Updated on 2024-11-12 GMT+08:00

Configuring Disk Mounting

Introduction

FunctionGraph allows you to mount file systems to your functions. Multiple functions can share the same file system. This greatly expands the function execution and storage space compared with the temporary disk space allocated to a function.

Scenarios

Before mounting file systems, enable access over the following ports:

  1. 111, 445, 2049, 2051, 2052, and 20048
  2. Another three ports for Ubuntu. To obtain the port numbers, run the following command:
    rpcinfo -p|grep mountd|grep tcp

FunctionGraph supports the following types of file systems:

  • ECS

    A directory on an ECS is specified as a shared file system (see Mounting an ECS Shared Directory) by using the network file system (NFS) service. The directory can then be mounted to a function in the same VPC as the ECS so that the function can read and write data in the directory. ECS file systems make it possible for dynamic expansion of compute resources. This type of file system is suitable for low service demand scenarios.

Benefits from using these file systems:

  • The function execution space can be greatly expanded comparing with /tmp.
  • A file system can be shared by multiple functions.
  • ECS compute resources can be dynamically expanded and existing ECS storage capability can be used to achieve stronger computing performance.

    You can write temporary files in the /tmp directory. The total size of these files cannot exceed 10,240 MB.

Creating an Agency

Before adding file systems to a function, specify an agency with permissions for accessing the file system services for the function.

There is a limit on the maximum number of agencies you can create, and cloud service agencies cannot be modified. Therefore, you are advised to create an agency with high-level permissions, for example, Tenant Administrator, to allow a function to access all resources in the selected region. For more information, see Configuring Agency Permissions.

Mounting an SFS Turbo File System

Setting an Agency

Before mounting an SFS Turbo file system to a function, specify an agency that has been granted SFS Administrator and VPC Administrator permissions for the function. If no agencies are available, create one in IAM.

Configuring VPC Access

An SFS Turbo file system is accessible only in the VPC where it has been created. Before mounting such a file system to a function, enable VPC access for the function.

  1. On the SFS console, obtain the information about the VPC and subnet where a file system is to be mounted to your function. For details, see File System Management.
  2. Enable VPC access by referring to Configuring the Network and enter the VPC and subnet obtained in 1.

Mounting an SFS Turbo File System

SFS Turbo file systems can be mounted in the same way as SFS file systems. Select a file system and set the access path.

Mounting an ECS Shared Directory

Specifying an Agency

Before mounting an ECS shared directory to a function, specify an agency that has been granted Tenant Guest and VPC Administrator permissions for the function. If no agencies are available, create one in IAM. For details, see Creating an Agency.

Configuring VPC Access

Before adding an ECS shared directory, specify the VPC where the ECS is deployed. View the VPC information on the details page of the ECS. Click the VPC name to go to the VPC details page, and view the subnet.

Set the acquired VPC and subnet for the function.

Mounting an ECS Directory

Enter a shared directory and function access path.

Figure 1 Setting the path

Follow-up Operations

A function can read and write data in an access path in the same way as in the mounted file system.

Function logs can be persisted by configuring the log path as a subdirectory in the access path.

The following uses SFS Turbo and template Web-Server-Access-Log-Statistics as an example to describe how to analyze logs of servers running on the cloud.

  1. Log in to the FunctionGraph console. In the navigation pane, choose Templates.
  2. In the upper right corner of the Templates page, enter Web-Server-Access-Log-Statistics in the search box and press Enter.
  3. In the search result, click Configure. The configuration page is displayed, as shown in Figure 2. Set the parameters as follows:

    Figure 2 Function template
    • Region: Select the same region as the created VPC and file system. For details about how to create a VPC and file system, see Configuring the Network and Creating a File System.
    • Project: Use default.
    • Function Name: Enter a custom name.
    • Agency: Select an agency with the file system, VPC, and APIG permissions. For details about how to create an agency, see Configuring Agency Permissions.
    • Enterprise Project: Select an enterprise project as required.
    • Environment Variables: access_log_path indicates the log file address. Set this parameter to /home/test/access_log.log.

      To specify file paths in the file system, use absolute paths starting with a slash (/). However, if no file system is mounted, you can skip adding the slash (/) and simply set the parameter to code/access_log.log.

    • Trigger Type: The default value is API Gateway (APIG). For details about how to configure APIG, see Using an APIG Trigger.
    • API Name: Enter a custom name.
    • API Group: Select a group based on the actual service.
    • Environment: Select RELEASE.
    • Security Authentication: Select None.
    • Protocol and Timeout (ms): Retain the default values.

  4. After parameter configuration is complete, click Create Function.
  5. On the function details page, click the Code tab, add the following code to the index.py file, and click Deploy.

    import shutil
    shutil.copyfile('/opt/function/code/access_log.log', '/home/test/access_log.log')
    Figure 3 Adding code

    In addition, add the public dependency Jinja2-2.10. For details, see Adding a Dependency for a Function.

    If no file system is mounted, you do not need to add the preceding code.

  6. On the function details page, choose Configuration > Network and enable VPC Access. Set VPC and Subnet to the created VPC and subnet, and click Save.

    Figure 4 VPC access

  7. Choose Disk Mounting, click Mount File System, and select SFS Turbo.

    • File System: Select an existing SFS Turbo file system.
    • Access Path: Set this parameter to /home/test.
    • Shared Directory: shared directory path of the file system. If this parameter is left blank by default, the function can access all directories of the file system. If a specific directory path is configured, the function can access only the directory path.

  8. Click the Code tab, select Configure Test Event, create a Blank Template, and click Create.

    Figure 5 Configuring a test event

  9. Select the created test event and click Test.

    Figure 6 Test result

  10. Choose Configuration > Triggers, copy the URL of the APIG trigger, and open the URL using a browser.

    Figure 7 Copying the URL
    Figure 8 Results display

Creating an NFS Shared Directory on ECS

  1. Linux
    • CentOS, SUSE, EulerOS, Fedora, or openSUSE
      1. Configure a YUM repository.

        1. Create a file named euleros.repo in the /etc/yum.repos.d directory. Ensure that the file name must end with .repo.

        2. Run the following command to enter euleros.repo and edit the configuration:

        vi /etc/yum.repos.d/euleros.repo

        The EulerOS 2.0 SP3 YUM configuration is as follows:

        [base] 
        name=EulerOS-2.0SP3 base
        baseurl=http://repo.huaweicloud.com/euler/2.3/os/x86_64/
        enabled=1
        gpgcheck=1
        gpgkey=http://repo.huaweicloud.com/euler/2.3/os/RPM-GPG-KEY-EulerOS

        The EulerOS 2.0 SP5 YUM configuration is as follows:

        [base] 
        name=EulerOS-2.0SP5 base
        baseurl=http://repo.huaweicloud.com/euler/2.5/os/x86_64/
        enabled=1
        gpgcheck=1
        gpgkey=http://repo.huaweicloud.com/euler/2.5/os/RPM-GPG-KEY-EulerOS

        Parameter description:

        name: repository name

        baseurl: URL of the repository
        • HTTP-based network address: http://path/to/repo
        • Local repository address: file:///path/to/local/repo

        gpgcheck: indicates whether to enable the GNU privacy guard (GPG) to check the validity and security of RPM package resources. 0: The GPG check is disabled. 1: The GPG check is enabled. If this option is not specified, the GPG check is enabled by default.

        3. Save the configurations.

        4. Run the following command to clear the cache:

        yum clean all
      2. Run the following command to install nfs-utils:
        yum install nfs-utils
      3. Create a shared directory.

        When you open /etc/exports and need to create shared directory /sharedata, add the following configuration:

        /sharedata 192.168.0.0/24(rw,sync,no_root_squash)

        The preceding configuration is used to share the /sharedata directory with other servers in the 192.168.0.0/24 subnet.

        After the preceding command is run, run the exportfs -v command to view the shared directory and check whether the setting is successful.

      4. Run the following commands to start the NFS service:
        systemctl start rpcbind
        service nfs start
      5. Create another shared directory.

        For example, to create the /home/myself/download directory, add the following configuration to /etc/exports:

        /home/myself/download 192.168.0.0/24(rw,sync,no_root_squash)

        Restart the NFS service.

        service nfs restart

        Alternatively, run the following command without restarting the NFS service:

        exportfs -rv
      6. (Optional) Enable automatic startup of the rpcbind service.

        Run the following command:

        systemctl enable rpcbind
    • Ubuntu
      1. Run the following commands to install nfs-kernel-server:
        sudo apt-get update
        sudo apt install nfs-kernel-server
      2. Create a shared directory.
        vim /etc/exports

        When you open /etc/exports and need to create shared directory /sharedata, add the following configuration:

        /sharedata 192.168.0.0/24(rw,sync,no_root_squash)

        The preceding configuration is used to share the /sharedata directory with other servers in the 192.168.0.0/24 subnet.

      3. Start the NFS service.
        service nfs-kernel-server restart

        After the preceding command is run, run the exportfs -v command to view the shared directory and check whether the setting is successful.

      4. Create another shared directory.

        For example, to create the /home/myself/download directory, add the following configuration to /etc/exports:

        /home/myself/download 192.168.0.0/24(rw,sync,no_root_squash)

        Restart the NFS service.

        service nfs restart

        Alternatively, run the following command without restarting the NFS service:

        exportfs -rv
  1. Windows
  1. Install the NFS server.

    Paid software: haneWIN. Download the software at the haneWIN official website.

    Free software: FreeNFS and WinNFSd. Download the software at the SourceForge website.

  2. Enable the NFS function.
    • In the case of WinNFSd, see WinNFSd configuration.
      1. Download and decompress WinNFSd, and create the nfs folder in the decompressed directory.
      2. Set the sharing and read/write permissions on the nfs file.
        1. Right-click the nfs file and choose Properties.
        2. Click the Sharing tab, and then click Share....
        3. Add Everyone and click Share.
          Figure 9 Adding Everyone
        4. Click the Security tab, select Everyone in the Group or user names list, and click Edit.
        5. In the displayed Security dialog box, select Everyone from the Group or user name list, select Read and Write from the Allow check boxes in the Permissions for Everyone list, and click OK.
      3. Disable all firewalls, including the Domain network, Private network, and Public network. Enable them after the entire configuration is complete.
      4. Log in to the virtual server of the router and enable ports 111, 2049, and 1058 of the external network. (Note: An external IP address is required.)
      5. Run the following command. For details, see https://github.com/winnfsd/winnfsd.
        WinNFSd.exe -addr {Your own local IP address 192.168.xxx.xxx} F:\nfs /nfs
    • In the case of haneWIN, perform the following steps:
      1. Run the downloaded .exe file as the Windows system administrator.
      2. After the installation is complete, open the NFS Server file and choose Edit > Preferences.
      3. Retain the default settings on the NFS, Server, and PortMapper tab pages. Click the Exports tab, click Edit exports file to configure the shared directory, and click Save.

        The shared directory format can be referenced as D:\share -public -name:nfs, which means to set the permission on the share folder to public and define an alias nfs.

      4. Click OK.
      5. Disable all firewalls, including the Domain network, Private network, and Public network. Enable them after the entire configuration is complete.

        Run the following command in Linux to mount the directory and check whether the file sharing is successful:

        mount -t nfs -o nolock 192.168.xxx.xxx:/nfs /mnt
        • 192.168.xxx.xxx is the IP address of the Windows operating system.
        • nfs is the alias created when the shared directory is configured.
        • /mnt is the local directory where the remote directory is mounted.