This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Installation process

As a customer, you do not have access to the AWS console where the company deploys the components needed for your solution. As a result, certain steps in setting up the S3 File Gateway are executed by a company representative. The following diagram illustrates the stages in the process and who executes them:

flowchart
    subgraph Customer
        direction TB
        st0((START)) --> st1
        st1(Request link to S3 File Gateway virtual machine image)
        st3(Install and configure S3 File Gateway virtual machine image) --> st4(Test S3 File Gateway connectivity)
        st4 --> st5{Success?}
        st5 -- no --> st6a(Configure firewall and router to access service endpoints)
        st6a --> st4
        st5 -- yes --> st6b{Provide the company with access to VM?}
        st6b -- no --> st7b(Set up second machine with AWS CLI and cURL)
        st7b --> st8(Request AWS credentials)
        st11(Set up credentials on secondary machine) --> st12(Run commands on secondary machine to configure and activate S3 File Gateway)
        st12 --> st13(Notify the company of successful setup)
    end
    subgraph The company
        direction TB
        st2(Provide URL to customer)
        st7a(Configure and activate S3 File Gateway) --> st15((END))
        st9(Set up temporary AWS user) --> st10(Send credentials and information to customer)
        st14(Remove temporary AWS user) --> st15
    end
    st1 --> st2
    st2 --> st3
    st6b -- yes --> st7a
    st8 --> st9
    st10 --> st11
    st13 --> st14

1 - Install S3 File Gateway virtual machine

In this stage, you request where to download the S3 File Gateway and install in your hypervisor.

  1. Contact your designated company representative, and request the URL to the file gateway and the AWS region. Provide the hypervisor you have with your request to receive the correct URL. Only the following hypervisors are supported:
    • VMware ESXi Hypervisor
    • Microsoft Hyper-V Hypervisor
    • Linux Kernel-based Virtual Machine
  2. Download the S3 File Gateway virtual machine (VM) image and install it in your hypervisor. Ensure the following minimum setup:
    • Processors: 4
    • RAM: 16 GB
    • Disk for VM image and system data: 80 GB
    • Additional cache disk: 150 GB
    • Network adapter: NAT

2 - Test network connection

In this stage, you must test the network connection to your S3 File Gateway.

  1. Log into your virtual machine. A screen similar to the following is displayed:

  2. Enter the command to “Test Network Connectivity” and press Enter.

  3. Select the “Public” endpoint type and press Enter.

  4. Enter the AWS region, which you have received from your designated company representative, and press Enter.

    1. If the test is successful, continue with the procedure.

    2. If the test is unsuccessful, then configure your firewall and router to allow traffic from the AWS service endpoints described here: Allowing AWS Storage Gateway access through firewalls and routers.

      Perform the test again to verify access after the firewall and router configuration.

3 - Configure and activate gateway

In this stage, the S3 File Gateway is configured and activated. How this happens depends on whether or not the company is granted access to the virtual machine where you installed the S3 File Gateway.

The company can have access to VM

If you allow the company, even temporary, access to the virtual machine where you installed the S3 File Gateway, then the company can configure and activate the S3 File Gateway.

Inform your designated company representative that you have successfully installed and tested the S3 File Gateway virtual machine. Provide the following information:

  • How to connect to the virtual machine (IP address).
  • How to access your network, in case the virtual machine is within a restricted network.
  • The credentials to log into the virtual machine.

If the S3 File Gateway virtual machine is in a restricted network, then provide and request the information needed to allow the company access to the restricted network. For example, you may have to open your network to specific IP addresses from the company, which the company needs to provide to you.

The company cannot have access to VM

If you cannot provide access to the virtual machine to the company, then you must execute the following steps to configure and activate the S3 File Gateway in AWS:

  1. Request AWS credentials and S3 File Gateway information from your designated company representative. You receive the following information:

    • aws_access_key_id: the access key ID of the AWS user
    • aws_secret_access_key: the access key of the AWS user
    • region: the region where the File Gateway will be activated (the region is the same as the region you tested against in the previous stage)
    • gateway-name: the name of the File Gateway in AWS
    • activation-key: the activation key of the File Gateway in AWS

  2. Create a new virtual machine within the same network as the File Gateway virtual machine with the following tools installed:

  3. Log into your new virtual machine

  4. Set up the AWS CLI credentials file with the following information:

    [gwinstall]
aws_access_key_id = <aws_access_key_id provided by the company>
aws_secret_access_key = <aws_secret_access_key provided by the company>

  5. Set up the AWS CLI configuration file with the following information:

    [profile gwinstall]
region = <region provided by the company>

  6. Run the following AWS CLI command to activate the gateway:

    aws activate-gateway \
--activation-key <activation-key provided by the company>\
--gateway-name <gateway-name provided by the company>\
--gateway-timezone <timezone of the File Gateway VM>\
--gateway-region <region provided by the company>\
--profile gwinstall

    This command outputs the AWS File Gateway ARN, which is needed in the following command:

    {
    "GatewayARN": "arn:aws:storagegateway:<region>:<account#>:gateway/sgw-<gateway-id>"
}

  7. Run the following AWS CLI command to list the disks in your File Gateway VM:

    aws --profile gwinstall storagegateway list-local-disks --gateway-arn <GatewayARN>

    The command outputs the list of disks in your File Gateway VM:

    {
    "GatewayARN": "<GatewayARN>",
    "Disks": [
        {
            "DiskId": "92e81768-7ac1-4523-9c59-1043a27121cb",
            "DiskPath": "/dev/sdb",
            "DiskNode": "SCSI (0:1)",
            "DiskStatus": "present",
            "DiskSizeInBytes": 161061273600,
            "DiskAllocationType": "AVAILABLE",
            "DiskAttributeList": []
        }
    ]
}

  8. Run the following AWS CLI command, using the DiskId from the output from the previous command, to identify the cache disk of the File Gateway to the setup in AWS:

    aws --profile gwinstall storagegateway
              add-cache --gateway-arn <GatewayARN> --disk-ids
        "<DiskId>"

  9. Notify your designated company representative that you have finalized AWS File Gateway configuration and activation, and request to verify the File Gateway in AWS. When you receive confirmation, you can continue with the next steps to request the AWS File shares necessary for your solution.