Accessing NFS file servers Configuring your network for NFS transfers Creating your NFS transfer location

Configuring AWS DataSync transfers with an NFS file server

To transfer data to or from your Network File System (NFS) file server, you must create an AWS DataSync transfer location. DataSync can use this location as a source or destination for transferring data.

Accessing NFS file servers

To access your NFS file server, you need a DataSync agent. The agent mounts an export on your file server by using the NFS protocol.

Configuring your NFS export

The export that DataSync needs for your transfer depends on if your NFS file server is a source or destination location and how your file server's permissions are configured.

If your file server is a source location, DataSync just has to read and traverse your files and folders. If it's a destination location, DataSync needs root access to write to the location and set ownership, permissions, and other metadata on the files and folders that you're copying. You can use the no_root_squash option to allow root access for your export.

The following examples describe how to configure an NFS export that provides access to DataSync.

When your NFS file server is a source location (root access)

Configure your export by using the following command, which provides DataSync read-only permissions (ro) and root access ( no_root_squash):


export-path datasync-agent-ip-address(ro,no_root_squash)

When your NFS file server is a destination location

Configure your export by using the following command, which provides DataSync write permissions (rw) and root access ( no_root_squash):


export-path datasync-agent-ip-address(rw,no_root_squash)

When your NFS file server is a source location (no root access)

Configure your export by using the following command, which specifies the POSIX user ID (UID) and group ID (GID) that you know would provide DataSync read-only permissions on the export:


export-path datasync-agent-ip-address(ro,all_squash,anonuid=uid,anongid=gid)

Supported NFS versions

By default, DataSync uses NFS version 4.1. DataSync also supports NFS 3.x and 4.0.

Configuring your network for NFS transfers

For your DataSync transfer, you must configure traffic for a few network connections:

Allow traffic on TCP port 2049 from your DataSync agent to your NFS file server.

Other NFS clients in your network should be able to mount the NFS export that you're using to transfer data. The export must also be accessible without Kerberos authentication.
Configure traffic for your service endpoint connection (such as a VPC, public, or FIPS endpoint).
Allow traffic from the DataSync service to the AWS storage service you're transferring to or from.

Creating your NFS transfer location

Before you begin, note the following:

You need an NFS file server that you want to transfer data from.
You need a DataSync agent that can access your file server.
DataSync doesn't support copying NFS version 4 access control lists (ACLs).

Open the AWS DataSync console at https://console.aws.amazon.com/datasync/.
In the left navigation pane, expand Data transfer, then choose Locations and Create location.
For Location type, choose Network File System (NFS).
For Agents, choose the DataSync agent that you want to connect to your NFS file server.

You can choose more than one agent. For more information, see Using multiple DataSync agents.
For NFS server, enter the Domain Name System (DNS) name or IP address of the NFS file server that your DataSync agent connects to.
For Mount path, enter the NFS export path that you want DataSync to mount.

This path (or a subdirectory of the path) is where DataSync transfers data to or from. For more information, see Configuring your NFS export.
(Optional) Expand Additional settings and choose a specific NFS version for DataSync to use when accessing your file server.

For more information, see Supported NFS versions.
(Optional) Choose Add tag to tag your NFS location.

Tags are key-value pairs that help you manage, filter, and search for your locations. We recommend creating at least a name tag for your location.
Choose Create location.

Use the following command to create an NFS location.
```
$ aws datasync create-location-nfs \
    --server-hostname nfs-server-address \
    --on-prem-config AgentArns=datasync-agent-arns \
    --subdirectory nfs-export-path
```
For more information on creating the location, see Accessing NFS file servers.

DataSync automatically chooses the NFS version that it uses to read from an NFS location. To specify an NFS version, use the optional Version parameter in the NfsMountOptions API operation.

This command returns the Amazon Resource Name (ARN) of the NFS location, similar to the ARN shown following.


{
    "LocationArn": "arn:aws:datasync:us-east-1:111222333444:location/loc-0f01451b140b2af49"
}

To make sure that the directory can be mounted, you can connect to any computer that has the same network configuration as your agent and run the following command.


mount -t nfs -o nfsvers=<nfs-server-version <nfs-server-address:<nfs-export-path <test-folder

The following is an example of the command.


mount -t nfs -o nfsvers=3 198.51.100.123:/path_for_sync_to_read_from /temp_folder_to_test_mount_on_local_machine

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Transferring to or from on-premises storage

Configuring transfers with an SMB file server