Nobus Flexible Block Store is recommended when fast data accessibility is needed and comprehensive persistence is required. Nobus FBS make available, block storage volumes for use with FCS instances which can be configured dynamically. These volumes can be positioned as devices with any instances. Multiple volumes can be positioned on the same instance however, each volume can be attached to one instance at a time.
FBS volumes are highly available and reliable storage volumes that can be attached to any running instance. For more information, see Nobus FBS pricing
Multiple volumes can be attached to the same instance within the limits specified by your account.
FBS volumes are particularly well-suited for use as the primary storage for file systems and databases.
FBS volumes are created in a specific location ( Availability Zone ), and can then be attached to any instances in that same Account. You can copy snapshots to other Availability Zone and then restore them to new volumes there making it easier for disaster recovery and migration.
Standard FBS Volume is provided by Nobus.
Starndard SAS volumes are ideal for a broad range of use cases such as boot volumes, small and medium-size databases, and development and test environments.
Your FBS volumes can be encrypted to meet a wide range of data-at-rest encryption requirements for regulated/audited data and applications. When you create an encrypted FBS volume and attach it to a supported instance type, data stored at rest on the volume, disk I/O, and snapshots created from the volume are all encrypted. The encryption occurs on the servers that host FCS instances, providing encryption of data-in-transit from FCS instances to FBS storage. For more information, see Nobus FBS Encryption. Snapshots protect data for long-term durability, and they can be used as the starting point for new FBS volumes. Snapshots can be copied across several Availability Zone and used to instantiate as many volumes as you wish. For more information, see Nobus FBS Snapshots
Nobus FBS volume is a durable, block-level storage device that you can attach to a single FCS instance. You can use FBS volumes as primary storage for data that requires frequent updates, such as the system drive for an instance or storage for a database application.
Volume attached to an instance, can be used like any other physical hard drive. FBS volumes persist independently from the running life of an FCS instance.
The FBS volume is off-instance storage which can be retrievable ( note; you continue to pay for volume use ) regardless of the life of an instance.
if you uncheck the Delete on Termination checkbox when you configure FBS volumes for your instance on the FCS console, When the instance is terminated, the FBS volumes attached to the running instance will automatically detach from the instance with their data intact. Then the volume can be re-attached to a new instance, allowing rapid recovery. If the checkbox for Delete on Termination is checked, the volume(s) will delete upon termination of the FCS instance. You can stop and reboot this instance without an impact on the data stored in the attached volume when using a FBS-backed instance.
By default, the root FBS volume that is created and attached to an instance at launch
is
deleted when that instance is terminated. You can modify this behavior by changing
the
value of the flag DeleteOnTermination
to false
when you launch
the instance. This modified value causes the volume to persist even after the instance
is
terminated, and enables you to attach the volume to another instance.
By default, additional FBS volumes that are created and attached to an instance at
launch are
not deleted when that instance is terminated. You can modify this behavior by changing
the
value of the flag DeleteOnTermination
to true
when you launch
the instance. This modified value causes the volumes to be deleted when the instance
is
terminated.
a FBS volume and the instance to which it attaches must be in the same location (account). If you build a FBS volume in a specific account, it is automated to prevent data loss in the account because of a hardware component's failure.
Just one instance can be connected to a FBS volume at a time, but a single instance can be connected to several volumes. You can strip data across the volumes for greater performance by attaching multiple volumes to a named device.
Note;Without interruption to operation, you can switch volume type and volume size.
For simplified data encryption, you can create encrypted FBS volumes with the Nobus FBS encryption feature. You can use encrypted FBS volumes to meet a wide range of data-at-rest encryption requirements for regulated/audited data and applications. Nobus FBS encryption uses 256-bit Advanced Encryption Standard algorithms (AES-256) and a Nobus-managed key infrastructure. The encryption occurs on the server that hosts the FCS instance, providing encryption of data-in-transit from the FCS instance to Nobus FBS storage.
When you keep writing data in a volume, you will regularly snapshot a volume that will be used as a reference for new volumes. Nobus FBS can backup all FBS volumes and These snapshots may be used to create several new FBS volumes or to move volumes in the available areas.The snapshots can be shared with specific Availability Zone or made public. Snapshots of FBS volumes are automatically encrypted. To take a snapshot it is not necessary to add the volume to a running instances.
Although snapshots are progressively saved, only the most recent snapshots are maintained in restoring the volume.
When you create a new volume in a snapshot, the original volume is exactly copied when you take the snapshot. There is automated encryption of FBS volumes restored from encrypted snapshots. You are charged for creating snapshots on the basis of the total volume size. You are charged only for additional data outside the original volume for a successive snapshot of the volume.
You can create a Nobus FBS volume that you can then attach to any running FCS instance or detach a volume and attach it to another instance at any time. within the same Availability Zone. You can choose to create an encrypted FBS volume, but encrypted volumes can only be attached to supported instance types.
Methods of Creating a Volume
Select the appropriate project from the drop down menu at the top left.
On the Project tab, open the Volumes tab and click Volumes category.
Click Create Volume.
In the dialog box that opens, enter or select the following values.
Volume Name: Specify a name for the volume.
Description: Optionally, provide a brief description for the volume.
Volume Source: Select one of the following options:
No source, empty volume: Creates an empty volume. An empty volume does not contain a file system or a partition table.
Snapshot: If you choose this option, a new field for Use snapshot as a source displays. You can select the snapshot from the list.
Image: If you choose this option, a new field for Use image as a source displays. You can select the image from the list.
Volume: If you choose this option, a new field for Use volume as a source displays. You can select the volume from the list. Options to use a snapshot or a volume as the source for a volume are displayed only if there are existing snapshots or volumes.
Type: Leave this field blank.
Size (GB): The size of the volume in gibibytes (GiB).
Availability Zone: Select the Availability Zone from the list.
By default, nova
.
Click Create Volume.
The dashboard shows the volume on the Volumes tab.
You can attach an available FBS volume to one of your instances that is in the same Availability Zone as the volume.
To attach a FBS volume to an instance using the console
Select the appropriate project from the drop down menu at the top left.
On the Project tab, open the Volumes tab and click Volumes category.
Select the volume to add to an instance and click Manage Attachments.
In the Manage Volume Attachments dialog box, select an instance.
Enter the name of the device from which the volume is accessible by the instance.
Note
The actual device name might differ from the volume name because of hypervisor settings.
Click Attach Volume.
The dashboard shows the instance to which the volume is now attached and the device name.
You can view the status of a volume in the Volumes tab of the dashboard. The volume is either Available or In-Use.
Now you can log in to the instance and mount, format, and use the disk.
To view information about a FBS volume using the console
Select the appropriate project from the drop down menu at the top left.
On the Project tab, open the Volumes tab and click Volumes category.
Select the volume that you want to edit.
In the Actions column, click Edit Volume.
In the Edit Volume dialog box, update the name and description of the volume.
Click Edit Volume.
Note
You can extend a volume by using the Extend Volume option available in the More dropdown list and entering the new value for volume size.
a Nobus FBS volume may be expressly detached from an instance or the instance can be terminated. Unmount the volume from the instance if the instance is running.
If an instance's root device is a FBS volume, you must interrupt the instance before detaching the volume.
You can reattach a volume that you detached (without unmounting it), but it might not getthe same mount point. If there were writes to the volume in progress when it was detached, the data on the volume might be out of sync.
To detach a FBS volume using the console
A message indicates whether the action was successful.
when you no longer need a Nobus FBS volume, you can delete it. After deletion, the volume can't be attached to any instance because the data is gone . You can store a snapshot of the volume, which you can use to re-form the volume later before you delete the volume.
To delete a volume, it must not be attached to an instance.
To delete a FBS volume using the console
Click Delete Volumes and confirm your choice.
A message indicates whether the action was successful.
When you keep writing data in a volume, you can regularly snapshot a volume that will be used as a reference for new volumes. Nobus FBS can backup all FBS volumes and These snapshots may be used to create several new FBS volumes or move volumes to the available areas.The snapshots can be shared with specific account or made public. To take a snapshot it is not necessary to add the volume to a running instances.
Although snapshots are progressively saved, only the most recent snapshots are maintained in restoring the volume. Snapshots of FBS volumes are automatically encrypted.
When you create a new volume in a snapshot, the original volume is exactly copied when you take the snapshot. There is automated encryption of FBS volumes restored from encrypted snapshots.
Group Snapshots
Group snapshots allow you to capture accurate, organized, crash-compatible snapshots of the FCS instance over several FBS volumes because the transition is automatic.
You can track the status of your FBS snapshots through the Dashboard.
You can create a FBS snapshot at a particular moment and use it as a reference to new volumes or to backup your data.
Snapshots taken at a particular moment is created immediately, but while in progress it is not affected by an ongoing reads and writes to the volume.
It is possible to take a snapshot of an attached volume that is in use. data written to your Nobus FBS volume are only recorded at the time of the output of the snapshot command. When the snapshot state is pending, the volume can be remounted and used.
Snapshots that are taken from encrypted volumes are automatically encrypted. Volumes that are created from encrypted snapshots are also automatically encrypted. At any point in time the data in your encrypted volumes and any associated snapshots are protected.
Volumes that you create from an unencrypted snapshot belonging or accessible to you can be encrypted progressively.
during the copy process, you can encrypt an unencrypted snapshot belonging to you.
encrypted snapshot that you own or have access to, can be reencrypted with a different key during the copy process.
The first snapshot you take of an encrypted volume that has been created from an unencrypted snapshot is always a full snapshot.
The first snapshot you take of a reencrypted volume, which has a different CMK compared to the source snapshot, is always a full snapshot.
Originally, only you can create volumes from snapshots that you own but, you can share your unencrypted snapshots within Availability Zone, or make them public.
You can share an encrypted snapshot only with specific Nobus Availability Zone. For others to use your shared, encrypted snapshot, you must also share the CMK key that was used to encrypt it. Users with access to your encrypted snapshot must create their own personal copy of it and then use that copy to restore the volume. Your copy of a shared, encrypted snapshot can also be re-encrypted with a different key.
If you copy a snapshot and encrypt it to a new CMK, a complete (non-incremental) copy is always created, resulting in additional delay and storage costs.
Consider the following when creating snapshots
Take the following steps to make a snapshot of the volume listed using the console.
You could use many accounts for data center relocation and disaster recovery by copying snapshots across accounts. After you create a snapshot of a FBS volume, you can use it to create new volumes in the same Account. A snapshot is restricted to the Nobus Account where it was created.
Take the steps below to copy a snapshot using the Nobus FCS console.
When sharing a snapshot, you give other people access to all of the snapshot details. Share snapshots only with people you wish to share all of your snapshot data with.
You can share a snapshot with the Nobus Availability Zone you define by changing a snapshot's permissions. Authorized users can use the snapshots you share as the basis for creating their own FBS volumes, while your original snapshot remains unaffected. If you choose, you can make your unencrypted snapshots available publicly to all Nobus users.
You can't make your encrypted snapshots available publicly. When you share an encrypted snapshot, you must also share the customer managed CMK used to encrypt the snapshot.
Deleting a snapshot of a volume has no effect on the volume. Deleting a volume has no effect on the snapshots made from it.
When you delete a snapshot, only the data referenced exclusively by that snapshot is removed. Unique data will not be deleted unless all of the snapshots that reference that data are deleted. Deleting previous snapshots of a volume does not affect your ability to restore volumes from later snapshots of that volume.
If you make periodic snapshots of a volume, the snapshots are incremental. This means that only the blocks on the device that have changed after your last snapshot are saved in the new snapshot. Even though snapshots are saved incrementally, the snapshot deletion process is designed so that you need to retain only the most recent snapshot in order to restore the volume. Data that was present on a volume, held in an earlier snapshot or series of snapshots, that is subsequently deleted from that volume at a later time, is still considered unique data of the earlier snapshots. This unique data is not deleted from the sequence of snapshots unless all snapshots that reference the unique data are deleted.
Deleting a snapshot might not reduce your organization's data storage costs. Other snapshots might reference that snapshot's data, and referenced data is always preserved. If you delete a snapshot containing data being used by a later snapshot, costs associated with the referenced data are allocated to the later snapshot.
To delete Group snapshots, retrieve all of the snapshots for your Group group using the tag you applied to the group when you created the snapshots. Then, delete the snapshots individually. You will not be prevented from deleting individual snapshots in the Group snapshots group.
While you can delete a snapshot that is still in progress, the snapshot must complete
before the deletion takes effect. This may take a long time. If you are also at your
concurrent snapshot limit (five snapshots in progress), and you attempt to take an
additional snapshot, you may get a error
message.
You can view detailed information about your snapshots.
You can increase the volume size, change the volume type, or reset the performance of your FBS volumes with Nobus FBS extendable volumes. without detaching the volume or restarting the instance. Enabling you to continue using your application while the changes are effecting.
In some cases, you must stop the instance or detach the volume for modification to continue.
After provisioning much IOPS on an existing volume, you may need to do one of the following to see the full performance improvements:
when you make changes to a volume that has not been fully initialized, there is an addition in modification time.
when changes to a volume has completed, wait at least five (5) hours and ensure that the volume is in the available state before attempting extra modifications to the same volume.
No charges are incured while making changes to the confguration of a volume until the volume modification starts. See the Nobus FBS Pricing for more information.
Nobus FBS encryption offers a straight-forward encryption solution for your FBS resources that doesn't require you to build, maintain, and secure your own key management infrastructure. It uses Nobus Key Management Service (Nobus) customer master keys (CMK) when creating encrypted volumes and snapshots.
Encryption operations occur on the servers that host FCS instances, ensuring the security of both data-at-rest and data-in-transit between an instance and its attached FBS storage.
You can encrypt both the boot and data volumes of an FCS instance. When you create an encrypted FBS volume and attach it to a supported instance type, the following types of data are encrypted:
FBS encrypts your volume with a data key using the industry-standard AES-256 algorithm. Your data key is stored on-disk with your encrypted data, but not before FBS encrypts it with your CMK. Your data key never appears on disk in plaintext. The same data key is shared by snapshots of the volume and any subsequent volumes created from those snapshots.
Before you begin, verify that the following requirements are met.
Encryption is supported by all FBS volume types. You can expect the same IOPS performance on encrypted volumes as on unencrypted volumes, with a minimal effect on latency. You can access encrypted volumes the same way that you access unencrypted volumes.
Nobus FBS encryption is available on the instance types listed below. You can attach both encrypted and unencrypted volumes to these instance types simultaneously.
When you configure a CMK as the default key for FBS encryption, the default key policy allows any IAM user with access to the required KMS actions to use this key to encrypt or decrypt FBS resources. You must grant IAM users permission to call the following actions in order to use FBS encryption:
Nobus FBS automatically creates a unique Nobus managed CMK in each Account where you
store Nobus resources. This key has the alias alias/Nobus/FBS
.
By default, Nobus FBS uses this key for encryption. Alternatively, you can specify
a customer managed CMK that you created as the default key for FBS encryption.
Using your own CMK gives you more flexibility, including the ability to create,
rotate, and disable keys.
To configure the default key for FBS encryption for a Account
You can configure your Nobus account to enforce the encryption of the new FBS volumes and snapshot copies that you create. For example, Nobus FBS encrypts the FBS volumes created when you launch an instance and the snapshots that you copy from an unencrypted snapshot. For examples of transitioning from unencrypted to encrypted FBS resources, see Encrypting Unencrypted Resources.
Encryption by default has no effect on existing FBS volumes or snapshots.
You encrypt FBS volumes by enabling encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt.
When you encrypt a volume, you can specify the CMK to use to encrypt the volume. If you do not specify a CMK, the key that is used for encryption depends on the encryption state of the source snapshot and its ownership. For more information, see the encryption outcomes table.
You cannot change the CMK that is associated with an existing snapshot or volume. However, you can associate a different CMK during a snapshot copy operation so that the resulting copied snapshot is encrypted by the new CMK.
When you create a new, empty FBS volume, you can encrypt it by enabling encryption for the specific volume creation operation. If you enabled FBS encryption by default, the volume is automatically encrypted. By default, the volume is encrypted to your default key for FBS encryption. Alternatively, you can specify a different CMK for the specific volume creation operation. The volume is encrypted by the time it is first available, so your data is always secured. For detailed procedures, see Creating a Nobus FBS Volume.
By default, the CMK that you selected when creating a volume encrypts the snapshots that you make from the volume and the volumes that you restore from those encrypted snapshots. You cannot remove encryption from an encrypted volume or snapshot, which means that a volume restored from an encrypted snapshot, or a copy of an encrypted snapshot, is always encrypted.
Public snapshots of encrypted volumes are not supported, but you can share an encrypted snapshot with specific Availability Zone. For detailed directions, see Sharing a Nobus FBS Snapshot.
Although there is no direct way to encrypt an existing unencrypted volume or snapshot, you can encrypt them by creating either a volume or a snapshot. If you enabled encryption by default, Nobus FBS encrypts the resulting new volume or snapshot using your default key for FBS encryption. Even if you have not enabled encryption by default, you can enable encryption when you create an individual volume or snapshot. Whether you enable encryption by default or in individual creation operations, you can override the default key for FBS encryption and select a customer managed CMK.
To encrypt the snapshot copy to a customer managed CMK, you must both enable encryption and specify the key.
You can also apply new encryption states when launching an instance from an FBS-backed NMI. This is because FBS-backed NMIs include snapshots of FBS volumes that can be encrypted as described.
A Nobus FBS–optimized instance uses an optimized set-up pattern and provides extra, dedicated capacity for Nobus FBS I/O. By reducing the discrepancies between Nobus FBS I/O and other traffic from your instance, this optimization provides the best output for your FBS volume.
The following tables show instance types that allows FBS optimization. Ensure to select suited FBS–Standard instance that provides more dedicated Nobus FBS capacity than intial required of your application, for enhanced performance in connection between Nobus FBS and Nobus FCS.
Nobus FCS standard Linux/Windows instances are cost saving.
Features:
Model | vCPU | Mem (GiB) | Storage |
---|---|---|---|
si.1.1.20.l | 1 | 1 | 20 |
si.1.2.20.l | 1 | 2 | 20 |
si.2.2.40.l | 2 | 2 | 40 |
si.2.4.40.l | 2 | 4 | 40 |
si.2.8.60.l | 2 | 8 | 60 |
si.4.16.60.l | 4 | 16 | 60 |
si.4.32.80.l | 4 | 32 | 80 |
si.8.16.80.l | 8 | 16 | 80 |
si.8.32.80.l | 8 | 32 | 80 |
si.8.64.80.l | 8 | 64 | 80 |
si.16.64.80.l | 16 | 64 | 80 |
si.16.128.80.l | 16 | 128 | 80 |
Model | vCPU | Mem (GiB) | Storage |
---|---|---|---|
si.1.1.40.W | 1 | 1 | 40 |
si.1.2.40.W | 1 | 2 | 20 |
si.2.2.40.W | 2 | 2 | 40 |
si.2.4.60.W | 2 | 4 | 40 |
si.2.8.60.W | 2 | 8 | 60 |
si.4.16.60.W | 4 | 16 | 60 |
si.4.32.80.W | 4 | 32 | 80 |
si.8.16.80.W | 8 | 16 | 80 |
si.8.32.80.W | 8 | 32 | 80 |
si.8.64.80.W | 8 | 64 | 80 |
si.16.64.80.W | 16 | 64 | 80 |
si.16.128.80.W | 16 | 128 | 80 |
Use Cases:
Workloads such as web servers, distributed data stores, caching fleets, and development environments can be Scaled-out