In this video, we will provision a file storage, file system, and later on use it for the file storage operations discussion that we will have. In Frankfurt region, I have created a few instances for previous demonstrations. I'm going to create a file storage and enrollment in the same region. Let me go to file storage file systems and create a file system. I will create this file system in AD1 and call it as FSAD1. By default, file systems are encrypted with the Oracle managed keys. If you use Word, you can use your own managed keys. You create an export path, which will be the path through which the file system is accessible from a given mount target. The mount target is fundamentally a network endpoint provisioned in the VCN and you would provision it in such a way that the VCN in which your compute instances are running, should be able to access it. My compute instances which I have provisioned in my region Frankfurt, are provisioned within this VCN. Let me show you that so that you know that I'm provisioning it specifically in the same VCN because we don't have bearing between multiple VCNs. We see that over here it is part of the wizard VCN that we have, so when I create the mount target, I will choose the same VCN. I can very well use the private subnet because you don't get a public IP for this and create the file system. As a result a file system will be created, a mount target network endpoint within this private subnet of this VCN will be created, and then export will be created using the mount target IP address: file system export, through which compute instances will be able to access it. As we see the file system is created. It is created in the AD that I chose. It is having an export from the mount target. If I go one level above, I will be able to see that there is mount targets available. There is a mount target also provisioned in the same AD where the file system is created and it is within this subnet and it has got a particular IP address given from the VCN subnets CIDR. Now, how do we access it from compute instances? First, let me connect to my Compute instance. Let's say the base Linux instance that I have. I will do that by using its public IP and connecting to it from my Cloud Shell. I will do SSH from the.ssh directory, that is where the private key's available, ssh opc at the rate of the public IP, I should get connected to the Compute instance. once I'm connected into the Compute instance, I am now eligible to mount it. But as I told you, to mount file systems, we need to enable security list ports. If I go to this particular file system which is in place, I see the mount target and the mount target is provisioned in a particular subnet. Now, from the mount target page, I see the exports that are available, given file system can be exported through multiple mount targets and one mount target can support multiple file systems to be exposed through it. Now, if I come in to the file system page or to the mount target page and go to the export, I get an option to get the mount commands. But the first pop-up that shows here is you need to have Ingress rules appropriately. For the subnet in which you have created the mount target, ingress rules on PCP, UDP for they should be available. I will go to the VCN page. Since my mount target is provisioned in the private subnet, I will go to my security list that is associated to the private subnet, which I can access from here. Inside this, I need to add ingress rule. I'm going to give an Ingress rule which allows the entire VCN to access the file system that is created for the mount target. The ports I need to open are 111 destination port. Add another rule. I will see you again copy this for the CIDR and the DCB 2048 all the way to 2050, which give as 2048-2050. Another Ingress rule for my UDP ports 111 and 2048. Again, I will put my CIDR here, choose UDP and destination port 111, and lastly, 2048. Let me go and add another Ingress rule wherein I will say from the VCN CIDR, UDP 2048 is the destination. As an Ingress rule, any computer from within the VCN can reach TCP ports, these four ports, which I have listed in these two rules, and UDP ports 111 and 2048. Once I add these Ingress rules, now my security list associated with the private subnet allows any computer from within the VCN to access these specific ports. Once that is available, I can use these mount commands. The first command given here is to install the NFS Client, which is a minimum requirement. This is installing the NFS Client here. You could use these commands as is or you can edit them based on your need. For example, here it says create a directory to which you want to mount the file system. You could use the same name or any other name. For the purpose of this practice, I will just put the same name as the directory that is created and mount the file system to this directory using the mount point colon file system name. If you are interested to have host name base resolution to the mount target, then you can go to the mount target and give the host name, for examples, since it is mount 1 is the name. If I do that and if I now get the mount commands, I will see that host name based resolution is also available. Either way, it is the same, the built-in DNS within the VCN will resolve it. With this we see that a file system is created and it is now mountable in Compute instances. With this, I stop this demonstration of creating a file system. In the next video, you will look at the operations that are applicable with file storage systems.
