AWS Storage Blog

Switch your file share access from Amazon FSx File Gateway to Amazon FSx for Windows File Server

Effective October 28, 2024, new customers will no longer be able to create a new Amazon FSx File Gateway (FSx File Gateway). If you would like to use the service, please create an FSx File Gateway prior to October 28, 2024. To begin using FSx File Gateway, customers can navigate to the Storage Gateway console in AWS Management Console.

This change will not impact existing customers. AWS continues to invest in security and availability for FSx File Gateway. We will continue releasing security updates for FSx File Gateway. You can also rely on AWS Support to continue assisting you with any questions you may have about FSx File Gateway.

FSx File Gateway is a type of AWS Storage Gateway, with local caching designed to be deployed on premises. FSx File Gateway optimizes on-premises access to fully managed file shares in Amazon FSx for Windows File Server (FSx for Windows File Server). Customers with file data on SMB file shares sometimes require on-premises access to meet low-latency requirements. Today, with network bandwidth costs decreasing and bandwidth availability increasing, many customers can now use FSx for Windows File Server in the cloud from their on-premises location without the need for a gateway or local cache. Customers who still need a local cache for faster access will find Amazon FSx for NetApp ONTAP (FSx for ONTAP) using FlexCache or Global File Cache can serve their needs.

In this blog post, we cover how existing customers can switch SMB file share access from FSx File Gateway to FSx for Windows File Server. We will also cover network configurations to consider should you experience any connection issues and alternative solutions if using FSx for Windows File Server is not an option. Switching to FSx for Windows File Server eliminates the cost of FSx File Gateway, avoids the need for data migration as the files are already stored in FSx for Windows File Server, and simplifies the architecture and operational overhead.

Switching an FSx File Gateway share to FSx for Windows File Server share

The recommended approach removes FSx File Gateway from the architecture and continues using FSx for Windows File Server directly. Connecting clients directly to FSx for Windows File Server meets the needs of most workloads, as SMB provides local caching at the client machine. To do this, you disconnect clients from the local FSx File Gateway and map those clients to FSx for Windows File Server file shares.

Understanding the current setup

Before we dive into the transition process, let’s quickly review the typical setup with FSx File Gateway:

  1. You have an FSx File Gateway appliance deployed on premises, which connects to an FSx for Windows File Server file system in AWS.
  2. All your Windows clients connect to the local FSx File Gateway appliance.
  3. The FSx File Gateway appliance and the FSx for Windows File Server file system belong to the same Active Directory domain, with a private network connection (for example, AWS Direct Connect or AWS VPN) between them. You will need a network path from the client to the file share. We cover more on this in the “Network considerations” section of this post.

Steps to remove FSx File Gateway from the environment and connect clients to FSx for Windows File Server

  1. Disconnect clients from the FSx File Gateway: Start by disconnecting all your Windows clients from the local FSx FGW appliance.
  2. Allow the gateway to flush its cache: Wait until the FSx File Gateway has uploaded all data from its local cache to the FSx for Windows File Server file system. You can monitor the CachePercentDirty metric until it reaches 0.0% to ensure the cache is fully flushed.
  3. Detach FSx for Windows File Server file system (optional): Once the cache is flushed, you can detach the FSx for Windows File Server file system in the Storage Gateway console.
  4. Power down the FSx File Gateway on premises: After detaching the file system, power down the FSx File Gateway appliance in your on-premises environment.
  5. Connect your Windows clients to the FSx for Windows File Server file shares: Configure your Windows clients to connect directly to the FSx for Windows File Server file shares. All your data, permissions, and other settings will be preserved during this transition. You can get more details on accessing your FSx for Windows File Server data from on premises in FSx for Windows File Server User Guide.
  6. Delete the FSx File Gateway in the AWS Storage Gateway console (optional): For steps on deleting a gateway follow the directions in the FSx File Gateway User Guide.

Network considerations

In many cases, you may not need to alter network firewall rules. There is an exception, if you locked down the connection to only allow SMB (port 445) traffic from the FSx File Gateway VM to FSx for Windows File Server. If this is the case, you will need to adjust the firewall rules to allow the local subnet that the clients are on to access the FSx for Windows File Server file share.

The type of network connection you have to AWS will help determine whether you can support connecting clients directly to the FSx for Windows File Server file system. Be aware that the local cache of the FSx File Gateway typically reduces the amount of data being downloaded from the cloud and associated egress costs will likely increase once you remove the FSx File Gateway. These egress costs are offset by the cost savings of removing FSx File Gateway.

Alternative options

FSx for ONTAP provides fully managed, scalable, and high-performance shared file storage in AWS with the popular data access and management capabilities of NetApp ONTAP. Along with standard Windows SMB support and data protection, FSx for ONTAP provides additional features such as multiprotocol access (NFS, SMB, iSCSI, and NVMe-over-TCP protocols), automated storage scaling, and tiering.

Customers can leverage FSx for ONTAP to provide a local caching solution. This solution would require an on-premises NetApp footprint and a data migration from FSx for Windows File Server to FSx for ONTAP. We recommend using AWS DataSync for migrating to FSx for ONTAP. This approach also requires additional configuration, planning, and implementation steps.

Conclusion

In this blog, we shared that effective October 28, 2024, new customers will no longer be able to create a new Amazon FSx File Gateway. We outlined the recommended approach for existing FSx File Gateway customers to switch their SMB file share access from FSx File Gateway to FSx for Windows File Server. We also noted networking configurations to consider in case of issues and an alternative solution if you need a local cache. Switching to FSx for Windows File Server provides high availability, eliminates the cost of FSx File Gateway, avoids the need for data migration, and simplifies the topology and operational overhead. Alternatively, existing customers may find FSx for ONTAP more suitable for their needs.

If you have additional questions, feel free to leave a comment or read the Amazon FSx for Windows File Server FAQs.

TAGS: , , , ,
Ed Laura

Ed Laura

Ed Laura is a Senior Product Solutions Architect covering AWS Edge Data Services including AWS Storage Gateway and AWS DataSync. He is excited about helping customers leverage AWS to overcome their hybrid storage challenges. He has over 15 years experience in Infrastructure Solution Architecture across various industries such as Healthcare, Life Sciences, Financial Services, Media and Entertainment, and Manufacturing. In his free time, he enjoys hockey, adventuring outdoors, biking and hiking with his two dogs.