Cloud Filestore

High-performance file storage

Cloud Filestore is a managed file storage service for applications that require a filesystem interface and a shared filesystem for data. Filestore gives users a simple, native experience for standing up managed Network Attached Storage (NAS) with their intelHUB Compute Engine and Kubernetes Engine instances. The ability to fine-tune Filestore’s performance and capacity independently leads to predictably fast performance for your file-based workloads.

Benefits

Fast

Cloud Filestore offers low latency for file operations. For workloads that are latency sensitive, like content management systems, databases, random i/o, or other metadata intensive applications, Filestore provides high IOPS with minimal variability in performance.

Consistent

With Cloud Filestore, you pay a predictable price for predictable performance. Users independently pick the IOPS and the storage capacity you need with Filestore, which enables you to tune your filesystem for a particular workload. The performance you experience for a particular workload will be consistent over time.

Simple

Cloud Filestore is a fully managed, NoOps service that is integrated with the rest of the intelHUB Cloud portfolio. You can easily mount Filestore file shares on Compute Engine VMs. Filestore is also tightly integrated with Kubernetes Engine so your containers can reference the same shared data.

Features

 STANDARDPREMIUM
Max read throughput100 MB/s (1 TB), 180 MB/s (10+ TB)700 MB/s
Max write throughput100 MB/s (1 TB), 120 MB/s (10+ TB)350 MB/s
Max IOPS5,00030,000
Max capacity per share63.9 TB63.9 TB
Typical customer availability99.9%99.9%
ProtocolNFSv3NFSv3

Use Cases

Rendering

You can easily mount Cloud Filestore file shares on Compute Engine instances, enabling visual effects artists to collaborate on the same file share. As rendering workflows typically run across fleets (“render farms”) of compute machines, all of which mount a shared filesystem, Filestore and Compute Engine can scale to meet your job’s rendering needs.

Application migrations

Many on-premises applications require a filesystem interface to data. As these applications continue to migrate to the cloud, Filestore can support a broad range of enterprise applications that need a shared filesystem.

Web content management

Web developers creating websites and blogs that serve file content to their audience will find it easy to integrate Filestore with web software like WordPress, Prestashop and Magento.

Media processing

Graphic design, video and image editing, and other media workflows use files as an input and files as the output. Filestore helps creators access shared storage to manipulate and produce large files.

Home directories

Users across your organisation probably need to access and share common data sets. You can host file content in Cloud Filestore and enable shared access to that data.

Fileshare permissions

 

When you create a Cloud Filestore instance, the fileshare for that instance has default Unix permissions of rwxr-xr-x, octal notation 755. These permissions mean that on a Cloud Filestore instance, only root users on connected clients have read/write access to the fileshare. Other users have only read access by default, but client root users can change permissions and owners.

 

Configuring access on a fileshare

When mounting a Cloud Filestore fileshare on a client, you can use options for the mount command and settings in the /etc/fstab file to determine whether the mounted fileshare is writable and if files can be executed on it. After mounting the fileshare, you can use standard Linux commands like chmod, and setfacl to set file and fileshare permissions.

 

Setting consistent permissions

We strongly recommend that you set consistent permissions for each user on all clients that connect to the same Cloud Filestore instance, because of an issue that occurs when:

 

  • A fileshare is mounted on more than one client, and
  • A user has root permission on one client but not the others


The user can upload a file with the setuid bit set from the client where they have root access, which then allows them to execute the file as root on any other client where they have at least read permission. This is because the setuid bit allows a user to execute a file using the permissions of the file owner, in this case root.

IAM roles and permissions

 

You grant access to Cloud Filestore operations by using Cloud Identity and Access Management (IAM) roles.

 

IAM permissions only control access to Cloud Filestore operations, like creating a Cloud Filestore instance. Access to operations on the Cloud Filestore fileshare, like read or execute, are determined by Linux permissions.

 

Using Cloud Filestore roles

You can use the Cloud Filestore Editor and Cloud Filestore Viewer roles to grant Cloud Filestore permissions to users. If you prefer, you can also use primitive roles for this purpose.

Use the following table to see the Cloud Filestore permissions associated with Cloud Filestore roles.

Permission Action Cloud Filestore Editor role Cloud Filestore Viewer role
file.locations.get Get information about a specific location supported by this service. Y Y
file.locations.list List information about the supported locations for this service. Y Y
file.instances.create Create a Cloud Filestore instance. Y
file.instances.update Update a Cloud Filestore instance. Y
file.instances.delete Delete a Cloud Filestore instance. Y
file.instances.get Get details about a specific Cloud Filestore instance. Y Y
file.instances.list List the Cloud Filestore instances in the project. Y Y
file.operations.get Get the status of a Cloud Filestore instance operation. Y Y
file.operations.list List Cloud Filestore instance operations. Y Y
file.operations.cancel Cancel a Cloud Filestore instance operation. Y
file.operations.delete Delete a Cloud Filestore instance operation. Y

Using primitive roles

 

Cloud Filestore permissions are also associated with the IAM primitive roles of owner, editor, and viewer. You can use these roles in addition to the Cloud Filestore roles to grant Cloud Filestore permissions to users.

Use the following table to see the Cloud Filestore permissions associated with primitive roles.

Permission Action Project Owner role Project Editor role Project Viewer role
file.locations.get Get information about a specific location supported by this service. Y Y Y
file.locations.list List information about the supported locations for this service. Y Y Y
file.instances.create Create a Cloud Filestore instance. Y Y
file.instances.update Update a Cloud Filestore instance. Y Y
file.instances.delete Delete a Cloud Filestore instance. Y Y
file.instances.get Get details about a specific Cloud Filestore instance. Y Y Y
file.instances.list List the Cloud Filestore instances in the project. Y Y Y
file.operations.get Get the status of a Cloud Filestore instance operation. Y Y Y
file.operations.list List Cloud Filestore instance operations. Y Y Y
file.operations.cancel Cancel a Cloud Filestore instance operation. Y Y
file.operations.delete Delete a Cloud Filestore instance operation. Y Y

Custom roles

 

If the predefined IAM roles don’t meet your needs, you can define custom role with permissions that you specify. To support this, IAM offers custom roles. When you create custom roles for Cloud Filestore, make sure that you include both resourcemanager.projects.get and resourcemanager.projects.list so that the role has permission to query project resources. Otherwise, the console won’t function correctly for Cloud Filestore.

Architecture

Permissions

 

A Cloud Filestore instance consists of a single NFS fileshare with fixed export settings and default Unix permissions.

 

Networking

 

You must create a Cloud Filestore instance in the same project and VPC network as any clients that connect to it. All internal IP addresses in the selected VPC network can connect to the Cloud Filestore instance.

 

If you are using a VPC network other than the default network, you might need to create firewall rules to enable communication with Cloud Filestore instances.

 

You can’t use a legacy network with Cloud Filestore instances. If necessary, create a new VPC network.

IP address range

 

Each Cloud Filestore instance must have an IP address range associated with it. The IP address range must be from within the internal IP address ranges (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) and have a block size of 29. Examples of valid Cloud Filestore instance IP address ranges are 10.0.3.0/29 and 172.31.0.0/29.

 

You can assign the IP address range if there’s a specific one you want to use, otherwise Cloud Filestore picks a random range to use from within the internal IP address ranges. If the range is already in use, the service tries again until it finds one that is free. If you assign an IP address range, make sure it doesn’t overlap with any existing subnets in the VPC network that the Cloud Filestore instance uses, or with the IP address ranges assigned to any other existing Cloud Filestore instances in that network.

Cloud Filestore network peering

 

The first time you create a Cloud Filestore instance, Cloud Filestore also creates a peered network to enable network connectivity between clients in your project and the Cloud Filestore instance. The peered network has a machine-generated name similar to filestore-peer-123456789012.

Storage size units

 

Cloud Filestore defines 1 gigabyte (GB) as 10243 bytes and 1 terabyte (TB) as 10244 bytes. These units are also known as gibibytes (GiB) and tebibytes (TiB).

Availability and Recovery

In cases of recoverable errors that require intelHUB to restart a Cloud Filestore instance, the instance should be available again within two minutes. A Cloud Filestore instance is unavailable if the zone it resides in is down.

Performance

Learn about expected average performance and recommended performance settings for Cloud Filestore.

Expected performance

 

The following table shows expected performance as a function of the Cloud Filestore instance tier and size. Performance should scale linearly with the size of the instance for any instance size not explicitly mentioned here.

Tier Size (TB) Read (Tput) Read (IOPS) Write (Tput) Write (IOPS)
Standard 1 100 MB/s 600 100 MB/s 1000
Standard 10+ 180 MB/s 1000 120 MB/s 5000
Premium 2.5+ 700 MB/s 30000 350 MB/s 25000

Performance of any given instance may vary from the numbers reported above due to a variety of issues, such as use of caching on the client or server, the Compute Engine machine type used for the client VM instance, and the workload being tested.

 

Recommended client machine type

We recommend having a Compute Engine machine type of n1-standard-8 or better for the client VM instance. This allows the client to achieve approximately 16Gbps read bandwidth for cache-friendly workloads.

 

Linux client mount options

We recommend using the default NFS mount options, especially using a hard mount and having the rsize and wsize options set to 1 MB, to achieve the best performance on Linux client VM instances. For more information on NFS mount options, see nfs.

Supported NFS versions

Cloud Filestore uses NFSv3 on the Cloud Filestore instance and supports any NFSv3-compatible client.

Regions and Zones

Cloud Filestore instances live in zones within regions. A region is a specific geographical location where you can run your resources. Each region is subdivided into several zones. For example, the us-central1 region in the central United States has zones us-central1-a, us-central1-b, us-central1-c, and us-central1-f.

 

To decrease network latency, we recommend creating a Cloud Filestore instance in a region and zone that is close to where you plan to use it. For example, if you plan to access the instance from Asia, then you should create it in one of the asia-east1 zones. Similarly, you will get the best performance by mounting Cloud Filestore volumes on clients in the same region, although you can mount a Cloud Filestore fileshare on a client in any region.

Supported regions

 

Cloud Filestore is available in the following regions and zones:

Region Name Region Description Zones
us-central1 Iowa us-central1-a
us-central1-b
us-central1-c
us-central1-f
us-west2 Los Angeles us-west2-a
us-west2-b
us-west2-c
us-west1 Oregon us-west1-a
us-west1-b
us-west1-c
us-east1 South Carolina us-east1-b
us-east1-c
us-east1-d
europe-west1 Belgium europe-west1-b
europe-west1-c
europe-west1-d
europe-west3 Frankfurt europe-west3-a
europe-west3-b
europe-west3-c
europe-west4 Netherlands europe-west4-a
europe-west4-b
europe-west4-c
asia-east1 Taiwan asia-east1-a
asia-east1-b
asia-east1-c

Tiers

Cloud Filestore offers two service tiers, standard and premium.

The standard tier offers moderate performance of approximately 120 megabytes (MB) per second read/write throughput. The premium tier offers increased performance of approximately 240 MB per second read/write throughput.

 

The minimum fileshare size is 1 terabyte (TB) for a Standard tier instance and 2.5 TB for a Premium tier instance. The maximum fileshare size for either tier is 63.9 TB.

Want To Know More​

Need further information or require a quotation?

All calls are recorded for security, training and quality purposes

Our lines are open Monday to Friday from 9am to 5.30pm. Dialling an 0330 number costs the same to dial as a call to a geographic (local) number. They cost the same to call from a landline or mobile and are included in mobile call packages.

You are calling our Network Operations Centre based in London, United Kingdom.

Just so you know, we are not able to accept telesales or telemarketing calls and can't be transferred.

Working proudly with skilled teams of people knowing we push the boundaries staying ahead of the curve producing high performance results.