AWS Storage Gateway

Abimuktheeswaran Chidambaram
5 min readOct 13, 2023

--

AWS Storage Gateway is a hybrid cloud storage service that is used to transfer data from on-premises to the cloud. Hybrid cloud storage means your data can be used on-premises and stored in AWS cloud storage services like S3, Glacier Deep Archive, EBS, etc. It provides low-latency performance by caching frequently accessed data locally on your on-premises. Storage Gateway optimizes data transfer to AWS by sending only changed data and compressing data.

1. Working on Storage Gateway

To deploy the gateway, you need to download the VM image (Host Platform) from the AWS console and store it locally on your device (or) You may connect and activate the hardware appliance on your on-premise. For tape gateway, you get the additional option of a “snowball” device to deploy the gateway.

After your hardware appliance has been activated and configured, your appliance appears in the console. Now you can create the type of gateway that you want. you can connect and configure the gateway using an IP address or activation key. Make sure that the browser can access the IP address. Your firewall must allow HTTP access on port 8080 to the appliance for inbound traffic. Removing the gateway doesn’t delete the hardware appliance from the console. It remains for future gateway deployments. If you move the hardware appliance to another AWS account, first delete the appliance from the current AWS account and activate it in another AWS account. When you can delete the appliance completely, all resources associated with the gateway that is installed on the appliance are deleted, but the data on the hardware appliance itself is not deleted.

2. Features of Storage Gateway:

It uses AWS Identity and Access Management for securing access management to services and resources, AWS Key Management Service for encrypting data at rest in the cloud, Amazon CloudWatch for monitoring, and AWS CloudTrail for logging account activity. You are billed for transferring and storing your data.

2. Types of Storage Gateway:

3. File Gateway:

The Amazon S3 File Gateway enables you to store and retrieve files as objects in S3 using file protocols such as Network File System (NFS) and Server Message Block (SMB). You can access the objects directly or manage them using S3 features such as S3 Lifecycle Policies and S3 Cross-Region Replication (CRR). You can run S3 File Gateway on-premises or in EC2.

Objects are encrypted with Amazon S3–server-side encryption keys (SSE-S3). All data transfer is done through HTTPS. You can use Amazon CloudWatch Events to get the notification of files uploaded and file operation completed entirely. For better available bandwidth, it splits the large file into small pieces of files using multipart parallel uploads or byte-range downloads.

4. Volume Gateway:

Volume Gateway enables you to store and retrieve data as EBS snapshots in S3 using ISCSI protocol. You can attach a snapshot to the EBS volume on a running EC2 instance. The data will be compressed before it reaches and stored in AWS. If you need to backup the data in your on-premise, you can restore snapshots from the cloud. By default, all data stored by Volume Gateway in S3 is encrypted with Amazon S3-Managed Encryption Keys (SSE-S3). All data transferred between the gateway and AWS storage is encrypted using SSL. There are two options when configuring the volume gateway. They are Cached volume and Stored volume.

Cached volume is where you can move your data from on-premise to the cloud. Your primary data is in S3. You can keep some frequently accessing data (cached data) in your on-premise. It offers both low latency and cost savings. Cached volumes can support up to 32 volumes and each volume is 1 GiB to 32 TiB in size. The total maximum storage volume of 1,024 TiB (1 PiB).

Stored volume is when you can copy your entire data from on-premise to the cloud. Your primary data is in your on-premise and stored snapshots (periodic backups) as a backup in S3. It offers both low latency and disaster recovery. Stored volumes can support up to 32 volumes and each volume is 1 GiB to 16 TiB in size. The maximum storage volume is 512 TiB (0.5 PiB).

5. Tape Gateway

Tape Gateway enables you to archive your data in S3 Glacier Flexible Interval or S3 Glacier Deep Archive using VTL (virtual tape library). After you deploy and activate a Tape Gateway, you mount the virtual tape drives and media changer on your on-premises application servers. Then you use your existing backup software application to write data to the virtual tapes. The media changer loads and unloads the virtual tapes into the virtual tape drives for read-and-write operations.

Tape Gateway

Virtual Tape Library is like a physical tape library available on-premises. VTL includes the collection of stored virtual tapes that can be backed by S3. It has 10 tape drives. A tape drive is used to perform I/O and seeking operations on a tape. virtual tape is like a physical tape that can be created using the Storage Gateway console or programmatically. Each gateway can contain up to 1,500 tapes. The size of each virtual tape from 100 GiB and 15 TiB. The total size of the tape is 1PiB.

You can’t read archived tapes directly. To read an archived tape, you retrieve it to your Tape Gateway by using the Storage Gateway console or Storage Gateway API. You can retrieve the tape from S3 Glacier Flexible Retrieval typically within 3–5 hours. You can retrieve the tape from the S3 Glacier Deep Archive typically within 12 hours.

Last updated: 07-Jan-2024

--

--

No responses yet