Networks Prerequisites
ECFS does not support legacy type networks (VPC)
Only one instance of ECFS can be installed per VPC
Installing in a Service Project inside a Shared VPC is not supported by GCP marketplace, please contact Elastifile Support for help.
Firewall Rules Prerequisites
Motivation
The Elastifile Cloud File System is a distributed file system created from standard cloud instances. The system is launched via the Elastifile Management Server (EMS). EMS creates and configures the storage nodes based on user capacity requirements. The EMS and the storage nodes must communicate with each other using multiple protocols. Customer applications running in the customer project must communicate with the Elastifile storage nodes using NFSv3 (multiple TCP and UDP ports). To ensure the successful launch and operation of the system Elastifile configured the necessary FW rules as part of the installation. If for some reason your project prevents the creation of the FW rules please make sure that one of the following firewall rule options must be available.
Option 1 - Preferred
Keep the default “default-allow-internal” rule enabled.
Option 2 - Customized Rules
If your security policy does not allow the default internal rule, then add the following rule:
Name: elastifile-ems-deployment
source range: deployment-vm ip or 0.0.0.0/0, and vpc-network cidr
source tags: http-server, https-server
- TCP: 80,443
Note: REST calls are HTTPS (443) to the public IP of EMS. Ensure GCP project firewall rules allow 443 (ingress) from wherever this Terraform template is run. Can restrict source range after terraform deployment.
Name: elastifile-storage-management
source range: vpc-network cidr
source tags: elastifile-storage-node, elastifile-replication-node, elastifile-clients
target tags: elastifile-management-node
- ICMP
- TCP: 22,53,80,443,10014-10018,10028
- UDP: 53, 123, 6667
Name: elastifile-storage-service
source range: vpc-network cidr
source tags: elastifile-management-node, elastifile-storage-node, elastifile-replication-node, elastifile-clients
target tags: elastifile-storage-node, elastifile-replication-node
- ICMP
- TCP: 22,12121,10015-10018,1112-1132,2221-2241,8000-9224,10028,32768-60999
- UDP: 6667,8000-9224,32768-60999
Name: elastifile-clients
source tags: elastifile-storage-node
target tags: elastifile-clients, elastifile-replication-node
- ICMP
- TCP: 111,644,2049,4040,4045
- UDP: 111,644,2049,4040,4045
Name: elastifile-ra-service
source range: vpc-network cidr
source tags: elastifile-storage-node, elastifile-management-node
target tags: elastifile-replication-node
- ICMP
-TCP: 22,80,443,10018,10015,10028,12121
Resource Quota Prerequisites
The Elastifile Cloud File System uses the following resources
Note: You must ensure that your project quota can support these requirements.