In this multi-part blog series, we have been exploring the various storage options for workloads running within Google Cloud VMware Engine. Previously, Storage Options with Google Cloud VMware Engine – Part 1 introduced the five main offerings and explained the benefits of VMware vSAN running within the SDDC. In this second part of the series, we will cover the Google Cloud Filestore service.
Google Cloud Filestore – Overview
For applications that require file-based data storage, protocols such as Network File System (NFS) have a long history of reliably providing shared file access across networks. Simply put, Filestore instances are fully managed file servers that can present storage to hosts running within Google Cloud, Google Cloud VMware Engine, or even on-premises.
These instances use the NFSv3 file system protocol, can be scaled to very large capacities, and offer multiple service tiers with varying levels of performance and availability (see Table 1 below). In most cases, depending on the service tier, performance scales near-linearly with capacity. When selecting the instance configuration options, the cost and performance estimates are displayed in the right-hand column in the Google Cloud interface.
For protecting data, Filestore’s storage is encrypted automatically, and Google manages the keys for data-at-rest, much like with vSAN. In addition, administrators also have the option of using customer-managed encryption keys depending on the service tier selected.
| Instance Type | Storage Type | Capacity (TiB) | Min. Step Size | Read/Write IOPS | Read/Write Throughput (MiB/s) | Availability | Data Recovery |
|---|---|---|---|---|---|---|---|
| BASIC_HDD | HDD | 1-10 | 1.0 GiB | 600/1,000 | 100/100 | Zonal | Backups |
| BASIC_HDD | SDD | 10-63.9 | 1.0 GiB | 1,000/5,000 | 180/120 | Zonal | Backups |
| BASIC_SDD | SSD | 2.5-63.9 | 1.0 GiB | 60,000/25,000 | 1,200/350 | Zonal | Backups |
| HIGH_SCALE_SDD | SDD | 10 | 2.5 TiB | 92,000/26,000 | 2,600/880 | Zonal | None |
| HIGH_SCALE_SSD | SDD | 100 | 2.5 TiB | 920,000/260,000 | 26,000/8,800 | Zonal | None |
| ENTERPRISE | SDD | 1 | 256 GiB | 12,000/40,000 | 120/100 | Regional | Snapshots |
| ENTERPRISE | SDD | 10 | 256 GiB | 120,000/40,000 | 1,200/1,000 | Regional | Snapshots |
Note: The information has been summarized in the table above, but please consult the Filestore documentation for the latest about the service tiers, expected performance, backups, and snapshots. In addition, check the Filestore Release Notes for the latest certifications and service previews. Only HIGH_SCALE and ENTERPRISE service tiers are certified as Google Cloud VMware Engine Datastores (currently in preview as of March 10, 2023).
Configuration example
In this configuration example, I will show configuring my workload’s application servers named app01-03 (see figure 1) running within Google Cloud VMware Engine to connect to the Filestore Instance running within my Google Cloud project.
These three app hosts run Ubuntu 22.04.2 LTS and have been added to an NSX segment with a CIDR of 192.168.33.0/24.
Creating the Filestore instance
The first step is to create a new Filestore instance. (Filestore can be found from the Google Cloud navigation menu by expanding more products and scrolling down to the storage section.) When creating the instance, you will be prompted for a name and asked to select the service tier, storage type, capacity, and other miscellaneous options (see figure 2).
As mentioned previously, the upper right corner provides the instance’s cost and performance estimate. For this example, I am just allocating 1 TiB of capacity and using the basic HDD option because high performance is unnecessary.
Towards the bottom of the page are a few more options involving networking and access control. If you have previously set up your private services access, you will see a green check mark (see figure 3). Filestore can use the existing private connection configured for Google Cloud VMware Engine; however, if you have never configured the private service access before, check out the Google Cloud VMware Engine VPC Network Peering demo video.
After supplying a file share name, you must also select the access control. It is highly recommended to restrict access by IP address or range. Depending on the hosts’ required security level, one of four access levels can be specified for an IP range or an individual IP address (see figure 4).
Depending on the size of the instance, it could take several minutes to provision the storage. However, once the instance is ready you can examine all the details and copy the NFS mount point IP address and file share name (see figure 5).
Client configuration
With the Filestore side configured, we can now configure the Ubuntu application hosts in my Google Cloud VMware Engine private cloud.
The first step is installing the nfs-common package on each system:
$ sudo apt install nfs-common
Next, create a mount point directory and set the folder permissions:
$ sudo mkdir -p /nfs/appfarmshare01
$ sudo chmod go+rw /nfs/appfarmshare01
Caution: The chmod command above gives the group and all other users read-write permissions on the directory for testing purposes. More restrictive permissions based on your environment and application needs should be considered.
Finally, you can mount the NFS file share:
$ sudo mount 192.168.70.2:/appfarmshare01 /nfs/appfarmshare01 \
-o hard,timeo=600,retrans=3,rsize=262144,wsize=1048576,resvport,async
Note: The command options listed after the -o are the mount settings Google recommends for the best performance.
Note: These same commands must be run on any of the other application servers that need access to the file share.
Once completed, creating a simple text file in the directory will demonstrate that it works correctly (see figure 7).
Note: Once you have confirmed the proper operation of your share, you can add an entry to the /etc/fstab file so that it will be automatically mounted on system startup.
Backups
From within the Filestore instance properties is a backup tab allowing administrators to initiate a data backup manually. Once a backup is started, it will create a copy of the file share stored separately from the instance for data protection (see figure 8).
This backup I created and named “pre-app-patch-01” can restore data if something goes wrong with an update, a deleted file, or some other mishap. Restoring that data can either be done to a new instance, back to the source instance, or another existing instance (see figure 9). If this is a file restore operation, restoring the backup to a new instance will allow one of the application servers to mount the file share to a different directory to compare or copy files.
Caution: Administrators can also restore the backup to the source instance; however, this should be used as a last resort since it will overwrite any data that has changed since the backup and delete all of the existing snapshots (see figure 9).
Conclusion
Google Cloud Filestore is an easy-to-use solution as file storage for Google Cloud VMware Engine workload machines. It provides multiple scalability, performance, and protection options, all easily managed from the Google Cloud console. In my next post, I will continue the series with another storage option for you to explore, so don’t forget to check back again!
For the latest technical guidance, blogs, or demo videos for Google Cloud VMware Engine, check out VMware Cloud Tech Zone.
Update: Check out the next post in the series — Google Cloud Storage with Google Cloud VMware Engine – Part 3