Home > Storage > PowerScale (Isilon) > Product Documentation > Cloud > APEX File Storage for AWS: Deployment Guide with Terraform > Prerequisites
This section describes the prerequisite details that you should fulfill before using the onefs module to deploy OneFS cluster in AWS.
APEX File Storage for AWS requires an AWS subscription. Visit the Amazon website for more details about AWS subscription pricing.
APEX File Storage for AWS requires two different subnets:
Note: IPv6 is not currently supported.
Create IAM resources by following the manual deployment guide Create IAM policy, role, and instance profile. This is a one-time activity. The IAM policy and role is reusable for additional cluster deployment.
Create an internal security group for cluster internal network interfaces only, by following the manual deployment guide Create the internal security group.
Create an external security group for cluster external network interfaces to allow specific ingress traffic from clients, by following the manual deployment guide Create the external security group.
See the documentation Find the OneFS AMI ID for details about OneFS AMI ID.
A host machine with Terraform and AWS CLI installed. Ensure that the AWS CLI is configured correctly to access your AWS account. This document uses a Windows machine cmd console as an example.
Note: Do not use PowerShell for running Terraform commands.
IP range of cluster internal network interfaces
A cluster requires a dedicated internal subnet for cluster internal network interfaces. The subnet cannot be shared with other EC2 instances. For a single cluster, you must have six contiguous IPs to ensure that the cluster can expand to a maximum of six nodes.
IP range of cluster external network interfaces
Default network pool
During cluster deployment, you create a default cluster network pool named groupnet0.subnet0.pool0. Each node in the cluster is assigned one IP address from this pool. The IP addresses used in the pool groupnet0.subnet0.pool0 are the AWS primary IPv4 addresses, and cannot be moved from one node to another. Thus, the allocation type of this pool cannot be changed to dynamic.
The Externally Managed IPs feature in OneFS 9.7 introduces a limited form of DHCP for managing IP allocation in groupnet0.subnet0.pool0 and ensures that an IP in the OneFS network pool is assigned to the correct network interface of a node as the primary IP. To ensure the integrity of this process and mitigate potential security risks of a rogue DHCP server, it is recommended to add an inbound rule in the cluster external security group in AWS. See Table 3 for the details of the rule:
Setting | Value |
Rule name | E.g. DHCP |
Type | Ingress |
From port | 67 |
To port | 68 |
Protocol | udp |
Allowed CIDR blocks | <cluster-gateway>/32 |
Additional network pools
After a cluster is deployed, users are allowed to create additional network pools. These new pools can use static or dynamic allocation. Any unused IPs from the cluster external subnet CIDR range can be used to create pools. The IPs from additional network pools are assigned to cluster nodes as AWS secondary IPv4 addresses.