Apsara File Storage NAS (NAS) is a cloud service that provides file storage solutions for compute nodes. The compute nodes include Elastic Compute Service (ECS) instances, Elastic High Performance Computing (E-HPC) clusters, and Container Service for Kubernetes (ACK) clusters. NAS is a distributed file storage solution that provides the following benefits: shared access, scalability, high reliability, and high performance.
Overview
NAS uses Portable Operating System Interface (POSIX)-based APIs and is compatible with native operating systems. NAS provides shared access, ensures data consistency, and implements mutual exclusion by using locks. NAS provides scalable file systems and allows simultaneous access to a NAS file system from multiple ECS instances. The storage capacity of a NAS file system automatically scales in or out when you add or remove files. NAS provides shared data sources for workloads and applications that run on multiple ECS instances or servers.
NAS provides two storage classes: General-purpose NAS file systems and Extreme NAS file systems. We recommend that you select an appropriate storage class based on your business scenario.
General-purpose NAS file system
General-purpose NAS file systems are used to store hot data that is frequently accessed. General-purpose NAS file systems are classified into Capacity NAS file systems, Premium NAS file systems, and Performance NAS file systems. General-purpose NAS file systems are suitable for general file sharing workloads. The workloads include Linux or Windows applications for enterprises, web content management services, database backup services, log storage services, and home directory services.
Extreme NAS file systems
Extreme NAS is a high-performance file sharing service based on the latest network architecture and all-flash storage. The fully managed cloud storage service is integrated with the computing services of Alibaba Cloud to provide optimal computing performance for public cloud. Extreme NAS file systems are suitable for the following workloads: latency-sensitive Linux applications for enterprises, development and test environments for continuous integration and continuous deployment (CI/CD), high-performance web services, online education services, online gaming services, and databases.
For more information about the specifications of each storage class, see Storage Classes.
NAS supports various storage scenarios. For more information, see Scenarios.
Benefits
NAS has benefits in terms of cost-effectiveness, security, usability, reliability, and performance.
Cost-effectiveness
A NAS file system can be mounted on multiple compute nodes at a time and allows simultaneous access from these nodes. This reduces the costs of performing a large number of copy and synchronization operations.
The performance of a NAS file system increases with storage capacity. This eliminates the need for an upfront investment in high-end file storage devices and reduces hardware costs.
NAS allows you to pay only for the storage space that you consume without the need to configure storage in advance. No minimum consumption or extra configuration cost exists. For more information, see Pricing.
NAS features high availability, which allows you to greatly reduce data security risks and maintenance costs.
Ease of use
You can create a file system in a few clicks without the need to deploy the file system or perform O&M operations.
Security
NAS provides access control based on Resource Access Management (RAM), and access isolation based on virtual private clouds (VPCs). NAS supports encryption in transit and encryption at rest to prevent data interception and tampering.
High reliability
NAS stores multiple replicas of data on different devices in the same zone and provides 99.999999999% (11 nines) data durability and 99.95% service availability. This minimizes data security risks.
High performance
NAS provides distributed file systems whose performance linearly scales with capacity. Compared with traditional data storage solutions, NAS provides a higher level of storage performance.
Compatibility
NAS supports standard protocols, such as Network File System (NFS) and Server Message Block (SMB). NAS ensures data consistency and file locking based on POSIX APIs.
After the content of a file is modified in a NAS file system, you can view the result in real time.
Features
Lifecycle management
The lifecycle management feature is used to reduce the storage costs of your data. If the files in a General-purpose NAS file system are accessed less than twice a month, we recommend that you enable the lifecycle management feature. After you enable the feature, the files that meet a specified lifecycle policy are automatically dumped to the Infrequent Access (IA) storage class. The billing method for the IA storage class is used. This helps you reduce storage costs. For more information, see IA storage class.
ACL
NAS SMB ACL: This feature allows you to use Active Directory (AD) to manage user identities and user access to SMB file systems. The feature supports file system-level authentication and access control based on Alibaba Cloud accounts and the permission group-based whitelist system in which one or more source IP addresses are specified. For more information, see Overview of the SMB ACL feature.
NAS NFS ACL: This feature allows you to grant users and groups different access permissions to implement access isolation. You can enable this feature in the NAS console. You can grant permissions to specific users and groups in addition to the owner, group, and other classes. For more information, see NAS NFS ACL.
Quota management
You can manage the directory quotas of NAS file systems with ease. For example, you can create, modify, and delete directory quotas. For more information, see Manage directory quotas.
Data encryption
Encryption at rest: NAS encrypts data that is stored in file systems. When you access data, NAS decrypts the data, and then returns the decrypted data. For more information, see Encryption at rest.
Encryption in transit for NFS file systems: This feature uses Transport Layer Security (TSL) to prevent data theft or tampering when data is transmitted between ECS instances and NAS. For more information, see Encryption in transit for NFS file systems.
Encryption in transit for SMB file systems: This feature uses Authenticated Encryption (AE) to prevent data theft or tampering when data is transmitted between ECS instances and NAS. For more information, see Encryption in transit for SMB file systems.
Data backup
You can generate multiple replicas of data based on flexible backup policies. You can use these replicas to restore files if data is lost or damaged. For more information, see Back up files from a General-purpose NAS file system.
Recycle bin
If you enable the recycle bin feature, the deleted files or directories are temporarily stored in the recycle bin. If you accidentally delete files from a file system, you can restore the files and the metadata of the files from the recycle bin. The metadata includes the UID, GID, and ACL. For more information, see Recycle bin.
Data erasure mechanisms
When you delete a piece of data, the data is completely erased from your NAS file system and can no longer be accessed by other users. The following mechanisms ensure that deleted data is completely erased:
The data in NAS file systems of different users is completely isolated. The data in each NAS file system is managed, indexed, and verified based on the metadata. Reading data across different NAS file systems is not allowed.
If a file is deleted from a NAS file system, the metadata index is updated immediately. This ensures that the corresponding physical space cannot be indexed and the data can no longer be read. When the physical storage space is reallocated, it is cleared and then added to the metadata index. The system returns only zero for requests that attempt to read data from the storage space for the first time.
When a NAS file system is released, the storage system immediately destroys the metadata to ensure that the data is no longer accessible. At the same time, the physical storage space that corresponds to the NAS file system is recycled. When the physical storage space is reallocated, data is cleared again and then overwritten by newly written data. Before data is written to the physical storage space, the system returns only zero for all read requests.
Usage notes
If you want to create, use, or release a NAS file system, use one of the following methods that are provided by Alibaba Cloud:
Use the NAS console
NAS provides a web page-based console. You can log on to the NAS console to manage your NAS resources. For more information, see Get started with NAS.
Use the NAS API or NAS SDKs
NAS provides RESTful API operations and SDKs for multiple programming languages to facilitate secondary development. For more information, see API integration overview and NAS SDKs.
NAS pricing
For more information about the billing rules of NAS, see Billing. For more information about the prices of NAS file systems, see Apsara File Storage NAS Pricing.
Related services
After you upload your data to NAS, you can use other Alibaba Cloud features and services to manage your data.
The following features and services are frequently used together with NAS:
Elastic Compute Service (ECS): a cloud computing service that provides elastic and efficient computing capability. For more information, visit the product page of ECS.
Data Online Migration: You can use Data Online Migration to migrate data from Object Storage Service (OSS) to NAS. For more information, see the Data Online Migration documentation.
Cloud Backup: You can use Cloud Backup to back up the files in a NAS file system on a regular basis and restore the files if data is lost or damaged. For more information, visit the product page of Cloud Backup.
CloudMonitor: You can use CloudMonitor to view the performance metrics and storage usage metrics of NAS file systems. You can also configure alert rules for metrics. For more information, visit the product page of CloudMonitor.
Contact us
If you have any feedback or questions, contact NAS technical support by clicking the button below.