Introduction of SFS in CloudFerro Cloud on CREODIAS

In June 2025 CloudFerro activated SFS in the first WAW4-1 cloud region. This change will be propagated to other CloudFerro cloud regions soon.

What are SFS/Shared File Systems?

A Shared File System (SFS) is a type of file storage solution that allows multiple users or computers to access, read, and write to the same files and directories over a network. This capability is crucial for collaborative environments where data needs to be shared across various teams or applications seamlessly.

Key features and benefits of a Shared File System include:

  • Concurrent Access: Multiple users or systems can access the same files simultaneously, facilitating real-time collaboration and data sharing.
  • Centralized Management: Data is stored and managed from a central location, making it easier to perform backups, implement security policies, and oversee access controls.
  • Scalability: Shared File Systems are designed to scale with the needs of an organization, accommodating growing amounts of data and an increasing number of users or applications.
  • Access Control: Advanced permissions and authentication mechanisms ensure that only authorized users can access or modify the files, enhancing security.
  • Compatibility: Shared File Systems often support multiple protocols, such as NFS (Network File System) and SMB (Server Message Block), allowing them to integrate with diverse operating systems and platforms.
  • Data Consistency: Mechanisms such as file locking and snapshots help maintain data consistency and integrity, even when files are accessed by multiple users at the same time.

The simplest parallel of SFS to other known solutions will be NAS (Network Attached Storage) device installed in a small office. By buying and connecting such a device to the office network you get shared storage without worrying about server hardware configuration or software administration. The only thing to do is to set the access rights.

Technology behind SFS

SFS in OpenStack is provided by a dedicated module known by its project name "Manila". It allows users to provision and manage file shares (e.g., NFS or SMB) as a service.

Key features of OpenStack SFS/Manila include:

  • Provisioning: Ability to create, delete, and modify shared file systems on-demand.
  • Access Control: Manage which instances or users have access to the file shares.
  • Snapshots: Support for creating and managing snapshots of file systems.
  • Multi-tenancy: Ensures that different tenants can safely consume and isolate shared file systems.
  • Backend Support: Capability to work with various types of storage backends for flexibility and scalability.

Overall, Manila adds an important dimension to the storage capabilities within OpenStack, complementing block storage (Cinder) and object storage (Swift) to provide a comprehensive suite of storage services.

Details of SFS implementation at CloudFerro Cloud and CREODIAS

  1. NVME storage in backend.
  2. Single "sfs" network for all tenants and projects.
  3. All instances using shares must be attached to this common "sfs" network.
  4. Access to share is defined by IP address of instance.
  5. NFS (Network File System) only protocol is currently available.

The important implication and feature
As all shares and instances are in the same network, then SFS shares may be used to simply share data between OpenStack projects or even tenants.

Thanks to this you may:

  • Build environments based on multiple projects in the same region.
  • Use share as a more elastic solution for migration between projects than transferring volumes.
  • Cooperate and share data with other organizations using CloudFerro Cloud / CREODIAS in the same region.

Using SFS

Detailed documentation would be soon available on documentation services:
https://creodias.docs.cloudferro.com/en/latest/index.html
https://docs.cloudferro.com/en/latest/

Here are some hints:

Permissions

To use the SFS solution, the user must have the appropriate permissions. The primary role that allows creating and managing shares is the "manila_user" role, which must be assigned to the user by administrator per project. Without this role, the Shares option will not be available in the Horizon menu, nor will any actions be executable via the API.

To verify if you may use SFS please use OpenStack GUI Horizon. Select the project and go to the left side menu to "Network" -> "Networks".
Review the list. Beside other networks you should see "sfs" network with "sfs1-subnet" Additionally, in the left side menu you should see the section "Share".

Steps to create and access share:

  1. Select instances that should access the share.
  2. Go to the list of instances. In Horizon GUI “Compute” -> “Instances”
  3. For each of them select from the context menu “Attach Interface”
  1. Leave the way of specifying Interface as “by Network (and IP address)” and select “sfs” network

Leave “Fixed IP Address” empty. The address would automatically be assigned by DHCP. Note IP addresses assigned to instances in “sfs” network.

  1. Create a share

Go to Horizon to “Share” -> “Shares”.

Click “+ Create Share” button.

In window: Go to Horizon to “Share” -> “Shares”.

Click “+ Create Share” button.

In window:

You must fill:

  • Share Name
  • Share Protocol (remember that default option NFS is only supported)
  • Size
  • Availability Zone

Then press button “Create”

  1. When a new share appears on the list, click its name.

And note the path:

  1. Return to shares list and select from share context menu “Manage Rules”

Click “+ Add rule” button

On popup window:

  • Leave “Access type” as “ip”
  • Select “Access Level” from “read-only” or “read-write”.
  • Insert IP address in “sfs” network noted before for instance with mask “32” with format “xx.xx.xx.xx/32”.

Repeat “+ Add Rule” for all other addresses noted.

IMPORTANT NOTE:

As this is the only way of granting/restricting access, we strongly recommend to always use a single instance IP address with mask “32” meaning only single address, despite the fact that wider network class with lower mask may be entered here.

  1. Login on each instance and execute commands:
cd /mnt
sudo mkdir my-share
sudo mount -t nfs -o vers=4.2 <path noted in step 6> /mnt/my-share/

Example of last command:

sudo mount -t nfs -o vers=4.2 10.84.80.17:/volumes/_nogroup/12345678-1234-1234-5679-123456789abcd/12345678-1234-5678-9abc-12345678 /mnt/my-share/

That’s all.

You can now enjoy using shared filesystem from many instances.

Author: Mateusz Ślaski, Sales Support Engineer, CloudFerro