AWS File Storage Gateway -Day 1 (Deployment)

-

General info:-

 AWS S3 Storage Gateway Setup and Day 1 Operations.

AWS Storage Gateway is primarily used for Storage Space, efficient  Data Sync, Caching and Secure way of transferring the data to various AWS storage services like AWS FX and S3 Services. In addition, AWS storage gateway helps organizations deal with on-premise space issues with  Backup Target and store end-user data.


AWS Gateway is an appliance that can be deployed on-premise to extend the AWS storage services.

AWS Gateway is charged for Per Month Per VM Based.

AWS Gateway logs, activity can be monitored by AWS Monitoring Services.

AWS free tier allows to Use 100GB of Space using AWS Storage Gateway.


AWS gateway requires a minimum of 16GB ram and 200 GB disk space to start with, and we can choose the best fit configuration according to our requirements.

 

1). AWS File Storage Gateway:

AWS storage by providing standard storage interfaces. It offers transparent caching, efficient data transfer, and integration with AWS monitoring and security services as depicted below diagram.


2). AWS File Storage Gateway how to download.

1) Login to AWS console

2)  Go to AWS Storage Gateway 

3)  Select Create Gateway

4) Download  required  Image (VMware, Hyper V, Physical etc..)



3). AWS File Storage Gateway how to deploy

1)  Import the image to the Hypervisor (with Create New UUID option)

2)  configure the interface  (with required firewall ports to AWS sites )

3)  Assign Static IP ( Your Local NFS / SMB Server)

4) Assign Cache Disk (We need to create and attach to the Imported VM, Minimum Disk capacity 150Gb)

5.  Power on the VM  (Admin and password is the default username and password)



6.  if you login through console you can see the appliance IP and   prompt to access various troubleshoot and management tools.


3). AWS File Storage Gateway how to Configure in AWS.

1) Login to AWS console

2)  Go to AWS Storage Gateway 

3)  Select Create Gateway and select connect gateway option

4) input your appliance IP

5) Select Public (since it is home lab)
6) select Cache Volume and press Configure

7) Now appliance will ready for use and configure the front (NFS shares) and Backend storage (S3).


4). AWS File Storage Gateway how to Create Shares & link  in  AWS S3.

1) Login to AWS console

2)  Go to S3

3)  Create S3 Bucket with any name with default permission (no public access)


4) navigate to Storage Gateway Service

5) navigate to File Share

6) Create Share and link to S3 (S3 Standard Tier in LAB to Check the IO and Sync).


7) Propagate NFS options (Day 2 Operation will be explored in other article).

8) Ready for access to local NFS  Client.



5). AWS File Storage Gateway exported NFS access in on premise Client.

1) Login to Client

2)  find exports using showmount -e XX.XX.XX.XX (AWS Storage Gateway appliance ID)



3)  use mount command to mount the export

4) verify access in client (Mounted using NFS4version, with root Squash )


5) Check the data sync in S3 Bucket.



Oh, We completed Deployment of on of the AWS hybrid storage option, lets examine Day 2 Operation listed below in upcoming days.

1) NFS export options

2) User permission

3) Network troubleshooting

4) TLS transport  or FIPS options

5) Examining the S3 bucket objects

6) backup and restore 

7) Accessing with Cloud

8) Encryption 

9) Container Access to the Shares

10)  exploring IAM roles (how effectively useful?)

Comments

Post a Comment

Popular posts from this blog

-
Image
  My OSCP Journey: OSCP Certified At First Attempt (90 Points) It all began in August 2022 when I achieved a significant milestone in my cybersecurity journey by passing the Red Hat Certified System Administrator (RHCSA) exam. This achievement not only provided me with a strong foundation in Linux but also fueled my passion for diving deeper into the world of cybersecurity. Around the same time, I found myself holding a voucher for the CompTIA Cybersecurity Analyst (CySA+) exam, which I knew was another crucial step in my career progression. I was determined to continue building my expertise in cybersecurity. However, my true adventure towards the Offensive Security Certified Professional (OSCP) certification didn't officially kick off until November 23, 2023. That's when I made the decision to invest in the OSCP Learn One subscription package, which granted me one year of access to the OSCP labs and two exam attempts. It was an exciting but challenging journey that awaited me....
Read more
-
Image
  PXE Network Boot #Preboot Execution Environment, used to load operating system over a network connection. #PXE network boot is achieved through several network protocols, which includes: TFTP, DHCP,IP,HTTP/NFS, etc. #Now lets begin building our environment(here I used ubuntu(Focal) as my pxe-server). #STEP 1 :) #First lets install the required packages: sudo apt-get install isc-dhcp-server tftpd-hpa syslinux pxelinux apache2 -y #Download the ISO file as well.(here I tried to install ubuntu-server(20.04) over network.) #here syslinux is for the bios files, pxelinux for the pxelinux.0 file. #STEP 2 :) #Configure tftp base folder: mkdir /tftpboot rsync -av /usr/lib/syslinux/modules/bios/{menu.c32,libutil.c32,ldlinux.c32,libcom32.c32}  /tftpboot mkdir /tftpboot/pxelinux.cfg touch /tftpboot/pxelinux.cfg/default mkdir /tftpboot/ubuntu mount -o loop,ro /PATH_TO_ISO /tftpboot/ubuntu #add this in /etc/fstab - so that the mount persists  reboot. /PATH_TO_ISO /tftpboot/ubuntu ...
Read more
-
Image
  CHAT ROOM WITH END-TO-END-ENCRYPTION  USING SOCKET PROGRAMMING PYTHON LEARNING: Socket programming Understanding TCP  Diffe hellman key exchange Encryption Tkinter Threading  What is  one way function?   There is no inverse  to this type of functions             Eg -     5 mod 2 =1 11 mod 2 = 1 25 mod 2 = 1 Any odd no. mod 2 = 1                Therefore, there are infinite possibilities  of odd numbers.                Hence, even if we  know remainder and divisor we cannot say what is dividend. (here we are not                   involving quotient, hence it is not possible to find the dividend .) Note: this is modulus property (g**A mod p)**B mod p =. (g**B mod p)**B mod p = (g **(A*B) mod) p mod p The same thing is done in diffe hellman key e...
Read more