Home PageCloud Storage GatewayGetting StartedManage a file gateway in the on-premises console
Search for Help Content

Manage a file gateway in the on-premises console

Updated at: 2025-01-20 01:50
Product
Community

This topic describes how to configure shares in the on-premises gateway console.

Prerequisites

  1. An Alibaba Cloud account is created and real-name verification for the account is complete. For more information, see Create an Alibaba Cloud account.

    Note

    We recommend that you log on to the CSG console as a RAM user. For more information, see Use RAM to implement account-based access control.

  2. CSG is activated. If CSG is not activated, follow the on-screen instructions in the CSG console to activate CSG.

  3. The on-premises gateway console is deployed. For more information, see Deploy an on-premises console for a file gateway.

  4. An OSS bucket is created. For more information, see Get started by using the OSS console.

    Important

    • File gateways support the following storage classes of OSS buckets: Standard, Infrequent Access (IA), and Archive. File gateways do not support OSS buckets for which back-to-origin routing is configured.

    • We recommend that you do not associate a gateway with an Archive bucket. If files that are written from a file gateway to OSS are infrequently modified, we recommend that you store the files in a Standard or IA bucket first and configure a lifecycle rule that changes the storage class of the files to Archive or Cold Archive. This reduces unnecessary restoration operations and optimizes storage costs and efficiency.

    • When a client writes a file to a file gateway, the gateway records at least two actions: writing the file and setting the file modification time. The gateway merges the two actions where possible. However, the gateway may still initiate multiple operations on the object to the bucket where the object is stored. The CopyObject operation is called to store the file modification time as a piece of metadata of the object in the bucket. If the object is an Archive or Cold Archive object, this operation requires object restoration, which takes some time to complete. This increases the time required for object uploads and even causes upload failures if not enough time is left to upload data in the cache.

  5. A disk is added. For more information, see Add disks.

Step 1: Add a cache disk

Each share corresponds to a unique cache disk. If you need to create multiple shares for a gateway, you must add at least the same number of cache disks as the number of shares that you want to create. You can upload data from a share to the associated OSS bucket, or use the share to download data from the OSS bucket to a local disk.

  1. Open your browser, enter https://<IP address of the file gateway> in the address bar, and then press Enter.

  2. In the dialog box that appears, enter your username and password, and then click OK.

  3. In the left-side navigation pane, click Caches. On the Caches page, click Create.

  4. In the Create Cache dialog box, set the following parameters:

    • Disk: Click Select, and then select an available disk.

      Disks are available only after you add the disks on the deployment platform. For more information, see Add disks.

    • File System: This parameter is optional. If you want to reuse data on the cache disk, select this check box. If you delete a share by accident, you can recreate the share and use this feature to restore data.

      Note

      If you select the check box but no file system exists on the cache disk, the cache disk fails to be added.

  5. Click OK.

Step 2: Bind a cloud resource

You can create shares that use OSS buckets as backend storage. One bucket corresponds to one share. You can bind multiple cloud resources to a file gateway.

Note

By default, the data that is written to a gateway by a client is uploaded in real time to an OSS bucket that is bound to the gateway. You can also specify a latency for the upload. The maximum latency is 120 seconds.

  1. In the left-side navigation pane of the on-premises gateway console, click Cloud Resources. On the Cloud Resources page, click Bind.

  2. In the Bind Cloud Resource dialog box, set the parameters described in the following table.

    Parameter

    Description

    Resource Name

    Enter the name of the cloud resource.

    Cross-region Binding

    Specify whether to enable cross-region binding.

    • If you select Yes, you can access a bucket that resides in a different region from the specified gateway.

    • If you select No, you can access only a bucket that resides in the same region as the specified file gateway.

    Note

    The time zone of an on-premises file gateway must the same as the time zone of the corresponding OSS bucket.

    Region

    Select the region where the bucket resides.

    Bucket Name

    Select the bucket that you want to bind to the file gateway.

    Use SSL

    If you select Yes, you can connect to the OSS bucket over SSL.

  3. Click OK.

Step 3: Create a share

On-premises file gateways support Network File System (NFS) and Server Message Block (SMB) shares. This section shows how to create an NFS share. For information about how to create an SMB share, see Manage SMB shares.

  1. Install an NFS client. For more information, see Install an NFS client.

  2. In the left-side navigation pane of the on-premises gateway console, click NFS. On the File Gateway (NFS) page, click Create.

  3. In the Create NFS Share dialog box, configure the parameters described in the following table and click OK.

    Parameter

    Description

    Share Name

    The NFS mount target.

    If you use NFSv4, you can directly mount the share by using the share name. If you use NFSv3, you must obtain the mount point by using showmount -e <gateway IP address>.

    Read/Write Client IPs

    The IP addresses or CIDR blocks of clients that can read data from or write data to the NFS share.

    Example: 192.168.10.10 or 192.168.0.0/24. You can specify more than one IP address or CIDR block.

    Read-only Client IPs

    The IP addresses or CIDR blocks of clients that can only read data from the NFS share.

    Example: 192.168.10.10 or 192.168.0.0/24. You can specify more than one IP address or CIDR block.

    User Mapping

    Map an NFS client user to an NFS server user. This parameter is available only if you set Protocol to NFS.

    • none: The NFS client user is not mapped to the nobody user on the NFS server.

    • root_squash: The NFS client that uses the root identity is mapped to the nobody user on the NFS server.

    • all_squash: The NFS client is mapped to the nobody user on the NFS server regardless of the identity that the client uses.

    • all_anonymous: The NFS client is mapped to the anonymous user on the NFS server regardless of the identity that the client uses.

    Support Archive

    This parameter is available only when you set User Mapping to none for the NFS share.

    • If you want to use the archive feature, select Yes. You can use the archive feature to archive and restore files in a share.

    • If you do not need the archive feature, select No. You cannot use the archive feature to directly manage files. When you read data from an archived file, a request to restore the file is also initiated. This causes a certain level of latency before you can actually read the archived file.

    Note

    Basic file gateways do not support the archive feature.

    Enabled

    Specify whether to enable the specified NFS share.

    If you do not want to immediately use the NFS share, you can select No to disable the NFS share.

    Data Access Mode

    Select a mode for the share. You can select Replication Mode or Cache mode.

    • Replication Mode: In this mode, two backups are created for all data. One backup is stored in the on-premises cache disk and the other backup is stored in the associated OSS bucket.

    • Cache Mode: In this mode, the on-premises cache disk stores only metadata and the data that is frequently accessed. The bucket stores full data.

    Enable Reverse Sync

    Reverse synchronization allows you to synchronize metadata of objects in the OSS bucket to the on-premises cache disk. This feature is suitable for disaster recovery, data restoration, and data sharing.

    Note

    During a reverse synchronization process, the system scans all objects in the bucket. If the bucket contains a large number of objects, you are charged for calling the OSS API. For more information, see Pricing of OSS.

    Encryption Type

    Select whether to use encryption. You can select No Encryption or Server Side Encryption.

    If you select Server Side Encryption, you must set the CMK ID parameter. You can create a key in the Key Management Service (KMS). For more information, see Create a CMK.

    If you enable the OSS server-side encryption feature, you can bring your own key (BYOK). You can use keys that are imported from KMS.

    After you enable server-side encryption, files that are uploaded to OSS from the share are encrypted by using KMS-managed keys. You can call the GetObject operation to check whether the specified object is encrypted. If the value of the x-oss-server-side-encryption field is KMS and the value of the x-oss-server-side-encryption-key-id field is the key ID, the file is encrypted.

    Note

    • Only the users on the whitelist can use this feature.

    • When you create a CMK in the KMS console, you must select the region in which the OSS bucket resides.

    Bucket Name

    The OSS bucket.

    Path Prefix

    Enter a subdirectory of the bucket.

    The name of a subdirectory can contain only letters and digits.

    Note

    Starting from V1.0.38, you can map the root directory of a file system to a subdirectory of the bucket. This way, you can isolate file access requests.

    You can specify an existing subdirectory or a new subdirectory. After you create a share, the specified subdirectory serves as the root directory. All the related files and directories are stored in the root directory.

    Use Metadata

    Select whether to use metadata disks. If you use metadata disks, data disks are separated from metadata disks, and metadata disks are used to store the metadata of data in the share.

    • If you select Yes, you must set the Metadata and Data parameters.

    • If you select No, you must set the Cache Disk parameter.

    Note

    Only users on the whitelist can use this feature.

    Ignore delete

    If you select Yes, the data that is deleted from the on-premises cache disk is not deleted from the OSS bucket. The bucket stores full data.

    NFS V4 Optimization

    Select whether to optimize the upload efficiency if the share is mounted to an NFSv4 file system. If you select Yes, you cannot mount an NFSv3 file system on your on-premises host.

    Sync Delay

    Specify a period of time to delay the upload of files. This setting prevents frequent on-premises modifications from creating a large number of parts in OSS. Default value: 5. Maximum value: 120. Unit: seconds.

    Max Write Speed

    Specify the maximum write speed. Valid values: 0 to 1280. Unit: MB/s. The default value 0 indicates that the write speed is unlimited.

    Max Upload Speed

    Specify a limit on the upload speed. Valid values: 0 to 1280. Unit: MB/s. The default value 0 indicates that the upload speed is unlimited.

    Note

    When you limit the write speed and upload speed, make sure that the upload speed limit is not smaller than the write speed limit.

    Optimize Fragments

    Specify whether to optimize the performance for applications that frequently and randomly read and write small amounts of data.

    Fast Cache Reclaim

    If you select Yes, cached data is cleared in real time. This feature is suitable for cloud backup scenarios.

  4. Click OK.

Access a share

After you create a share, you can use an NFS client to access the share. For more information, see Access an NFS share.

Previous: Manage a cross-zone HA file gateway in the CSG consoleNext: User Guide
  • On this page (1, T)
  • Prerequisites
  • Step 1: Add a cache disk
  • Step 2: Bind a cloud resource
  • Step 3: Create a share
  • Access a share
Feedback