Usually , We will be running Windows file server to store documents , images , critical files of application workloads and all the applications and services will be using them.
We have to monitor them for the availability and the storage space , Any issues with that may result in business problem.
In order to overcome that , In this blog post , We will see how to setup fully managed Microsoft Windows file server using Amazon FSx service.
What is Amazon FSx for Windows File Server?
It is a fully managed Microsoft windows file server , backed by fully native Windows file system which can be integrated with the AWS services.
It provides file systems for various workloads such as storage for windows applications , machine learning and high performance computing.
The Fully managed file server means , We don’t need to manage the hardware or the software to provide windows native windows file server services to the users.
Amazon FSx provides simple ,fully managed , highly reliable file storage , Which can be accessed using SMB protocol
Amazon FSx file storage can be accessed from Linux , Windows and MacOS running on AWS or on-premises.
Benefits of FSx
Amazon FSx is designed to deliver fast , scalable and consistent performance.
It provides sustainable high read and write speeds and also consistent low latency data access.We can also customize the level of through in order to match the performance of the application workloads.
Secure & Compliant
Amazon FSx is secure as it automatically encrypts data at rest and in-transit.
We can also control the network access to the File system by running it in VPC.
It has been assessed to comply with PCI-DSS , ISO and HIPAA eligible.
We can spin up and spin down the file systems on demand , based on the workloads.
We pay only for the resources we actually consume.
Integration with AWS Services
Amazon FSx can be integrated with S3 , Cloudwatch , Cloudtrail , Sagemaker , KMS , Workspaces , EKS and AWS ParallelCluster.
We integrating we can manage the data on the file systems and manage & fetch the data from file systems when required.
Available & Durable
Amazon FSx offers a variety of deployment options to ensure the workload’s availability and durability requirements.
Depending on the application’s requirements , We can deploy Amazon FSx either on Single or Multi-AZ deployment types.
To create an Amazon FSx file system, We need the following.
- An amazon EC2 instance running Microsoft Windows server.
- Microsoft Active directory for user authentication and Access control.
Once you have Windows EC2 instance and the AWS directory services , We can go ahead with the setup of FSx File system.
Creating File System
To create a FSx Windows file system on AWS, Login to FSx console.
Click Create file system
From the File System options , Choose Amazon FSx for Windows File Server
On the Create file system page , Provide a name for the file system.
For Deployment type , We can either choose Single-AZ or Multi-AZ deployment types.
Choose Single AZ to deploy a file system in a single availability zone.It supports SSD and HDD storage.
Choose Multi-AZ to deploy a file system in multiple availability zones for the high availability & fault tolerance for the file system.It supports SSD and HDD storage.
In this tutorial , I am choose Multi-AZ deployment type.
For Storage type , We can either choose SSD or HDD.
SSD is designed for highest-performance and the latency-sensitive workloads which includes databases , media processing and data analytics applications.
HDD is for broad spectrum of workloads which includes home directories , users , file sharing and content management systems.
For Storage capacity , Enter the storage capacity required for the file system.
The storage capacity can be changed at any time after creation.
Lets use the default throughput capacity setting.
Throughput capacity is the speed at which the file server can serve the data to the application or the end users.
In the Network & Security , Choose the VPC where the file system should be created.
Choose the VCP where you have launched the AWS managed Directory services and the Windows EC2 instance.
For VPC Security Groups , the default security group of the VPC will be applied to the File system.
In you are attaching the custom security group to the File System , make sure the following Inbound and Outbound security group rules are configured.
|UDP||53, 88, 123, 389, 464|
|TCP||53, 88, 123, 389, 445, 464, 636, 3268, 3269, 9389, 49152-65535|
The following inbound rules should be configured and allow only for the instances that should connect with the file syste.
All the outbound rules on the security group is allowed by default.
For Preferred subnet , Choose the subnet and the availability zone where the file system should be launched.
If you have chosen , Multi-AZ deployment type , The choose one AZ for the primary file server and different AZ for the standby file server.
For Windows authentication , Choose AWS Managed Microsoft Active directory
In the drop down, Choose the Ad that you have created.
For Encryption , Choose the default AWS managed Encryption key setting of aws/fsx (default)
Keep the default settings for the Maintenance preferences.
Optionally , Add a tag for the File system and then click Next
Review the configurations of the File system , And finally Click Create file system
The Windows file system has started creating now.
The file system is successfully created .
Choose the File system ID and click Attach , You will find the Fully qualified domain name for your file system.
Make a note of the Fully qualified domain name of the file system.With the help of FQDN , we will mount the file system on the Windows & Linux EC2 Instances.
I will cover that topic in the upcoming article.
We have successfully launched a Windows File system in AWS using AWS’s simple and fully managed FSx service.
Hope you find it helpful.Please check out my other articles.