For a long time, we have been using the Samba File server to share files across servers, users, and applications. But there are certain limitations while running the Windows File server on the on-premise instance such as the hard disk will run out of space. So we have to actively monitor the disk space and to accommodate more data we need to upgrade the disk size which is a tedious process. The cost of running the file server instance and the hard disk associated with it on-premise will be of huge cost. To overcome these scenarios AWS has released a Fully managed File server solution named Amazon FSx.
With the help of Amazon FSx for the Windows File server, we can save costs up to 60% by using data deduplication.
In this blog, we are going to learn and implement Amazon FSx for the Windows File server and Mount it on Windows EC2 instances so that the file can be shared with other instances when they are mounted.
In this blog, we will cover:
- What is Amazon FSx for Windows File Server?
- Benefits of FSx File Server
- Features of Amazon FSx for Windows File Server
- Pricing of Amazon FSx for Windows File Server
- Setting up a Windows EC2 instance
- Creating Amazon FSx File Server
- Mounting of FSx File system on the Windows EC2 instance
- Customers of Amazon FSx for Windows File Server
- Conclusion
What is Amazon FSx for Windows File Server?
Amazon FSx for Windows File Server is a fully managed, highly dependable, and scalable file storage solution that uses the industry-standard Server Message Block (SMB) protocol for access. It’s based on Windows Server and includes administrative capabilities including user quotas, end-user file restoration, and Microsoft Active Directory (AD) integration. It supports single- and multi-AZ deployments, as well as fully managed backups and data encryption in transit and at rest. With SSD and HDD storage options, you can optimize cost and performance for your workload needs, and you may grow storage and adjust the throughput performance of your file system at any moment. Amazon FSx file storage can be accessed from AWS or on-premises Windows, Linux, and macOS compute instances and devices.
Benefits of FSx File Server
- Fast
- Secure & Compliance
- Inexpensive
- Availability & Durability
Features of Amazon FSx for Windows File Server
Performance and scale
- Performance: Amazon FSx is built to give a quick, reliable, and predictable performance. Multiple GB/s of throughput per file system, hundreds of thousands of IOPS per file system, and continuous sub-millisecond latencies for file operations are all provided by Amazon FSx.
- Scale: Amazon FSx can store up to 64 TB of data per file system. To practically scale out storage and throughput, you can utilize DFS Namespaces to construct shared common namespaces spanning many Amazon FSx file systems.
Security and Compliance
- Encryption: At rest and in transit, all data in the Amazon FSx file system is automatically encrypted. The AWS Key Management Service is used to encrypt data in transit (AWS KMS).
- Compliance: AWS offers the cloud’s longest-running compliance program and is dedicated to assisting clients with their obligations.
- Identity-based authentication: Amazon FSx supports identity-based authentication over SMB through Microsoft Active Directory (AD).
- Access control and monitoring: Amazon FSx supports Windows Access Control Lists (ACLs) for fine-grained file and folder access control.
- Network isolation: Your Amazon VPCs give you access to your Amazon FSx file system. Using Amazon VPC Security Groups and VPC Network ACLs, you may specify firewall settings and manage network access to your Amazon FSx file systems.
- File access auditing: Using Windows event logs, Amazon FSx allows you to audit end-user access to your files, folders, and file shares.
Availability and durability
- Highly available and durable: Amazon FSx automatically duplicates your data within an Availability Zone (AZ) it resides in (which you specify during creation) to protect it from component failure, continuously monitors for hardware failures, and automatically replaces infrastructure components in the event of a failure to ensure high availability and durability.
- Multi-AZ deployments: Any changes written to disc in your file system are synchronously replicated across AZs to the standby in multi-AZ file systems, which feature an active and standby file server in distinct AZs.
- Support for High Availability Microsoft SQL Server deployments: In a Windows Server Failover Cluster (WSFC), Microsoft SQL Server is commonly deployed over many database nodes, with each node having access to shared file storage.
Data protection
- Automated daily backups: The Volume Shadow Copy Service (VSS) is used by Amazon FSx to make your backups file system consistent. At any time, you can make additional backups of your file system.
- Easy file-level restores (Microsoft Windows shadow copies): Amazon FSx enables restoring individual files and folders to prior versions using Windows shadow copies, allowing end users to easily undo changes and compare file versions.
- Centralized backup and compliance with AWS Backup: Amazon FSx is linked with AWS Backup, allowing you to construct scheduled, policy-driven backup plans for your Amazon FSx file systems to fulfill enterprise compliance and data protection requirements.
- Cross-region and cross-account backup compliance: You can duplicate your Amazon FSx file system backups across AWS Regions, AWS accounts, or both to provide additional levels of data security and meet business continuity, disaster recovery, and compliance requirements.
Cost-effectiveness
With Amazon FSx, you can access highly available, durable, and scalable file storage for Windows applications and workloads for as little as $0.013 per GB-month, making it the cheapest file storage in the cloud.
You may simply scale throughput capacity and increase file system storage at any moment, decreasing the time and resources required to manage your file storage.
Pricing of Amazon FSx
You only pay for the resources you use with Amazon FSx for Windows File Server. There are no set-up costs or minimum fees. You are responsible for the storage and throughput capacity that you choose for your file system, as well as any backups. Data moved “in” to and “out” of Amazon FSx across Availability Zones (AZs) via VPC Peering connections in the same AWS Region, as well as data transferred “out” of Amazon FSx to other AWS Regions, will be charged.
Hands-on
In order to set up an Amazon FSx file system, we must meet the following requirements.
- A Microsoft Windows EC2 Instance.
- Microsoft Active Directory for Authentication and access control.
Creating Windows EC2 Instance
Go to the EC2 Console to launch a Windows instance
From the navigation pane, click instances
Click launch instance.
AMI is nothing but an operating system such as Centos, Ubuntu and Windows etc.
Step 1: Select the preferred AMI of the windows operating system.
Step 2: Select the preferred instance type based on the system requirements of CPU and memory.
Click next: Configure instance details
Step 3: Select a VPC and the subnet where the instance will be created.
Click next: Add storage
Step 4: Enter the storage size and the storage type for the instance.
Additional disks can be added during the instance launch.
And click next: Add Tags
Step 5: Provide a tag to the instance for identification.
Click next: Configure Security Group
Step 6: Configure Security Group, allow the port 3389 so that we can RDP into the Windows EC2 instance.
Click Review and launch.
Step 7: Review instance launch,
After reviewing the configuration of the instance, press Launch.
Note: We can use the existing key pair or create a new key pair, if this is the first time you’re launching an EC2 instance.
Choose Create a new key pair.
Enter a key pair name and click Download Key Pair.
The .pem file will be downloaded to your Local machine.
and click Launch Instances.
The instance has started creating which has its own Instance ID.
Click View Instances
The instance is created and is successfully running now.
Creating File System
Go to the FSx console, choose Create file system.
Select Amazon FSx for Windows File Server
Click Next
On the create file system page, enter a file system name.
For deployment type, file systems can be deployed in single or multiple availability zones.
Select single AZ to deploy in a single availability zone, which supports SSD and HDD storage.
Selecting Multi-AZ will deploy the file system in multiple availability zones which provides high availability & fault tolerance for the file system.
And it supports SSD and HDD storage types.
I chose the Multi-AZ deployment type for this tutorial.
For storage type, either SSD or HDD storage type can be used.
For storage capacity, enter the storage size required for the file system.
The storage size can be modified later.
Let’s throughput capacity setting be the default value.
Throughput capacity determines at what speed the data can be served to the users and the applications from the file server.
In the Network & Security section, select the VPC for the file system.
The VCP should be the same as where the AWS-managed Microsoft Active Directory services and the Windows EC2 instance were created.
For VPC security groups, the default VPC security group will be used for the File system.
If a custom security group is used for the file system, then the following ports should be allowed in the security group inbound rules.
UDP: 53, 88, 123, 389, 464
TCP: 53, 88, 123, 389, 445, 464, 636, 3268, 3269, 9389, 49152-65535
The inbound rules will allow connection from the specific instance, subnet, or the security group.
The outbound rules allow all the traffic to all the targets by default.
For the Preferred subnet, select the subnets from the different availability zones.
For Multi-AZ deployment type, a subnet from one AZ will be used for the primary file server and a subnet from another AZ is used for the standby file server.
For Windows authentication, select AWS Managed Microsoft Active Directory.
In the drop-down, select the directory service.
For Encryption, the default AWS managed KMS key aws/fsx (default) will be applied.
Other options such as auditing, access, backup and maintenance will have the default settings.
Add a tag for the file system and click next.
Review the settings and press Create file system.
The file system creation has started now.
The FSx file system was successfully created .
Select the file system ID and press attach, you can get the fully qualified domain name for the FSx file system.
Using FQDN, the FSx file system can be mounted on the Windows EC2 instance.
Mounting FSx file system on Windows EC2 Instance.
The Windows EC2 instance must already have joined the Active directory domain services.
Connect to Windows EC2 instance as the domain user and open the file explorer
Right click on network, click map network drive.
Select the drive letter and Enter the DNS name of the file system as shown below.
And then click Finish.
The FSx file system is successfully mounted on the Windows EC2 instance.
The File system can now be used for creating and uploading files.
The Amazon FSx file system can also be mounted using the command prompt on the Windows OS.
The below command will be used for mounting the file system.
net use Z: \FileSystemDNSName\share
Customers of Amazon FSx for Windows File Server
Epiq: “Amazon FSx really helped us achieve some lofty cost optimization goals. We no longer have to worry about managing file storage, it was a drop in replacement and just works. We get the performance we need, but with higher availability than we can achieve on our own.”
– Tina Kennedy, Director of Engineering Operations, Epiq
Alt text: Amazon FSx Customers
Emirates: ” With Amazon FSx, it was easy to migrate our flagship sites from our hosted data center to AWS. Our CMS needed high performance, stronger security, and reliable shared storage — with the added bonus of scalability. Amazon FSx removed the complexity of managing our file-based workloads, significantly contributed to an uplift in performance and reliability, and most importantly, reduced the operational efforts across all of our teams.”
-Anoop Kumar C, Principal Engineer, Emirates Group
Conclusion
We have successfully created a Windows File system in AWS using AWS’s simple and fully managed FSx service. And also we have seen how the AD user / Admin can mount the file system on the Windows EC2 instance as the Network drive and can create and upload files and folders to the drive. By doing so, we can mount the same FSx file system on multiple Instances to share the files and at the same time, we can save cost using data deduplication. Stay tuned to keep getting all updates about our upcoming new blogs on AWS and relevant technologies.
Meanwhile …
Keep Exploring -> Keep Learning -> Keep Mastering
This blog is part of our effort towards building a knowledgeable and kick-ass tech community. At Workfall, we strive to provide the best tech and pay opportunities to AWS-certified talents. If you’re looking to work with global clients, build kick-ass products while making big bucks doing so, give it a shot at workfall.com/partner today.
