How do I create a Storage Gateway for volumes using Amazon EC2 as the host platform?
Last updated: 2022-06-14
I want to create an AWS Storage Gateway for data to be stored in volumes. Additionally, I want to use Amazon Elastic Compute Cloud (Amazon EC2) as the host platform. How do I create a volume gateway?
To create a volume gateway, complete these steps in the AWS Management Console:
- Choose the gateway type.
- Choose the host platform.
- Configure the EC2 instance.
- Complete the gateway setup and create a volume.
Note: This resolution explains how to create a volume gateway with Amazon EC2, but the steps are similar for an on-premises deployment. For more information on ways to create a volume gateway, see Set up a volume gateway.
Before you begin this procedure, be sure that you have launched the following:
- An EC2 instance with the IP address where you will activate the gateway from.
- An EC2 instance with an IP address to be used to connect iSCSI initiators with your gateway.
- An internet gateway or network address translation (NAT) gateway to connect your gateway to the Storage Gateway endpoints.
Note: Typically, your initiator and gateway should be in the same AWS Region. Or, they should be as geographically close together as possible.
Choose the gateway type
Proceed with the steps to select a volume gateway.
Choose the host platform (Amazon EC2)
- In the Create gateway wizard of the Storage Gateway console, for Select host platform, choose Amazon EC2.
Note: Be sure to expand the section "Set up instructions for Amazon EC2." Then, review the instructions before you proceed.
- Choose Launch instance. This opens a new browser window to the Choose an Instance Type page within the Amazon EC2 console.
Note: Don't close the browser window with the Storage Gateway console. You return to this page in a later step.
Configure the host platform (Amazon EC2)
- In the Amazon EC2 console, under Step 2: Choose an Instance Type, select m4.xlarge or one of the recommended instance types.
- Choose Next: Configure Instance Details.
- For Subnet, choose the subnet based on the internet gateway or NAT gateway you use to connect to the Storage Gateway endpoints. If you use an internet gateway, choose its associated public subnet. If you use a NAT gateway, choose its associated private subnet.
- Choose Next: Add Storage.
- Choose Add New Volume to add another volume for the upload buffer of the gateway. For Size (GiB), enter the size of the volume—it must be at least 150 GiB.
- If you're setting up a gateway for cached volumes, choose Add New Volume to add a volume for the cache storage. For Size (GiB), enter the size of the volume—it must be at least 150 GiB.
Note: You don't need a cache volume for a stored volume gateway.
- Choose Next: Add Tags.
- Optionally, add tags for the gateway's EC2 host.
- Choose Next: Configure Security Group.
- Confirm that you have security group rules that allow inbound traffic from ports 80, 22, and 3260. Port 80 is used for gateway activation. Port 22 is used for SSH. Port 3260 is used by iSCSI initiators to connect to the gateway. Add security group rules as needed.
Note: Your gateway’s EC2 instance must also allow outbound traffic from ports 53, 123, and 443. These outbound ports are typically open by default in the configuration for a security group or an access control list (ACL).
- In a separate browser window, open the Amazon EC2 console. Then, find the EC2 instance with the IP address where you'll activate the gateway from. Note the IP address.
Note: If the activating instance is in a different Amazon Virtual Private Cloud (Amazon VPC) than the gateway, then you must get the public IP address of the activating instance.
- Open the Step 6: Configure Security Group page for the gateway's EC2 instance. Add the IP address of the activating instance as the source IP address for ports 80 and 22.
- In a separate browser window, open the Amazon EC2 console. Then, find the IP address of the EC2 instance to act as the iSCSI initiator to the gateway's iSCSI targets. Note the IP address.
- Open the Step 6: Configure Security Group page for the gateway's EC2 instance. Add the IP address from the previous step as the source IP address for port 3260.
- Choose Review and Launch.
- Choose Launch and select the appropriate key pair. Then, choose Launch Instances.