IBM Cloud Docs
Managing File Storage for Classic

Managing File Storage for Classic

You can manage your IBM Cloud® File Storage for Classic volumes through the IBM Cloud® console and from the CLI.

Authorizing hosts to access File Storage for Classic in the console

“Authorized” hosts are hosts that were given access to a particular volume. Without host authorization, you can't access or use the storage from your system. Authorizing a host to access your volume generates the username and password.

You can authorize and connect hosts that are located in the same data center as your storage. You can have multiple accounts, but you can't authorize a host from one account to access your storage on another account.

  1. Go to the IBM Cloud® console. From the menu, select Infrastructure VPC icon > Classic Infrastructure.

  2. Click Storage > File Storage for Classic, and click your Volume Name.

  3. Scroll to the Authorized Hosts section of the page.

  4. Click Authorize Host on the right.

  5. Filter the available host list by selecting the device type, subnet, or IP address.

    When the list is filtered by subnet, the subnets that are displayed are subscribed subnets in the same data center as the storage volume.

  6. Select one or more hosts from the list and click Save.

You can authorize up to 64 servers to access the file share. This limit includes all subnet, host, and IP authorizations combined. For more information about increasing this limit, see the FAQs.

Authorizing hosts to access File Storage for Classic from the CLI

“Authorized” hosts are hosts that were given access to a particular volume. Without host authorization, you can't access or use the storage from your system. Authorizing a host to access your volume generates the username and password.

Before you begin, decide on the CLI client that you want to use.

You can authorize up to 64 servers to access the file share. This limit includes all subnet, host, and IP authorizations combined. For more information about increasing this limit, see the FAQs.

Authorizing hosts from the IBMCLOUD CLI

Use the ibmcloud sl file access-authorize command to authorize a host to access the file share. The following example authorizes the virtual server instance 87654321 to mount the file share 12345678.

ibmcloud sl file access-authorize 12345678 --virtual-id 87654321

For more information about all of the parameters that are available for this command, see ibmcloud sl file access-authorize.

Authorizing hosts from the SLCLI

To authorize a host to access the volume, you can use the following command.

$ slcli file access-authorize --help
Usage: slcli file access-authorize [OPTIONS] VOLUME_ID

Options:
  -h, --hardware-id TEXT    The ID of one hardware server to authorize.
  -v, --virtual-id TEXT     The ID of one virtual server to authorize.
  -i, --ip-address-id TEXT  The ID of one IP address to authorize.
  -p, --ip-address TEXT     An IP address to authorize.
  -s, --subnet-id TEXT      An ID of one subnet to authorize.
  --help                    Show this message and exit.

Authorizing the host with Terraform

“Authorized” hosts are hosts that were given access to a particular volume. Without host authorization, you can't access or use the storage from your system. Authorizing a host to access your volume generates the username and password.

To authorize a Compute host to access the share, use the ibm_storage_file resource and specify the allowed_virtual_guest_ids for virtual servers, or allowed_hardware_ids for bare metal servers. Specify allowed_ip_addresses to define which IP addresses have access to the storage.

The following example defines that the Virtual Server with the ID 28961689 can access the volume from the 10.146.139.64/26 subnet, and 10.146.139.84 address.

resource "ibm_storage_file" "fs_endurance" {
  type       = "Endurance"
  datacenter = "dal09"
  capacity   = 20
  iops       = 0.25

  allowed_virtual_guest_ids = ["28961689"]
  allowed_subnets           = ["10.146.139.64/26"]
  allowed_ip_addresses      = ["10.146.139.84"]
  snapshot_capacity         = 10
  hourly_billing            = true
}

After your storage resource is created, you can access the hostname and volumename attributes, which you can use to determine the mount target later. For example, a File Storage resource with the hostname argument set to nfsdal0901a.service.softlayer.com and the volumename argument set to IBM01SV278685_7 has the mount point nfsdal0901a.service.softlayer.com:-IBM01SV278685_7.

For more information about the arguments and attributes, see ibm_storage_file.

You can authorize up to 64 servers to access the file share. This limit includes all subnet, host, and IP authorizations combined. For more information about increasing this limit, see the FAQs.

Viewing the list of hosts that are authorized to access a File Storage for Classic volume in the console

  1. Go to the IBM Cloud® console. From the menu, select Infrastructure VPC icon > Classic Infrastructure.
  2. Click Storage > File Storage for Classic, and click your Volume Name.
  3. Click Authorized Hosts to display the Compute instances that have access to your file share.
  4. Click the ellipsis Actions icon and select View host details. A side panel is displayed with details like device name, IP address, username and password. The Access Control List section is also displayed. You can add or remove subnets in this section.

The Target address is listed on the Storage Detail page. For NFS, the Target address is described as a DNS name, and for iSCSI, it's the IP address of the Discover Target Portal.

Viewing the list of hosts that are authorized to access a File Storage for Classic volume from the CLI

Viewing the list of authorized hosts from the IBMCLOUD CLI

You can use the ibmcloud sl file access-list command to list the hosts that are authorized to access the file share. The following example lists the hosts that can mount the file share 12345678 and sorts them by their IDs.

ibmcloud sl file access-list 12345678 --sortby id

For more information about all of the parameters that are available for this command, see ibmcloud sl file access-list.

Viewing the list of authorized hosts from the SLCLI

To display the list of authorized hosts, you can use the following command.

$ slcli file access-list --help
Usage: slcli file access-list [OPTIONS] VOLUME_ID

Options:
 --sortby TEXT   Column to sort by
 --columns TEXT  Columns to display. Options: id, name, type,
                 private_ip_address, source_subnet, host_iqn, username,
                 password, allowed_host_id
 -h, --help      Show this message and exit.

Viewing the File Storage for Classic volumes to which a host is authorized in the console

You can view the volumes, which a host has access to, including information that is needed to make a connection – Volume Name, Storage Type, Target Address, capacity, and location.

  1. Go to the IBM Cloud® console.
  2. From the menu, select Infrastructure VPC icon > Classic Infrastructure.
  3. Click Devices > Device List.
  4. Click the appropriate device.
  5. Select the Storage tab.

You are presented with a list of storage volumes that this particular host has access to, all are grouped by storage type (block, file, other). From the respective Action menus, you can authorize more storage or remove access.

Revoking a host's access to File Storage for Classic in the console

If you want to stop the access from a host to a particular storage volume, you can revoke the access. When access is revoked, the host connection is dropped from the volume. The operating system and applications can't communicate with the volume anymore.

To avoid host side issues, unmount the storage volume from your operating system before you revoke access to avoid missing drives or data corruption.

You can revoke access from either Storage from the Device List or the Storage views.

Revoking access from the Device List in the console

  1. Go to the IBM Cloud® console.
  2. From the menu, select Infrastructure VPC icon > Classic Infrastructure.
  3. Click Devices > Device List.
  4. Double-click the appropriate device.
  5. Select the Storage tab.
  6. You are presented with a list of storage volumes that this particular host has access to, all grouped by storage type (block, file, other). Select the respective Action menu next to the volume that you want to revoke access from, and click Revoke Access.
  7. Confirm if you want to revoke the access for a volume because the action can't be undone. Click Yes to revoke volume access, or No to cancel the action.

If you want to disconnect multiple volumes from a specific host, you need to repeat the Revoke Access action for each volume.

Revoking access from the Storage View in the console

  1. Go to the IBM Cloud® console.
  2. From the menu, select Infrastructure VPC icon > Classic Infrastructure.
  3. Click Storage > File Storage for Classic, and select the Volume from which you want to revoke access.
  4. Click Authorized Hosts to display the Compute instances that have access to your File share.
  5. Click Actions Actions icon next to the host whose access is to be revoked, and select Revoke Access.
  6. Confirm if you want to revoke the access for a volume because the action cannot be undone. Click Yes to revoke volume access, or No to cancel the action.

If you want to disconnect multiple hosts from a specific volume, you need to repeat the Revoke Access action for each host.

Revoking a host's access to File Storage for Classic from the CLI

Revoking host authorization from the IBMCLOUD CLI

You can use the ibmcloud sl file access-revoke command to remove authorization from a host. The following command disallows the virtual server instance 87654321 to mount the file share 12345678.

ibmcloud sl file access-revoke 12345678 --virtual-id 87654321

For more information about all of the parameters that are available for this command, see ibmcloud sl file access-revoke.

Revoking host authorization from the SLCLI

You can use the following command in SLCLI.

$ slcli file access-revoke --help
Usage: slcli file access-revoke [OPTIONS] VOLUME_ID

Options:
  -h, --hardware-id TEXT    The ID of one hardware server to revoke authorization.
  -v, --virtual-id TEXT     The ID of one virtual server to revoke authorization.
  -i, --ip-address-id TEXT  The ID of one IP address to revoke authorization.
  -p, --ip-address TEXT     An IP address to revoke authorization.
  -s, --subnet-id TEXT      An ID of one subnet to revoke authorization.
  --help                    Show this message and exit.

If you want to disconnect multiple hosts from a specific volume, you need to repeat the Revoke Access action for each host.

Deleting a storage volume in the console

If you no longer need a specific volume, you can delete that file share. To cancel a storage volume, you need to revoke access from any hosts first.

  1. Go to the IBM Cloud® console. From the menu, select Infrastructure VPC icon > Classic Infrastructure.

  2. Click Storage > File Storage for Classic.

  3. Click Actions Actions icon for the volume to be canceled, and select Delete File Storage for Classic.

  4. Confirm if you want to delete the volume immediately or on the anniversary date of when the volume was provisioned.

    If you select the option to cancel the volume on its anniversary date, you can void the cancellation request before its anniversary date.

  5. Click Continue or Close.

  6. Click the acknowledgment checkbox, and click Confirm.

When the volume is canceled, the request is followed by a 24-hour reclaim wait period. You can still see the volume in the console during those 24 hours. Billing for the volume stops immediately. When the reclaim-period expires, the data is destroyed and the volume is removed from the console, too. For more information, see the FAQs.

Active replicas and dependent duplicates can block reclamation of the Storage volume. Make sure that the volume is no longer mounted, host authorizations are revoked, replication is canceled, and no dependent duplicates exist before you attempt to delete the original volume.

Deleting a storage volume from the CLI

When the volume is canceled, the request is followed by a 24-hour reclaim wait period. You can still see the volume in the console during those 24 hours. Billing for the volume stops immediately. When the reclaim-period expires, the data is destroyed and the volume is removed from the console, too. For more information, see the FAQs.

Active replicas and dependent duplicates can block reclamation of the Storage volume. Make sure that the volume is no longer mounted, host authorizations are revoked, replication is canceled, and no dependent duplicates exist before you attempt to delete the original volume.

Deleting a storage volume from the IBMCLOUD CLI

You can use the ibmcloud sl file volume-cancel command to cancel the file share. The following example cancels the file share 12345678 with immediate effect.

ibmcloud sl file volume-cancel 12345678 --immediate -f

For more information about all of the parameters that are available for this command, see ibmcloud sl file volume-cancel.

Deleting a storage volume from the SLCLI

To delete a storage volume, you can use the following command.

$ slcli file volume-cancel --help
Usage: slcli file volume-cancel [OPTIONS] VOLUME_ID

Options:
  --reason TEXT  An optional reason for cancellation.
  --immediate    Cancels the File Storage volume immediately instead of on the
                 billing anniversary.
  -h, --help     Show this message and exit.

Deleting a storage volume with Terraform

Use the terraform destroy command to conveniently destroy a remote object such as a single file share. The following example destroys the file share with the ID ibm_file_share.example.id.

terraform destroy --target ibm_file_share.example.id

For more information, see terraform destroy.

When the volume is canceled, the request is followed by a 24-hour reclaim wait period. You can still see the volume in the console during those 24 hours. Billing for the volume stops immediately. When the reclaim-period expires, the data is destroyed and the volume is removed from the console, too. For more information, see the FAQs.

Active replicas and dependent duplicates can block reclamation of the Storage volume. Make sure that the volume is no longer mounted, host authorizations are revoked, replication is canceled, and no dependent duplicates exist before you attempt to delete the original volume.