# Network Storage
## EFS Architecture
EFS can be shared between many EC2 instances.
This is a `private` service, access is via mount targets inside a VPC.
- EFS moves the instances closer to a stateless.
- EFS is an implementation of NFSv4
- EFS Filesystems can be mounted in Linux.
- Using Amazon EFS with Microsoft Windows–based Amazon EC2 instances is not supported.
- You can `access from on-premises with VPN or Direct Connect` so long as access is configured.
### Elastic File System Explained
EFS runs inside a VPC.
EFS includes POSIX permissions (Portable Operating System Interface for maintaining compatibility between different linux distributions).
EFS are made available via `mount targets`. EFS just like any other file system is mounted to a folder on the linux file system of the EC2 instance.
For a fully highly available system you need a mount target for each AZ the system runs in.
You can use hybrid networking to connect to the same mount targets.
EFS is Linux Only.
Just like S3, we can use lifecycle policies to move data between storage classes
Two performance modes:
- General purpose (default for 99.9% of uses)
- Max I/O performance mode
Two throughput modes:
Two storage classes:
- infrequent access
Availability and Durability
- One Zone (multiple but within single AZ)
- Use KMS for encryption
- With KMS based encryption, we need access permission both on the key used and EFS
## FSx for Windows File Server
FSx for Windows Servers provides a `native windows file system` as a service which can be used within AWS, or from on-premises environments via VPN or Direct Connect.
Its not an emulated file system. Its a native windows file system.
- Accessible over `SMB protocol` (standard in windows environment)
- Integrates with Active Directory (either managed, or self-hosted)
- Single or Multi-AZ within a VPC
- Supports scheduled or manual backups
- Supports Distributed File System (DFS)
- Uses windows permission model
It provides advanced features such as VSS, Data de-duplication, backups.
Supports encryption at rest and forced encryption in transit.
FSx uses active directory for its user store, so we start with connecting it to a managed or self-managed AD.
The active directory can be within AWS or On-Premise
FSx can be deployed in single or multi-az mode.
Workspaces (similar to citrix which is a virtual desktop service) when deployed within a VPC, can then use these shared windows file systems.
FSx supports volume shadow copies (file level versioning) while connected to Workspaces.
- you can right click a file/folder and view versions
- you can then restore to any version without having to use AWS
A fileshare can be created for example:
- 8MBps to 2GBps
- 100k IOPS
- Less than 1ms latency
## FSx for Lustre
FSx for Lustre is a managed file system which is designed for high performance computing
It delivers extreme performance for scenarios such as `Big Data`, `Machine Learning` and Financial Modeling
Provides 100's GB/s throughput and sub millisecond latency
### Deployment Types
- Scratch (Short term, Fast and No replication)
- Persistent (Long term, High Availability (in one AZ) and Auto Recovery)
> Presistent will fail if the whole AZ fails
### With S3
Data when accessed is lazy loaded from S3.
- It is then presisted by FSx for Lustre
Any changes can be updated back to S3 using `hsm_archive` command
VPC here has within 3 client running and connected to FSx using single ENI.
FSx is running Luster File Servers backed by Storage Volumes. FSx runs from single AZ, so single ENI is used.
- Red here indicates write
- Green here indicates read
- Yellow here indicates read from cache post initial read
You can backup both Deployment types to S3.
- This can be done automatically or manually
- Retension period is 0-35 days