File Storage Service FAQ
What is Oracle Cloud Infrastructure File Storage service (FSS)?
Oracle Cloud Infrastructure File Storage service (FSS) is a fully-managed file storage service to provide full elasticity and scalability. FSS supports Network File System (NFS) protocol version 3 along with Network Lock Manager (NLM). FSS is an enterprise-grade file service that scales up to meet your storage needs and is accessible concurrently by thousands of compute instances. You can start with a file system that contains only a few kilobytes (KB) of data and scale to 8 exabytes (EB) of data without any up-front capacity planning or provisioning. Moreover, your data and metadata are protected with encryption at rest, and by snapshot capabilities that allow you to create up to 10,000 read-only snapshots per file system.
When should I use File Storage service?
You should use File Storage when:
- Your workload requires durable and highly-available shared storage with file semantics.
- You need service elasticity in the cloud, and scale-out performance for shared access.
- You want your data to persist beyond your instance life.
File Storage service provides you with various data management options, operational flexibility, and pay-per-capacity pricing.
What use cases does File Storage service support?
File Storage service supports a broad range of use cases, including:
- Oracle applications:
- Shared file storage for Enterprise lift-and-shift applications for optimal disk consumption and ease of deployments
- Structured and unstructured data:
- User and application data storage including images, videos, IoT, and log files
- Target storage for backup and archive utilities such as Oracle Recovery Manager
- Container-based applications:
- Storage volumes for Docker and Kubernetes environments
- Big data and analytics:
- Storage for both source and value-added data
Can my current application take advantage of File Storage service?
Any application that uses NFS v.3 works with minimal to no modification with FSS. This includes Oracle applications and solutions such as Oracle E-Business Suite, and transactional workloads such as Oracle Database and MySQL.
What are the core components of File Storage service?
- File systems: File systems are a way of organizing your data. Metadata that is used to track and control associated file information, like location and access permissions, is also stored in the file system.
- Mount targets: Mount targets are highly-available NFS endpoints in your subnet of choice. NFS clients mount file systems through mount targets in order to read and write data. By default, you can create two mount targets per account per availability domain, but you can request an increase. See Service Limits for a list of applicable limits and instructions for requesting a limit increase.
- Protocol: File Storage service supports NFS v.3 on Windows and Unix-based OSs.
What are the default settings in File Storage service?
By default, File Storage allows you to create 100 file systems and 2 mount targets in every availability domain of your choice. Each file system can grow to 8 exabytes of data. You can create 10,000 snapshots of every file system. Visit Service Limits for a list of default settings and instructions for requesting an increase.
What interface does File Storage service support?
File Storage service supports NFS v.3, including a file locking mechanism that uses Network Lock Manager (NLM) protocol. FSS works with common NFS v.3 clients, including those on Linux, Solaris, and Windows, as well as Oracle's Direct NFS driver. Please refer to the FSS User Guide on how to mount from Unix-style and Windows systems.
What is the durability and availability of my data stored in File Storage service?
Your data is replicated for durability within each availability domain in a highly-available infrastructure that implements industry-leading data protection techniques and best practices. We recommend making regular backups of file system snapshots to protect against the failure of an availability domain.
How does File Storage service support snapshots?
File Storage service lets you create snapshots using the web-based Console, command line interface (CLI), REST APIs, or from the file system itself by creating a directory in the file system's .snapshot directory. Snapshots provide a read-only, space-efficient, point-in-time view of your entire file system. File Storage snapshots employ copy-on-write and consume storage space only when data changes. You'll only be billed for the storage space that your snapshots use for the delta of your changed data.
How do I get started with File Storage service?
For an overview of File Storage service and it concepts, visit the FSS User Guide. You can create a file system and mount to it with only few clicks in the web-based Console. Moreover, you can also use the REST APIs, CLI and Terraform to create file systems and mount targets.
After creating a file system and a mount target, access your file system from compute instances. Log into your compute instance to install the NFS client and mount to your mount target. For information on installing the NFS client, please refer to the mounting instructions for each instance type:
How can I get access to File Storage service?
File Storage service is physically located in every Oracle Cloud Infrastructure availability domain of your choice. You can access it from anywhere! For accessing it within a region, you only need to ensure that your security rules are correctly configured to allow NFS traffic. For more information, see how To configure security list rules. For on-premises connection to your file system, you additionally need FastConnect or a virtual private network (VPN). Accessing a file system from an instance in a different Oracle Cloud Infrastructure availability domain incurs a small performance penalty due to network latency that exists between availability domains.
How do I remove file locks from a host that is no longer available?
For information about removing locks from a file system, see the user guide.
How should I use File Storage snapshots for backup?
Use rsync, tar, or any third-party tool that supports NFS v.3 to copy your data to another Oracle Cloud Infrastructure availability domain, region, Oracle Object Storage, or your on-premises storage.
How can I migrate my existing data into File Storage service?
You can use standard tools like scp, rsync, or SSHFS to move data. Because File Storage service can be accessed from multiple Oracle Compute instances concurrently, you can improve copying speeds with parallel uploads. If you want to bring data from outside of a region, use VPN or a FastConnect connection to mount to your File Storage service from your on-premises data center.
Can I limit access to my file systems?
Yes, you can use NFS export options on export paths for achieving that. Export paths are specified when a file system is associated with a mount target. The export path uniquely identifies the file system within the mount target, letting you associate up to 100 file systems behind a single mount target. The export path is appended to the mount target IP address, and used to mount (logically attach) to the file system. The export path exists solely as a way to distinguish one file system from another within a single mount target. For more information, visit Paths in File Systems. After creating a file system, you must set security options on your export paths for granular access control to limit root user access, require connection from a privileged port, or completely deny access to some clients. For more information on access control lists with NFS export options, visit Working with NFS Export Options.
Access and Security
How do I manage security and access control for my file systems?
File Storage service provides several methods of ensuring that your data remains secure. Use these methods in concert to restrict access to your file systems:
- Oracle Cloud Infrastructure policies: Create policies to control what users can do within Oracle Cloud Infrastructure, such as creating a VCN and its security rules, file systems, mount targets, and export options.
- Network security lists: Create security lists to control what IP addresses and ports can access your mount targets.
- NFS export options: NFS export options are a method of applying access control at the Network security list layer and the NFS v.3 Unix authentication layer. You can use NFS export options to limit access levels by IP addresses or CIDR blocks connecting to multiple file systems through exports of an associated mount target. Hence, access can be restricted so that each client’s file system is completely inaccessible and invisible to the other, allowing for multi-tenant or managed hosted environment security. Moreover, you have the ability to set permissions for read-only, read/write, or root-squash for your file systems.
- NFS v.3 Unix security model support: NFS v.3 manages security with standard Unix-style read/write/execute permissions, based on user and group IDs. We verify the Unix security model for authentication each time files are accessed.
See About Security in the documentation for more information about how different types of security work together in your file system.
What encryption does File Storage service use?
File Storage service uses strong encryption, with unique keys for each file system. Encrypted data includes all file data, file names, and directory names.
What can I do to achieve the best performance with File Storage service?
In File Storage service, performance scales up with the number of parallel processes. To increase performance:
- File Storage performance increases with highly parallelized workloads when using concurrent operations from multiple threads and instances. Ensure your application is accessing the file system with the most parallelism possible. If you have a large number of files, don’t store them all in a single directory in your file system. Instead, distribute them evenly throughout a number of directories. For example, in a file system storing a million files, use 16 directories with 16 subdirectories. Then divide them into a further 16 subdirectories, each with 16 subdirectories of their own, storing 16 files in each subdirectory.
- Available bandwidth to a file system can have a significant impact on its performance. Instance bandwidth scales with the number of Oracle CPUs (oCPU). Oracle Cloud Infrastructure offers you a variety of different Virtual Machines and Bare Metal resources to meet your business needs. Different Virtual Machines offer different bandwidth; assess your business needs, cost and your desired performance when selecting which Oracle resources fit your requirements the best. In order to obtain a better performance with File Storage service, we recommend you choose Oracle Bare Metal resources that have higher bandwidth. For more information, see Oracle Compute Pricing.
- Access File Storage service from an instance running in the same availability domain to avoid latency that exists between availability domains.
- We recommend not passing any mount options (e.g., rsize or wsize) when mounting; and instead leaving it to the client and server to negotiate the window size. This approach results in a better performance than any explicit value passed. See the documentation for specific examples of recommended mount options.
How much does File Storage service cost?
File Storage service cost is measured hourly and billed monthly based on consumed capacity at $0.0425/month per gigabyte (GB). File Storage snapshots are space efficient (copy-on-write) and you are charged at the same fixed rate only when there is a delta between snapshots. For more information, visit Storage Pricing.