File Storage NAS (NAS) is a distributed cloud file storage service for compute workloads. It supports the Network File System (NFS) and Server Message Block (SMB) protocols, providing shared, persistent access to file systems from Elastic Compute Service (ECS) instances, Elastic High-Performance Computing (E-HPC) instances, and Container Service for Kubernetes (ACK) clusters.
NAS offers four storage tiers: Extreme NAS, General-purpose Performance NAS, General-purpose Premium NAS, and General-purpose Capacity NAS.
Choose a storage tier
| Tier | Storage medium | Max capacity | Avg read latency (4 KiB) | IOPS | Best for |
|---|---|---|---|---|---|
| Extreme NAS | All-flash | 256 TiB | ~100 microseconds | 10,000–200,000 | Latency-sensitive workloads with large numbers of small files |
| General-purpose Performance NAS | SSD | 1 PiB | Milliseconds | Up to 30,000 (4K random read/write) | High-throughput, high-concurrency workloads with low read latency requirements |
| General-purpose Premium NAS | SSD | 1 PiB | Milliseconds | Up to 30,000 (4K random read/write) | Same performance profile as General-purpose Performance NAS at lower cost |
| General-purpose Capacity NAS | SATA HDD | 10 PiB | ~10 milliseconds | Up to 15,000 (4K random read/write) | Cost-sensitive workloads where latency is not critical |
Extreme NAS bandwidth: 150 MB/s to 1,200 MB/s.
Choose Extreme NAS for workloads that handle large numbers of small files with strict latency requirements — for example, financial trading systems or high-frequency logging pipelines. Choose General-purpose Capacity NAS for cold storage, archiving, or analytics where cost matters more than I/O responsiveness.
Choose a protocol
NAS supports NFS and SMB. The protocol you choose determines which operating systems can mount the file system and how access control is enforced.
| Feature | NFS | SMB |
|---|---|---|
| Recommended OS | Linux | Windows |
| File system semantics | POSIX | Win32 |
Mount an NFS file system on Linux ECS instances. Mount an SMB file system on Windows ECS instances. Both protocols support concurrent access from thousands of instances.
Use cases
Replace on-premises file servers: NAS provides the same shared file system semantics, naming conventions, and permissions as traditional on-premises NAS devices. Migrate existing file shares to NAS without changing how clients access them.
Lift and shift enterprise applications: Applications that depend on standard file system interfaces — POSIX calls, file locking, standard path structures — run on NAS without code changes. NAS provides the protocol compatibility needed to move workloads to Alibaba Cloud without rewriting file I/O logic.
Containerized workloads: Containers that need access to persistent data at startup require a shared file system reachable regardless of which node a container runs on. NAS provides that shared access layer, making it a natural fit for stateful microservices.
Media production workflows: Video editing, broadcast processing, and audio rendering involve large files accessed concurrently by multiple nodes. NAS delivers high throughput and strong data consistency across concurrent clients, reducing time spent waiting on file operations.
Big data analytics: Analytics workloads frequently use file-based APIs and depend on file locking semantics. NAS supports POSIX file operations including file locking, with throughput that scales with capacity to meet the demands of large datasets.
Content management and web serving: Use NAS to store and serve assets for websites, online publishing platforms, and archiving systems. NAS follows standard file system semantics, making it compatible with existing web frameworks.
Security
NAS provides three complementary access control mechanisms plus encryption at rest.
Permission groups
A permission group acts as a whitelist that controls which IP addresses or CIDR blocks can mount a file system, and with what read/write and user permissions. Assign different permission levels to different network ranges within the same permission group. For details, see Manage a permission group.
RAM
Resource Access Management (RAM) controls which Alibaba Cloud accounts and RAM users can manage NAS resources. Each RAM user has a dedicated AccessKey pair, and you can grant the minimum permissions needed for each role — reducing the risk of accidental or unauthorized changes. For details, see Perform access control based on RAM policies.
ACL
Access control lists (ACLs) apply fine-grained permissions to individual files and directories inside a file system. This is useful when multiple users or groups share the same NFS or SMB file system and need different levels of access to specific paths. For details, see NFS ACL overview and SMB ACL overview.
Encryption
NAS encrypts data at rest using AES-256 (Advanced Encryption Standard). Encryption and decryption happen automatically on every read and write — no application code changes required. Keys are managed through Key Management Service (KMS). For details, see Server-side encryption.
Data durability and availability
NAS stores multiple replicas of every piece of data, distributed across isolated fault domains for geo-redundancy. Data reliability is 99.999999999% (eleven 9s).
Scalability
NAS file system capacity scales automatically as you add or remove files — no pre-allocation or partition planning required. The peak throughput of a file system is linearly proportional to the used capacity of the file system — a file system with larger capacity has higher peak throughput. Thousands of ECS instances can concurrently access a single file system via Portable Operating System Interface (POSIX), with support for random reads and writes.
API operations
Manage NAS resources — file systems, mount targets, permission groups, snapshots, and tags — through:
NAS API: Make requests over HTTP or HTTPS using GET and POST methods.
NAS SDKs: Call NAS API operations using the SDK for your preferred programming language.
Alibaba Cloud CLI: Script and automate NAS operations from the command line.
OpenAPI Explorer: Explore and test API operations through a browser-based interface.
NAS console: Perform all operations through the API OverviewNAS console if you prefer a graphical interface.
For the full API reference, see List of operations by function.
Billing
NAS uses pay-as-you-go billing — you are charged only for the storage capacity in use. Capacity scales automatically, so you are never billed for pre-allocated but unused space. When you delete a file, billing for that file's storage stops. Purchase resource plans to reduce per-GB costs for predictable workloads.