Managing Mount Targets

This topic describes the basics of managing mount targets.

Overview

Actions you can take to manage a mount target include:

  • Viewing mount target details
  • Obtaining mount command samples
  • Creating a new export and file system
  • Editing exports and export options
  • Change the reported size of exported file systems
  • Deleting a mount target

You can perform most administrative tasks for your mount targets using the Console, Command Line Interface (CLI), or API. You can use the Console to list mount targets exporting a specific file system. Use the API or CLI if you want to list all mount targets in a compartment.

Mount Target

A mount target is an NFS endpoint that lives in a VCN subnet of your choice and provides network access for file systems. The mount target provides the IP address or DNS name that is used together with a unique export path to mount the file system. A single mount target can export many file systems. Typically, you create your first mount target and export when you create your first file system. The mount target maintains an export set which contains all of the exports for its associated file systems.

Exports

Exports control how NFS clients access file systems when they connect to a mount target. File systems are exported (made available) through mount targets. Each mount target maintains an export set which contains one or many exports. A file system may be exported through one or more mount targets. A file system must have at least one export in one mount target in order for instances to mount the file system. The information used by an export includes the file system OCID, mount target OCID, export set OCID, export path, and client export options.Typically, an export is created in a mount target when the file system is created. Thereafter, you can create additional exports for a file system in any mount target that resides in the same availability domain as the file system.

NFS Export Options

NFS export options are a set of parameters within the export that specify the level of access granted to NFS clients when they connect to a mount target. An NFS export options entry within an export defines access for a single IP address or CIDR block range.

For more information, see Working with NFS Export Options.

Limitations and Considerations

  • Each availability domain is limited to two mount targets by default.

    See Service Limits for a list of applicable limits and instructions for requesting a limit increase.

  • You can export up to 100 file systems through each mount target.
  • Each mount target can accept up to 896 client connections.
  • Each tenancy in a region can have 1 CreateMountTarget or ChangeMountTargetCompartment operation in progress at a time. See 409 error occurs when creating or moving a file system or mount target for more information.
  • Each mount target requires three internal IP addresses in the subnet to function:

    • Two of the IP addresses are used during mount target creation. The third IP address must remain available for the mount target to use for high availability failover.
    • The third IP address is used to create a new VNIC for the mount target during failover. The original primary IP address is retained.
    • The File Storage service doesn't "reserve" the third IP address required for high availability failover.
    • Use care to ensure that enough unallocated IP addresses remain available for your mount targets to use during failover.
    • Do not use /30 or smaller subnets for mount target creation because they do not have sufficient available IP addresses for mount target creation.

Required IAM Policy

To use Oracle Cloud Infrastructure, you must be granted security access in a policy  by an administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don’t have permission or are unauthorized, verify with your administrator what type of access you have and which compartment  you should work in.

For administrators: The policy in Let users create, manage, and delete file systems allows users to manage mount targets. Since mount targets are network endpoints, users must also have "use" permissions for VNICs, private IPs, private DNS zones, and subnets to create or delete a mount target. See the Policy Reference for more information.

If you're new to policies, see Getting Started with Policies and Common Policies.

Tagging Resources

You can apply tags to your resources to help you organize them according to your business needs. You can apply tags at the time you create a resource, or you can update the resource later with the desired tags. For general information about applying tags, see Resource Tags.

Moving Mount Targets to a Different Compartment

You can move mount targets from one compartment to another. When you move a mount target to a new compartment, its associated export set and exports move with it. After you move the mount target to the new compartment, inherent policies apply immediately and affect access to the mount target, export set, and exports through the Console. Moving these resources doesn't affect access to file systems and snapshots from mounted instances. For more information, see Managing Compartments.

Details About Your Mount Target

The mount target details page provides the following information about your mount target:

MOUNT TARGET OCID
Every Oracle Cloud Infrastructure resource has an Oracle-assigned unique ID called an Oracle Cloud Identifier (OCID). You need your mount target's OCID to use the Command Line Interface (CLI) or the API. You also need the OCID when contacting support.
CREATED
The date and time that the mount target was created.
Availability Domain
When you create a mount target, you specify the availability domain that it resides in. An availability domain is one or more data centers located within a region. You need your mount target's availability domain to use the Command Line Interface (CLI) or the API. For more information, see Regions and Availability Domains.
COMPARTMENT
When you create a mount target, you specify the compartment that it resides in. A compartment is a collection of related resources (such as cloud networks, compute instances, or file systems) that are accessible only to those groups that have been given permission by an administrator in your organization. You need your mount target's compartment to use the Command Line Interface (CLI) or the API. For more information, see Managing Compartments.
REPORTED SIZE (GIB)
The maximum capacity in gibibytes reported by the file systems exported through this mount target. The File Storage service currently reports 8589934592 gibibytes (GiB) of available capacity by default. If you are installing an application that requires a specific reported size, you can change the reported size. Typically, setting the size to 1024 GiB is sufficient for most applications. This value is updated hourly. See To set the file system reported size for more information.
REPORTED INODES (GII)
The maximum capacity in gibiinodes reported by the file systems exported through this mount target. The File Storage service currently reports gibiinodes (GiI) of available inodes by default. If you are installing an application that requires specific reported inodes, you can change the reported inodes. Typically, setting the inodes to 1024 GiI is sufficient for most applications. This value is updated hourly. See To set the file system reported size for more information.
NETWORK SECURITY GROUPS
The network security groups that the mount target belongs to. Each mount target can belong to up to five (5) NSGs. See To add a mount target to a network security group for more information.
VIRTUAL CLOUD NETWORK
The VCN that contains the subnet where the mount target VNIC resides.
SUBNET
The subnet within the VCN where the mount target VNIC resides. Subnets can be either AD-specific or regional (regional ones have "regional" after the name). For more information, see VCNs and Subnets.
IP ADDRESS
The IP address that was assigned to the mount target when it was created. You need your mount target's IP address to mount associated file systems.
HOSTNAME
The hostname that was assigned to the mount target, if any. For more information about hostnames, see DNS in Your Virtual Cloud Network.
FULLY QUALIFIED DOMAIN NAME
The hostname together with the subnet domain name. For more information, see DNS in Your Virtual Cloud Network. If you specify a hostname, you can use the FQDN to mount the file system.
EXPORT SET OCID
The OCID of the mount target's export set resource. Each mount target has one export set, which contains all of the exports for the mount target. You need your mount target's export set OCID when you perform export-related tasks in the Command Line Interface (CLI) or the API.
EXPORTS
All of the mount target's exports are listed here. The export path and name of each file system is also listed. You need the export path to mount a file system.
Caution

Avoid entering confidential information when assigning descriptions, tags, or friendly names to your cloud resources through the Oracle Cloud Infrastructure Console, API, or CLI.

Using the Console

To create a mount target
Important

While it is possible to access mount targets from any AD in a region, for optimal performance, your mount targets should be in the same availability domain as the Compute instances that access them. For more information, see Regions and Availability Domains.
  1. Open the navigation menu. Under Core Infrastructure, click File Storage and then click Mount Targets.

  2. In the List Scope section, select a compartment.

    The Console displays a list of mount targets that have already been created in the compartment, if any.

  3. Click Create Mount Target.
  4. Enter the required mount target information. Click the click here link in the dialog box if you want to enable compartment selection for the mount target, its VCN, or subnet resources:

    • New Mount Target Name: Optionally, replace the default with a friendly name for the mount target. It doesn't have to be unique; an Oracle Cloud Identifier (OCID) uniquely identifies the mount target. Avoid entering confidential information.
    Note

    The mount target name is different than the DNS hostname, which is specified in step 5.
    • Virtual Cloud Network Compartment: The compartment containing the cloud network (VCN) in which to create the mount target.
    • Virtual Cloud Network: Select the cloud network (VCN) where you want to create the new mount target.
    • Configure Network Security Groups: Select this option to add this mount target to an NSG you've created. Choose an NSG from the list.

      Important

      Rules for the NSG you select must be configured to allow traffic to the mount target's VNIC using specific protocols and ports. For more information, see Configuring VCN Security Rules for File Storage.
    • Subnet Compartment: Specify the compartment containing a subnet within the VCN to attach the mount target to.
    • Subnet: Select a subnet to attach the mount target to. Subnets can be either AD-specific or regional (regional ones have "regional" after the name). For more information, see VCNs and Subnets.
    Caution

    Each mount target requires three internal IP addresses in the subnet to function. Do not use /30 or smaller subnets for mount target creation because they do not have sufficient available IP addresses. Two of the IP addresses are used during mount target creation. The third IP address must remain available for the mount target to use for high availability failover.
  5. Optionally, click Show Advanced Options to configure the mount target's advanced options.

    • IP Address: You can specify an unused IP address in the subnet you selected for the mount target.
    • Hostname: You can specify a hostname you want to assign to the mount target.

      Note

      The File Storage service constructs a fully qualified domain name (FQDN) by combining the hostname with the FQDN of the subnet the mount target is located in.

      For example, myhostname.subnet123.dnslabel.oraclevcn.com.

      Once created, the hostname may be changed in the mount target's Details page. See Managing Mount Targets for more information.

  6. Click Create.
To view details of a mount target
  1. Open the navigation menu. Under Core Infrastructure, click File Storage and then click Mount Targets.

  2. In the List Scope section, select a compartment.

    The Console displays a list of mount targets that have already been created in the compartment, if any.

  3. Find the mount target you're interested in, click the Actions icon (three dots), and then click View Mount Target Details.
To change the mount target name

You can change the display name of the mount target.

Note

Changing the display name doesn't affect mounting file systems exported through the mount target.
  1. Open the navigation menu. Under Core Infrastructure, click File Storage and then click Mount Targets.

  2. In the List Scope section, select a compartment.

  3. To view information about a file system, find the file system, click the Actions icon (three dots), and then click View Mount Target Details.

  4. Click Rename.
  5. Enter the new mount target name, and click Rename.
To create an export and a new file system

Exports control how NFS clients access file systems when they connect to a mount target. File systems must have at least one export in at least one mount target in order for instances to mount the file system. The following steps create an export and a new file system. If you want to create an export for an existing file system, see To create an export for a file system.

  1. Open the navigation menu. Under Core Infrastructure, click File Storage and then click Mount Targets.

  2. In the left-hand navigation, in the List Scope section, under Compartment, select a compartment.
  3. Click the name of the mount target you want to create an export for, and click Create Export.

    Note

    File systems are encrypted by default. You cannot turn off encryption.
  4. You can choose to accept the system defaults, or change them by clicking Edit Details.

  5. Click Create.

Next, mount the file system from an instance so that you can read and write directories and files in your file system. See Mounting File Systems for instructions about obtaining mount commands for your operating system type and mounting your file system.

To set the file system reported size

The File Storage service reports file system capacity as 8589934592 gibibytes (GiB) and 8589934592 gibiinodes (GiI) by default. Sometimes, application installers perform a space requirement check prior to running an installation process but cannot correctly interpret the reported size or reported inodes of the file system. When this occurs, you can define the file system size reported to the operating system by setting the Reported Size or Reported Inodes value in the file system's mount target. Typically, setting the size to 1024 GiB and the inodes to 1024 GiI permits successful installation.

Important

Changing the Reported Size or Reported Inodes for a mount target affects all file systems exported by the mount target. Changing these values does not limit the amount of data you can store.
  1. Open the navigation menu. Under Core Infrastructure, click File Storage and then click Mount Targets.

  2. In the List Scope section, select a compartment.

  3. Find the mount target you're interested in, click the Actions icon (three dots), and then click View Mount target Details.
  4. Click the Reported Size (in GiB) Edit or the Reported Inodes (in Gil) icon.
  5. Enter the maximum size in gibibytes or the maximum inodes in gibiinodes you want the File Storage service to report.
  6. Click the Save icon.
Important

There can be a delay of up to 1 hour when reporting file system usage, either in the console or by using the df command. For more information, see File System Usage and Metering.
To delete an export
Note

Deleting an export does not impact the data stored in the associated file system. Deleting an export disconnects any instance that mounts the file system with the deleted export path. Mount targets that have no exports still count toward your service limit.
  1. Open the navigation menu. Under Core Infrastructure, click File Storage and then click Mount Targets.

  2. In the List Scope section, select a compartment.

  3. Find the mount target you're interested in, click the Actions icon (three dots), and then click View Mount target Details.
  4. In Exports, find the export you want to delete.
  5. Click the Actions icon (three dots), and then click Delete.
To manage tags for a mount target
  1. Open the navigation menu. Under Core Infrastructure, click File Storage and then click Mount Targets.

  2. In the List Scope section, select a compartment.

  3. Find the mount target you're interested in, click the Actions icon (three dots), and then click View Mount Target Details.

  4. Click the Tags tab to view or edit the existing tags. Or click Apply tag(s) to add new ones.

For more information, see Resource Tags.

To move a mount target to a different compartment
  1. Open the Console,
  2. Open the navigation menu. Under Core Infrastructure, click File Storage and then click Mount Targets.

  3. In the List Scope section, select a compartment.
  4. Find the mount target in the list, click the the Actions icon (three dots), and then click Change Compartment.
  5. Choose the destination compartment from the list.
  6. Click Change Compartment.
To add a mount target to a network security group

You can add the mount target to one or more Network Security Groups (NSGs). File storage requires specific rules to be configured for NSGs that are associated with mount targets. For more information, see Configuring VCN Security Rules for File Storage.

  1. Open the navigation menu. Under Core Infrastructure, click File Storage and then click Mount Targets.

  2. In the List Scope section, select a compartment.

  3. Find the mount target you're interested in, click the Actions icon (three dots), and then click View Mount Target Details.

  4. In the Mount Target Information tab, click the Edit link next to Network Security Groups.

  5. Select a Compartment and NSG from the list.
  6. Click Save.
To delete a mount target
  1. Open the navigation menu. Under Core Infrastructure, click File Storage and then click Mount Targets.

  2. In the List Scope section, select a compartment.

  3. Find the mount target you want to delete.
  4.  Click the Actions icon (three dots), and then click Delete.
Caution

Deleting the mount target also deletes all of its exports of associated file systems. File systems are no longer available through the deleted mount target.

Deleting a mount target has no effect on file system data or file system snapshots.

Using the Command Line Interface (CLI)

For information about using the CLI, see Command Line Interface (CLI).

To create a mount target

You can create a mount target for file systems in a specified compartment and subnet. A file system can only be associated with a mount target in the same availability domain.

Caution

Each mount target requires three internal IP addresses in the subnet to function. Do not use /30 or smaller subnets for mount target creation because they do not have sufficient available IP addresses. Two of the IP addresses are used during mount target creation. The third IP address must remain available for the mount target to use for high availability failover.

Open a command prompt and run oci fs mount-target create to create a mount target.

For example:

oci fs mount-target create --availability-domain <target_availability domain> --compartment-id <target_compartment_id> --subnet-id <subnet_OCID> --display-name “<My Mount Target>
Caution

Avoid entering confidential information in the mount target display-name.

You can create a mount target that is added to a network security group (NSG).

For example: 

oci fs mount-target create --availability-domain <target_availability domain> --compartment-id <target_compartment_id> --subnet-id <subnet_OCID> --display-name “<My Mount Target>" --nsg-ids '["<nsg_OCID_1>","<nsg_OCID_2"]'
To update a mount target

Open a command prompt and run oci fs mount-target update to update a specific mount target's information or to add it to a network security group (NSG).

For example:

oci fs mount-target update --mount-target-id <mount_target_OCID> --display-name "<New Mount Target Name>" --nsg-ids '["<nsg1_OCID>", "<nsg2_OCID>"]'
Caution

Avoid entering confidential information in the mount target display-name.
To delete a mount target

Open a command prompt and run oci fs mount-target delete to delete a mount target. Deleting a mount target also deletes the mount target's VNICs.

For example:

oci fs mount-target delete --mount-target-id <mount_target_OCID>
Caution

Deleting a mount target can cause any clients that have mounted an associated file system to hang. Be sure to have all clients unmount the file systems before deleting the mount target.
To list mount targets

You cannot use the Console to list mount targets. Use the command line interface or the API from a host machine running a UNIX-style operating system.

Open a command prompt and run oci fs mount-target list to list all mount targets in a specified availability domain and compartment.

For example:

oci fs mount-target list --availability-domain <target_availability_domain> --compartment-id <target_compartment_OCID>
To get a specific mount target

Open a command prompt and run oci fs mount-target get to retrieve information about a specific mount target.

For example:

oci fs mount-target get --mount-target-id <mount_target_OCID>
To create an export

Exports control how NFS clients access file systems when they connect to a mount target. File systems are exported (made available) through mount targets. Each mount target maintains an export set which contains one or many exports. A file system may be exported through one or more mount targets. A file system must have at least one export in one mount target in order for instances to mount the file system. The information used by an export includes the file system OCID, mount target OCID, export set OCID, export path, and client export options. Typically, an export is created in a mount target when the file system is created. Thereafter, you can create additional exports for a file system in any mount target that resides in the same availability domain as the file system.

Open a command prompt and run oci fs export create to create an export for a specified file system within a specified export set.

For example:

oci fs export create --export-set-id <export_set_OCID> --file-system-id <file_system_OCID> --path "</pathname>"
Important

The export path must start with a slash (/) followed by a sequence of zero or more slash-separated elements. For multiple file systems associated with a single mount target, the export path sequence for the first file system cannot contain the complete path element sequence of the second file system export path sequence. Export paths cannot end in a slash. No export path element can be a period (.) or two periods in sequence (..). Lastly, no export path can exceed 255 bytes. For example:

Acceptable:

/example and /path

/example and /example2

Not Acceptable:

/example and /example/path

/ and /example

/example/

/example/path/../example1

Caution

If one file system associated to a mount target has '/' specified as an export path, you can't associate another file system with that mount target.
Note

Export paths cannot be edited after the export is created. If you want to use a different export path, you must create a new export with the desired path. Optionally, you can then delete the export with the old path.

For more information, see Paths in File Systems.

To list exports

Open a command prompt and run oci fs export list to list all exports in a specified compartment.

For example:

oci fs export list --compartment-id <target_compartment_id>
To get a specific export

Open a command prompt and run oci fs export get to retrieve information about a specific export.

For example:

oci fs export get --export-id <export_OCID>
To delete an export

Open a command prompt and run oci fs export delete to delete an export.

For example:

oci fs export delete --export-id <export_OCID>
Caution

When you delete an export, any file system referenced by the export is no longer accessible through the associated mount target.
To list export sets

Open a command prompt and run oci fs export-set list to list all export sets in a specified availability domain and compartment.

For example:

oci fs export-set list --availability-domain <target_availability_domain> --compartment-id <target_compartment_OCID>
To get a specific export set

Open a command prompt and run oci fs export-set get to retrieve information about a specific export set.

For example:

oci fs export-set get --export-set-id <export_set_OCID>
To update an export set

Open a command prompt and run oci fs export-set update to update a specific export set's information.

For example:

oci fs export-set update --export-set-id <export_set_OCID> --display-name "<New Export Set Name>"
To set the file system reported size

The File Storage service reports file system capacity as 8589934592 gibibytes (GiB) and 8589934592 gibiinodes (GiI) by default. Sometimes, application installers perform a space requirement check prior to running an installation process but cannot correctly interpret the reported size or reported inodes of the file system. When this occurs, you can define the file system size reported to the operating system by setting the Reported Size or Reported Inodes value in the export set of the file system's mount target. Typically, setting the size to 1024 GiB and the inodes to 1024 GiI permits successful installation.

Important

Changing the Reported Size or Reported Inodes for a mount target affects all file systems exported by the mount target. Changing these values does not limit the amount of data you can store.
Important

There can be a delay of up to 1 hour when reporting file system usage, either in the console or by using the df command. For more information, see File System Usage and Metering.

Open a command prompt and type in the following command:

oci fs export-set update --export-set-id <export_set_ OCID> --max-fs-stat-bytes <number_of_bytes>
To move a mount target to a different compartment

oci fs mount-target change-mount-target-compartment --mount-target-id <mount_target_OCID> --compartment-id <destination_compartment_OCID>