Configuring Amazon DataSync transfers with an NFS file server
With Amazon DataSync, you can transfer data between your Network File System (NFS) file server and one of the following Amazon storage services:
To set up this kind of transfer, you create a location for your NFS file server. You can use this location as a transfer source or destination.
Providing DataSync access to NFS file servers
For DataSync to access your NFS file server, you need a DataSync agent. The agent mounts an export on your file server by using the NFS protocol.
Configuring your NFS export
The export that DataSync needs for your transfer depends on if your NFS file server is a source or destination location and how your file server's permissions are configured.
If your file server is a source location, DataSync just has to read and traverse
your files and folders. If it's a destination location, DataSync needs root access
to write to the location and set ownership, permissions, and other metadata on
the files and folders that you're copying. You can use the
no_root_squash
option to allow root access for your
export.
The following examples describe how to configure an NFS export that provides access to DataSync.
When your NFS file server is a source location (root access)
Configure your export by using the following command, which provides DataSync
read-only permissions (ro
) and root access (
no_root_squash
):
export-path
datasync-agent-ip-address
(ro,no_root_squash)
When your NFS file server is a destination location
Configure your export by using the following command, which provides DataSync
write permissions (rw
) and root access (
no_root_squash
):
export-path
datasync-agent-ip-address
(rw,no_root_squash)
When your NFS file server is a source location (no root access)
Configure your export by using the following command, which specifies the POSIX user ID (UID) and group ID (GID) that you know would provide DataSync read-only permissions on the export:
export-path
datasync-agent-ip-address
(ro,all_squash,anonuid=uid
,anongid=gid
)
Supported NFS versions
By default, DataSync uses NFS version 4.1. DataSync also supports NFS 4.0 and 3.x.
Configuring your network for NFS transfers
For your DataSync transfer, you must configure traffic for a few network connections:
-
Allow traffic on the following ports from your DataSync agent to your NFS file server:
-
For NFS version 4.1 and 4.0 – TCP port 2049
-
For NFS version 3.x – TCP ports 111 and 2049
Other NFS clients in your network should be able to mount the NFS export that you're using to transfer data. The export must also be accessible without Kerberos authentication.
-
-
Configure traffic for your service endpoint connection (such as a VPC, public, or FIPS endpoint).
-
Allow traffic from the DataSync service to the Amazon storage service you're transferring to or from.
Creating your NFS transfer location
Before you begin, note the following:
-
You need an NFS file server that you want to transfer data from.
-
You need a DataSync agent that can access your file server.
-
DataSync doesn't support copying NFS version 4 access control lists (ACLs).
-
Open the Amazon DataSync console at https://console.amazonaws.cn/datasync/
. -
In the left navigation pane, expand Data transfer, then choose Locations and Create location.
-
For Location type, choose Network File System (NFS).
-
For Agents, choose the DataSync agent that can connect to your NFS file server.
You can choose more than one agent. For more information, see Using multiple DataSync agents.
-
For NFS server, enter the Domain Name System (DNS) name or IP address of the NFS file server that your DataSync agent connects to.
-
For Mount path, enter the NFS export path that you want DataSync to mount.
This path (or a subdirectory of the path) is where DataSync transfers data to or from. For more information, see Configuring your NFS export.
-
(Optional) Expand Additional settings and choose a specific NFS version for DataSync to use when accessing your file server.
For more information, see Supported NFS versions.
-
(Optional) Choose Add tag to tag your NFS location.
Tags are key-value pairs that help you manage, filter, and search for your locations. We recommend creating at least a name tag for your location.
-
Choose Create location.
-
Use the following command to create an NFS location.
aws datasync create-location-nfs \ --server-hostname
nfs-server-address
\ --on-prem-config AgentArns=datasync-agent-arns
\ --subdirectorynfs-export-path
For more information on creating the location, see Providing DataSync access to NFS file servers.
DataSync automatically chooses the NFS version that it uses to read from an NFS location. To specify an NFS version, use the optional
Version
parameter in the NfsMountOptions API operation.
This command returns the Amazon Resource Name (ARN) of the NFS location, similar to the ARN shown following.
{ "LocationArn": "arn:aws:datasync:us-east-1:111222333444:location/loc-0f01451b140b2af49" }
To make sure that the directory can be mounted, you can connect to any computer that has the same network configuration as your agent and run the following command.
mount -t nfs -o nfsvers=<
nfs-server-version
<nfs-server-address
:<nfs-export-path
<test-folder
The following is an example of the command.
mount -t nfs -o nfsvers=3 198.51.100.123:/path_for_sync_to_read_from /temp_folder_to_test_mount_on_local_machine