Beginning December 7, 2023, we will discontinue version 1 DataSync agents. Check the Agents page on the DataSync console to see if you have affected agents. If you do, replace those agents before then to avoid data transfer or storage discovery disruptions. If you need more help, contact AWS Support
Configuring AWS DataSync transfers with Amazon FSx for NetApp ONTAP
To transfer data to or from your Amazon FSx for NetApp ONTAP file system, you must create an AWS DataSync transfer location. DataSync can use this location as a source or destination for transferring data.
Accessing FSx for ONTAP file systems
To access an FSx for ONTAP file system, DataSync mounts a storage virtual machine (SVM) on your file system using network interfaces in your virtual private cloud (VPC). DataSync creates these network interfaces in your file system’s preferred subnet only when you create a task that includes your FSx for ONTAP location.
Note
VPCs that you use with DataSync must have default tenancy. VPCs with dedicated tenancy are not supported. For more information, see Work with VPCs.
Supported protocols
DataSync can connect to an FSx for ONTAP file system's SVM and copy data using the following protocols:
-
Network File System (NFS) – With the NFS protocol, DataSync uses the
AUTH_SYS
security mechanism with a user ID (UID) and group ID (GID) of0
to authenticate with your SVM.Note
DataSync currently only supports NFS version 3 with FSx for ONTAP locations.
-
Server Message Block (SMB) – With the SMB protocol, DataSync uses credentials you provide to authenticate with your SVM. When creating your location, you can specify a local user in your SVM or domain user in your Microsoft Active Directory.
To copy between FSx for ONTAP file systems using SMB (or other types of file systems using SMB), your source and destination locations must belong to the same Active Directory domain or have an Active Directory trust relationship between their domains.
By default, DataSync automatically chooses a version of the SMB protocol based on negotiation with your SMB file server. You also can configure DataSync to use a specific version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.
See the following table for a list of options in the DataSync console and API for configuring an SMB version with your FSx for ONTAP location:
Console option API option Description Automatic AUTOMATIC
DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.
This is the default and recommended option. If you instead choose a specific version that your file server doesn't support, you may get an
Operation Not Supported
error.SMB 3.0.2
SMB3
Restricts the protocol negotiation to only SMB version 3.0.2.
SMB 2.1 SMB2
Restricts the protocol negotiation to only SMB version 2.1. SMB 2.0 SMB2_0
Restricts the protocol negotiation to only SMB version 2.0. For DataSync to access your SMB file server, your server must use NTLM authentication. DataSync can't access the server if it uses Kerberos authentication.
Unsupported protocols
DataSync can't access FSx for ONTAP file systems using the iSCSI (Internet Small Computer Systems Interface) protocol.
Choosing the right protocol
To preserve file metadata in FSx for ONTAP migrations, configure your DataSync source and destination locations to use the same protocol. Between the supported protocols, SMB preserves metadata with the highest fidelity (see How AWS DataSync handles metadata and special files for details).
When migrating from a Unix (Linux) server or network-attached storage (NAS) share that serves users through NFS, do the following:
-
Create an NFS location for the Unix (Linux) server or NAS share. (This will be your source location.)
-
Configure the FSx for ONTAP volume you’re transferring data to with the Unix security style.
-
Create a location for your FSx for ONTAP file system that’s configured for NFS. (This will be your destination location.)
When migrating from a Windows server or NAS share that serves users through SMB, do the following:
-
Create an SMB location for the Windows server or NAS share. (This will be your source location.)
-
Configure the FSx for ONTAP volume you’re transferring data to with the NTFS security style.
-
Create a location for your FSx for ONTAP file system that’s configured for SMB. (This will be your destination location.)
If your FSx for ONTAP environment uses multiple protocols, we recommend working with
an AWS storage specialist. To learn about best practices for multiprotocol access,
see Enabling multiprotocol workloads with Amazon FSx for NetApp
ONTAP
Creating your FSx for ONTAP transfer location
To create the location, you need an existing FSx for ONTAP file system. If you don't have one, see Getting started with Amazon FSx for NetApp ONTAP in the Amazon FSx for NetApp ONTAP User Guide.
To specify an FSx for ONTAP file system by using the DataSync console
Open the AWS DataSync console at https://console.aws.amazon.com/datasync/
. -
In the left navigation pane, expand Data transfer, then choose Locations and Create location.
-
For Location type, choose Amazon FSx.
You configure this location as a source or destination later.
-
For FSx file system, choose the FSx for ONTAP file system that you want to use as a location.
-
For Storage virtual machine, choose a storage virtual machine (SVM) in your file system where you want to copy data to or from.
-
For Mount path, specify a path to the file share in that SVM where you'll copy your data.
You can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be
/vol1
,/vol1/tree1
, or/share1
.Tip
Don't specify a path in the SVM's root volume. For more information, see Managing FSx for ONTAP storage virtual machines in the Amazon FSx for NetApp ONTAP User Guide.
-
For Security groups, choose up to five Amazon EC2 security groups that provide access to your file system's preferred subnet.
The security groups must allow outbound traffic on the following ports (depending on the protocol you use):
-
NFS – TCP ports 111, 635, and 2049
-
SMB – TCP port 445
Your file system's security groups must also allow inbound traffic on the same ports.
-
-
For Protocol, choose the data transfer protocol that DataSync uses to access your file system's SVM.
For more information, see Choosing the right protocol.
-
(Optional) Enter values for the Key and Value fields to tag the FSx for ONTAP file system.
Tags help you manage, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.
-
Choose Create location.