Precautions¶
This section highlights some topics to consider when planning your vFXT cluster.
AWS resource limits¶
To make sure your vFXT cluster has access to sufficient computing power, plan your installation to avoid exceeding any resource limits.
Consider existing AWS EC2 instances and EBS storage currently in use in your account before attempting to create a vFXT cluster.
Limits are imposed per account on a variety of resources, including storage, instances, and buckets.
Storage limits¶
Storage on EC2 instances uses Elastic Block Store (EBS) volumes. The vFXT uses EBS general purpose (gp2) SSD volumes. AWS imposes EBS volume limits per account, including 5,000 EBS volumes and 20 TiB.
Limits can be increased by requesting a service limit increase.
Each vFXT node requires a minimum amount of EBS storage during node creation. The amount of EBS storage needed depends on the selections made when creating the cluster. For example, if you try to create a three-node cluster with 7000 GB of storage per node, your cluster would require 21 TiB, which is over the 20 TiB limit.
Note that these limits are per account. If there are other instances in the account using gp2 volumes, those volumes also count toward the 20 TiB limit even before the first vFXT instance is created.
Instance limits¶
There also are limits on the number of instances that can be created within an account. For vFXT instance types, the limits are 20 r4.2xlarge or r3.2xlarge instances; and 5 r4.8xlarge or r3.8xlarge instances. (These limits are for on-demand instances; reserved instance limits are 20 for both types.)
For instance, you cannot create two three-node clusters with r4.8xlarge nodes within the same account unless you have received a service limit increase.
Bucket limits¶
If your cluster uses S3 buckets as core filers, also note that there is a limit of 50 buckets per AWS account.
AWS account charges¶
Amazon Web Services charges are incurred for (but are not limited to) the following types of use:
- Running EC2 instances
- EBS volumes (EC2 storage), even when the machine is not running
- S3 storage
- Data transfer into and out of AWS
- Data transfer between availability zones if using a multi-AZ configuration
Avere Systems recommends that administrators monitor all AWS charges and set up billing alerts.
For more information, refer to Amazon’s pricing page as well as Amazon’s documentation on monitoring estimated charges.
Encryption key management¶
After the vFXT cluster has been created, it is strongly recommended that you create a new cloud encryption key and save the key file before using your new cluster.
Instructions for creating a new cloud encryption key can be found in the Core Filer > Cloud Encryption Settings section of the Cluster Configuration Guide.
Internet exposure¶
vFXT nodes require internet access, but they should not be directly exposed to the internet.
Caution
Avere vFXT nodes are not hardened for direct internet access.
The nodes must sit behind a firewall to protect them against attacks. This requirement also applies to any clients or servers within your network.
Most Avere customers use an EC2-based NAT instance to allow designated traffic to traverse public and private subnets within a VPC. Other customers extend their corporate network infrastructure to AWS by using a VPN or AWS Direct Connect. Read Internet access for details about configuring NAT for your cluster VPC.