For more information about how to create a synchronization group, see Configure express synchronization.

    • Only Standard, Enhanced, and Performance Optimized gateways support the express synchronization feature.

    • The express synchronization feature is implemented based on Alibaba Cloud Message Service. After you add a share to a sync group, you are charged for Message Service. For more information about pricing, see the "Background information" section of the Configure express synchronization topic.

    Advanced Settings

    After you select the Advanced Settings check box, the Advanced Settings step appears.

  7. In the Advanced Settings step, set the required parameters, and then click Next. The following table describes the parameters.

    Parameter

    Description

    Mode

    • Replication Mode: In this mode, two backups are created for all data. One backup is stored in the on-premises cache disk and the other backup is stored in the associated OSS bucket.

    • Cache Mode: In this mode, the backup that is stored in the on-premises cache disk contains only metadata and the user data that is frequently accessed. The backup that is stored in the OSS bucket contains all data.

    Transfer Acceleration

    This feature accelerates data transfer across regions by using the public bandwidth of the gateway. Before you use this feature, make sure that the transfer acceleration feature is enabled for the associated OSS bucket.

    Fragmentation Optimization

    Specifies whether to optimize the performance for applications that frequently and randomly read and write small amounts of data. Proceed with caution.

    Direct IO Mode

    Data is directly read from and written to the cache disk.

    Upload Optimization

    If you select Yes, cached data is cleared in real time. You can enable this feature if you want to synchronize only backups to the cloud.

    Reverse Sync

    Specifies whether to synchronize metadata stored in the OSS bucket to the on-premises cache disk. This feature is suitable for disaster recovery, data restoration, and data sharing scenarios.

    Note
    • During a reverse synchronization process, the system scans all objects in the bucket. If the number of objects is large, you are charged for calling the OSS API. For more information, see Pricing of OSS.

    • If you select the Add to Sync Group check box on the Basic Information tab, this option is unavailable.

    Reverse Sync Interval

    If you set Reverse Sync to Yes, you must set the Reverse Sync Interval parameter. Valid values: 15 to 36000. Default value: 36000. Unit: seconds.

    Note
    • If the bucket contains a large number of objects, we recommend that you set the interval to a value greater than 3,600 seconds. Otherwise, repeated scans result in frequent OSS API calls. This causes the amount of fees to increase.

    • If you configure the cache mode for the share and download data, you must set the interval to a value between 3,600 seconds and 36,000 seconds.

    Ignore Deletions

    If you select Yes, the data that is deleted from the on-premises cache disk is not deleted from the OSS bucket. The OSS bucket retains all data.

    NFS V4 Optimization

    Specifies whether to improve the upload efficiency of NFSv4 files. If you select Yes, you cannot mount an NFSv3 file system on your on-premises host.

    Sync Latency

    You can specify a period of time to delay the upload of files that you modified and closed. The Sync Latency feature prevents OSS file fragmentation that is caused by frequent on-premises modifications. Default value: 5. Maximum value: 120. Unit: seconds.

    Replication Mode Advanced Settings

    If you set Cache Mode to Replication Mode, you can select the Replication Mode Advanced Settings check box. Then, the Replication Mode Advanced Settings tab appears.

  8. On the Replication Mode Advanced Settings tab, set the following parameters, and then click Next.

    Parameter

    Description

    Configure Directory in Replication Mode

    Specifies the scope of files to which the replication mode applies.

    • If you do not select this check box, the replication mode is applied to all data in the share.

    • After you select the check box, click Add Directory to add directories. The replication mode is applied to the specified directories. The rest of the data uses the cache mode.

    Note
    • If you change the mode of a directory from cache to replication, the files in the directory can be synchronized only when the data replication feature is also enabled. We recommend that you enable data replication.

    • You can specify relative directories under the shared root directory. For example, if the actual directory is /mnt/myshare/mydir/ and the mount point is /mnt/myshare, you can enter /mydir/.

    Data Download

    By default, the remote sync and the express synchronization features synchronize the metadata between the OSS bucket and the CSG agent. The data replication feature allows you to replicate all data or data of specific directories to the CSG agent. After you enable Reverse Sync or Configure express synchronization, you can select Yes to enable Data Download.

    Note
    • If you want to use the data replication feature, the capacity of the cache disk must be 1.1 times larger than the file size that you want to replicate. Specify the cache capacity based on the expected growth of the bucket usage.

    • When you enable the data download feature for the first time, a full scan is triggered. This process may reduce the performance of the gateway. We recommend that you enable the data download feature during off-peak hours and wait for the system to replicate all data.

    • The data download feature allows only one user to write data to the bucket and multiple users to read data from the bucket at the same time. If multiple users access the bucket at the same time over the gateway or OSS bucket, only one user can upload files to the bucket. Other users can only download data. Data loss may occur if multiple users write data to and read data from the bucket at the same time. Proceed with caution.

    Download Speed Limit

    After you enable Data Download, you must set this parameter. The download speed must be in the range of 0 MB/s to 1,280 MB/s. If you set this parameter to 0 MB/s, the download speed is unlimited.

    Reverse Sync Interval

    After you enable Data Download, you must set this parameter. Valid values: 3600 to 36000. Default value: 36000. Unit: seconds.

    Note
    • If the bucket contains a large number of objects, we recommend that you set the interval to a value that is greater than 3600. Otherwise, repeated scans result in frequent OSS API calls. This causes the amount of fees to increase.

    • Reverse synchronization is triggered only when you access the directory. To ensure that the data in other directories can be downloaded and new data can be downloaded in real time, use the express synchronization feature. For more information, see Configure express synchronization.

  9. In the Confirmation step, verify your settings and click OK.

Configure an NFS share

If you select the NFS protocol when you create a share, click Settings in the Actions column to configure the NFS share.

  1. On the Share page, find the share that you want to configure and click Settings in the Actions column.

  2. In the NFS Share Settings dialog box, set the parameters. The following table describes the parameters.

    Parameter

    Description

    User Mapping

    Maps an NFS client user to an NFS server user.

    • none: NFS client users are not mapped to the nobody user on the NFS server.

    • root_squash: restricts the use of root user permissions. NFS clients that use the root identity are mapped to the nobody user on the NFS server.

    • all_squash: restricts the use of all user permissions. The NFS client is mapped to the nobody user on the NFS server regardless of the identity that the client uses.

    • all_anonymous: restricts the use of all user permissions. The NFS client is mapped to the anonymous user on the NFS server regardless of the identity that the client uses.

    Read/Write Client IPs

    The IP address or CIDR block of the client that you allow to read data from and write data to the NFS gateway, for example, 192.168.10.10 or 192.168.0.0/24. You can enter multiple IP addresses or CIDR blocks.

    Read-only Client IPs

    The IP address or CIDR block of the client that you allow to only read data from the NFS gateway, for example, 192.168.10.10 or 192.168.0.0/24. You can enter multiple IP addresses or CIDR blocks.

    Write Speed Limit

    Specify the maximum write speed. Valid values: 0 to 1280. Unit: MB/s. Default value: 0. The default value 0 indicates that the write speed is unlimited.

    Upload Speed Limit

    Specify the maximum upload speed. Valid values: 0 to 1280. Unit: MB/s. Default value: 0. The default value 0 indicates that the upload speed is unlimited.

    Note

    When you set the maximum write speed and upload speed, make sure that the maximum upload speed is not lower than the maximum write speed.

Configure an SMB share

If you select the SMB protocol when you create a share, you can click Set in the Actions column to configure the SMB share.

  1. On the Share page, find the share that you want to configure and click Settings in the Actions column.

  2. In the SMB Share Settings dialog box, set the parameters. The following table describes the parameters.

    Parameter

    Description

    Browsable

    Specify whether the SMB share can be discovered by network neighbors.

    Read/Write Users

    The users who have read and write access to the SMB share.

    Read-only Users

    The users who have read-only access to the SMB share.

    Note

    If you grant both the read-only and read and write permissions to a user, only the read-only permission takes effect.

    Write Speed Limit

    Specify the maximum write speed. Valid values: 0 to 1280. Unit: MB/s. Default value: 0. The default value 0 indicates that the write speed is unlimited.

    Upload Speed Limit

    Specify the maximum upload speed. Valid values: 0 to 1280. Unit: MB/s. Default value: 0. The default value 0 indicates that the upload speed is unlimited.

    Note

    When you set the maximum write speed and upload speed, make sure that the maximum upload speed is not lower than the maximum write speed.

Other supported operations

On the Share page, you can also perform the following operations.

Operation

Description

Configure advanced settings

Find the share whose advanced settings you want to configure and click Advanced Set in the Actions column. For more information, see Create a share.

Delete a share

Find the share that you want to delete and click Delete in the Actions column.

  • This operation does not delete the data in the associated OSS bucket.

  • This operation does not release the related cache disk or delete the data stored in the cache disk.

  • If you create another share, you must attach a cache disk and an OSS bucket to the share.

Warning

Deleting a share will interrupt business activities and data synchronization tasks. Exercise caution when performing this action.

Restart NFS shares

Click Restart NFS Shares to restart all the shares that are connected to the gateway.

Warning

Restarting a share will cause temporary business interruptions. Exercise caution when performing this action.

Restart SMB shares

Click Restart SMB Shares to restart all the SMB shares that are connected to the gateway.

Warning

Restarting a share will cause temporary business interruptions. Exercise caution when performing this action.

Hide tasks

Click Hide Tasks to hide the task list at the bottom of the page.

View the upload and download queues

Find the share whose upload and download queues you want to view, and click the plus sign (+) next to the share name to view the upload and download queues.

  • If the number of objects in the upload queue is not 0, one or more objects are waiting to be uploaded to the associated OSS bucket.

  • If the number of objects in the download queue is not 0, one or more objects are waiting to be downloaded.

  • If the numbers of files in the upload and download queues are both 0, data is synchronized between the gateway and the OSS bucket.

What to do next

Access a share