DEV Community

Rimpal Johal for AWS Community Builders

Posted on

AWS Multi-AZ FSX

Introduction

Amazon FSx for Windows File Server is a file system that provides the same features as NTFS. The file system can be deployed across multiple Availability Zones in the AWS Region, which will help ensure high availability and durability of your file system in the event of a catastrophic failure or disaster.

What is AWS Multi-AZ?

AWS Multi-AZ is a feature of AWS that provides high availability and durability for your file system in the event of a catastrophic failure or disaster. For example, if you have an on-premises Windows File Server (WFS) and you want to use the WFS with AWS, then AWS Multi-AZ can be used to provide high availability and durability for your file system by replicating data between multiple Availability Zones.

What is FSx for Windows File Server

Amazon FSx for Windows File Server provides fully managed Microsoft Windows file servers, backed by a fully native Windows file system. FSx for Windows File Server has the features, performance, and compatibility to easily lift and shift enterprise applications to the AWS Cloud.You can use it to store your data and share it with other application services running on the same instance or applications running in other AWS Regions. Amazon FSx for Windows File Server offers the benefits as

  • High availability and durability

  • Resilience to common operating system failures through consistency groups, which make sure every region has replicas of your file system data. If one region fails—for example because of an electrical problem or hardware failure—the other regions continue serving files from their own replicas without interruption.

What is AWS Multi-AZ FSx?

AWS Multi-AZ FSx is a file system that can be deployed across multiple Availability Zones in the AWS Region. This will help ensure high availability and durability of your file system in the event of a catastrophic failure or disaster.

How does AWS Multi AZ Fsx benefit me?

You can't afford to have your business data stored in a single-region location, so Multi-AZ Fsx is a perfect fit. It'll keep your data safe from any catastrophic events that might happen elsewhere, whether it's an earthquake or a cyber attack.
You can also expect to see more performance as well as cost efficiency with Multi-AZ Fsx, since there are two copies of data in different availability zones that can be used simultaneously by your applications. This helps ensure that no matter what happens in one zone, there will still be access to all of the needed information for transactions and other operations to complete successfully.

Also as Multi-AZ FSx is hybrid-enabled, it helps me to migrate and synchronize large data sets from data centre to AWS and further facilitate to immediately available the data to a broad set of integrated AWS Services.

How do I create an AWS Multi-AZ deployment for Fsx?

One can deploy the Multi-AZ FSx both from AWS Console or from CloudFormation Template. I have used the CloudFormation template to create an FSx file system across multiple availability zone.

AWS Multi-AZ FSx deployment Cloudformation snippet for reference. Please note this need to change as per your business requirements. In the below given code snippet, I have created three Multi-AZ FSx:

  • DRBSQLDataFileSystemMAZ Size 40 GB

  • DRBSQLLogsFileSystemMAZ Size 32 GB

  • DRBSQLDBFileSystemMAZ Size 32 GB



Resources:
DRBSQLDataFileSystemMAZ:
Type: 'AWS::FSx::FileSystem'
Properties:
FileSystemType: WINDOWS
StorageCapacity: 40
StorageType: SSD
SubnetIds:

  • !Ref DRBWorkloadSubnetID1
  • !Ref DRBWorkloadSubnetID2 SecurityGroupIds:
  • !FindInMap
  • !Ref Environment
  • DRBSg
  • sgSQLFsx Tags:
  • Key: Name Value: !Sub DRB-SQL-Data-Fsx-Maz
  • Key: OS Value: WINDOWS
  • Key: !Ref Environment Value: Prod
  • Key: AppName Value: SQLWindowsFileShareMaz WindowsConfiguration: ThroughputCapacity: 32 AutomaticBackupRetentionDays: 30 WeeklyMaintenanceStartTime: '6:17:30' DailyAutomaticBackupStartTime: '17:45' CopyTagsToBackups: false DeploymentType: MULTI_AZ_1 PreferredSubnetId: !Ref DRBWorkloadSubnetID1 SelfManagedActiveDirectoryConfiguration: DnsIps:
  • !Select
  • 0
  • !Split
  • ','
  • !Ref DomainControllerIps DomainName: 'example.com' UserName: !Ref DRBSQLDBServiceAccountUName Password: !Ref DRBSQLDBServiceAccountPwd

DRBSQLLogsFileSystemMAZ:
Type: 'AWS::FSx::FileSystem'
Properties:
FileSystemType: WINDOWS
StorageCapacity: 32
StorageType: SSD
SubnetIds:

  • !Ref DRBWorkloadSubnetID1
  • !Ref DRBWorkloadSubnetID2 SecurityGroupIds:
  • !FindInMap
  • !Ref Environment
  • DRBSg
  • sgSQLFsx Tags:
  • Key: Name Value: !Sub DRB-SQL-Logs-Fsx-Maz
  • Key: OS Value: WINDOWS
  • Key: !Ref Environment Value: Prod
  • Key: AppName Value: SQLWindowsFileShareMaz WindowsConfiguration: ThroughputCapacity: 32 AutomaticBackupRetentionDays: 30 WeeklyMaintenanceStartTime: '6:17:00' DailyAutomaticBackupStartTime: '17:15' CopyTagsToBackups: false DeploymentType: MULTI_AZ_1 PreferredSubnetId: !Ref DRBWorkloadSubnetID1 SelfManagedActiveDirectoryConfiguration: DnsIps:
  • !Select
  • 0
  • !Split
  • ','
  • !Ref DomainControllerIps DomainName: 'example.com' UserName: !Ref DRBSQLDBServiceAccountUName Password: !Ref DRBSQLDBServiceAccountPwd

DRBSQLDBFileSystemMAZ:
Type: 'AWS::FSx::FileSystem'
Properties:
FileSystemType: WINDOWS
StorageCapacity: 32
StorageType: SSD
SubnetIds:

  • !Ref DRBWorkloadSubnetID1
  • !Ref DRBWorkloadSubnetID2 SecurityGroupIds:
  • !FindInMap
  • !Ref Environment
  • DRBSg
  • sgSQLFsx Tags:
  • Key: Name Value: !Sub DRB-SQL-TempDB-Fsx-Maz
  • Key: OS Value: WINDOWS
  • Key: !Ref Environment Value: Prod
  • Key: AppName Value: SQLWindowsFileShareMaz WindowsConfiguration: ThroughputCapacity: 32 AutomaticBackupRetentionDays: 30 WeeklyMaintenanceStartTime: '6:16:30' DailyAutomaticBackupStartTime: '16:45' CopyTagsToBackups: false DeploymentType: MULTI_AZ_1 PreferredSubnetId: !Ref DRBWorkloadSubnetID1 SelfManagedActiveDirectoryConfiguration: DnsIps:
  • !Select
  • 0
  • !Split
  • ','
  • !Ref DomainControllerIps DomainName: 'example.com' UserName: !Ref DRBSQLDBServiceAccountUName Password: !Ref DRBSQLDBServiceAccountPwd
Enter fullscreen mode Exit fullscreen mode




Security and Permission for Multi-AZ FSx

AWS recommends following windows file server ports to open as the mandatory requirement for the FSx to work in the new deployment. We have created defined these ports in the security group and attached that security group to Multi-AZ FSx. However, one port detail which is missing in AWS document is port 464 which is required for an inbound rule for both TCP and UDP traffic on domain controller instances. We have added port 464(tcp/udp) in the security group attached to the domain controller instances.

FSx for Windows file server port requirement

Conclusion

AWS Multi-AZ Fsx provides added protection for file systems. The concept of this deployment is similar to a database cluster: it keeps copies of your data in multiple locations so that if one location fails, there are still backups available. In addition, AWS Multi-AZ FSx provides a way to create file shares across multiple Availability Zones that can be managed by the same administrator or group of administrators through a single console.

Top comments (0)