Connect file storage to a cloud server in another pool

Last update: June 26 2025

If you plan to use file storage to store backups, we recommend pooling the storage and cloud server from different availability zones or regions. This will increase the fault tolerance of the system. If the file storage and cloud server are located in different pools, you must configure private network connectivity at the L3 level through a global router to connect the storage.

1. Create a global router.

2. Connect the network and subnet for the cloud server to the global router.

3. Connect the network and subnet for the file storage to the global router.

4. Assign an IP address to the cloud server.

5. Write routes on the cloud server.

6. Create file storage.

7. Mount the file storage to the cloud server.

See an example of connecting file storage to a cloud server in a different pool.

The instructions describe connection examples for cloud servers with Ubuntu, Debian, CentOS and Windows operating systems. Instructions for servers running VMware ESXi, Proxmox and FreeNAS are in the Selectel Selectel File Storage blog article.

If you need to increase disk space with your file storage, we recommend creating the storage in the same pool as the cloud server. For more information, see Connect file storage to a cloud server in the same pool.

Example of connecting file storage to a cloud server

For example, you need to connect file storage in pool ru-2 to a cloud server in pool ru-8.

1. Create a global router.

2. Connect two private networks to the global router - 192.168.0.0/29 with gateway 192.168.0.1 for pool ru-8 and 172.16.0.0/29 with gateway 172.16.0.1 for pool ru-2.

3. Assign an address from the 192.168.0.0/29 subnet to the cloud server, such as 192.168.0.2.

4. Write a route on the cloud server in the ru-8 pool - to subnet 172.16.0.0/29 via gateway 192.168.0.1.

5. Create a file store on the 172.16.0.0/29. subnet.

6. Mount the file storage to the cloud server.

1. Create a global router

1. In the Control Panel, on the top menu, click Products and select Global Router.
2. Click Create router. Each account has a limit of five global routers.
3. Enter the name of the router.
4. Click Create.
5. If the router is created with the status ERROR or hangs in one of the statuses, create a ticket.

2. Connect the network and subnet for the cloud server to the router

You need to connect the network and subnet to the global router up to the project and cloud platform pool where the cloud server is created.

You can connect a new network to the router or an existing network if it is not already connected to any of the account's global routers.

Connect a new network

1. In the Control Panel, on the top menu, click Products and select Global Router.

2. Open the router page → Networks tab.

3. Click Create Network.

4. Enter the network name. This will only be used in the control panel.

5. Select a Cloud Platform service.

6. Select a pool.

7. Select a project.

8. Enter the subnet name. This will only be used in the control panel.

9. Enter the CIDR - IP address and subnet mask. The subnet must meet the conditions:

   • belong to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16;;
   • have a size of at least /29, as three addresses will be occupied by Selectel network equipment;
   • Do not overlap with other subnets added to this router - subnets on the same router should not have the same IP addresses;
   • If the global router network will include a Managed Kubernetes cluster on cloud servers, the subnet must not overlap with the ranges 10.10.0.0/16, 10.96.0.0/12, 10.250.0.0/16 and 10.251.0.0/24. If the network will include a cluster on dedicated servers - with the ranges 10.10.0.0/16, 10.222.0.0/16, 10.250.0.0/16, 10.251.0.0/24 and 172.250.0.0/14. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.

10. Enter the gateway IP or leave the first address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network.

11. Enter service IPs or leave the last addresses from the subnet assigned by default. Do not assign these addresses to your devices to avoid disrupting the network.

12. Click Create Network.

13. Optional: Check the network topology on the global router. In the control panel, from the top menu, click Products → Global Router → Router Page → Network Map.

Connect existing network

1. Verify that the network has not yet been added to any of the account's global routers. In the Control Panel, in the top menu, click Products → Cloud Servers → Network → Private Networks tab → check that there is no Global Router tag in the network card.

2. Verify that the subnet meets the conditions:

   • belongs to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16;;
   • is at least /29, as three addresses will be occupied by Selectel network equipment;
   • does not overlap with other subnets added to this router: the IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router;
   • If the global router network will include a Managed Kubernetes cluster on cloud servers, the subnet must not overlap with the ranges 10.10.0.0/16, 10.96.0.0/12, 10.250.0.0/16 and 10.251.0.0/24. If the network will include a cluster on dedicated servers - with the ranges 10.10.0.0/16, 10.222.0.0/16, 10.250.0.0/16, 10.251.0.0/24 and 172.250.0.0/14. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.

3. In the dashboard, on the top menu, click Products and select Cloud Servers.

4. Go to Network → Private Networks tab.

5. From the menu of the network, select Connect to Global Router.

6. Select the global router.

7. For each of the network subnets, enter the IP address that will be assigned to the router, or leave the first available address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network. The last two free subnet addresses will be reserved as service addresses.

8. Click Connect. Do not close the window until you see a message that the network is connected. After that, in the Control Panel:

   • the network will appear under Selectel Global Router on the page of the router to which you connected it;
   • under Cloud Servers → Network → on the Private Networks tab, the network will have the Global Router tag.

3. Connect a network and subnet to the router for file storage

You need to connect the network and subnet to the global router up to the project and cloud platform pool where the file storage will be created in the future.

You can connect a new network to the router or an existing network if it is not already connected to any of the account's global routers.

Connect a new network

1. In the Control Panel, on the top menu, click Products and select Global Router.

2. Open the router page → Networks tab.

3. Click Create Network.

4. Enter the network name. This will only be used in the control panel.

5. Select a Cloud Platform service.

6. Select the pool where the file storage will be created.

7. Select the project where the file storage will be created.

8. Enter the subnet name. This will only be used in the control panel.

9. Enter the CIDR - IP address and subnet mask. The subnet must meet the conditions:

   • belong to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16;;
   • have a size of at least /29, as three addresses will be occupied by Selectel network equipment;
   • Do not overlap with other subnets added to this router - subnets on the same router should not have the same IP addresses;
   • If the global router network will include a Managed Kubernetes cluster on cloud servers, the subnet must not overlap with the ranges 10.10.0.0/16, 10.96.0.0/12, 10.250.0.0/16 and 10.251.0.0/24. If the network will include a cluster on dedicated servers - with the ranges 10.10.0.0/16, 10.222.0.0/16, 10.250.0.0/16, 10.251.0.0/24 and 172.250.0.0/14. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.

10. Enter the gateway IP address or leave the first address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network.

11. Enter a service IP address or leave the last addresses from the subnet assigned by default. Do not assign these addresses to your devices to avoid disrupting the network.

12. Click Create Network.

13. Optional: Check the network topology on the global router. In the control panel, from the top menu, click Products → Global Router → Router Page → Network Map.

Connect existing network

1. Check that the network has not yet been added to any of the account's global routers. In the Control Panel, in the top menu, click Products → Cloud Servers → Network → Private Networks tab → check that there is no Global Router tag in the network card.

2. Verify that the subnet meets the conditions:

   • belong to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16;;
   • have a size of at least /29, as three addresses will be occupied by Selectel network equipment;
   • Do not overlap with other subnets added to this router - subnets on the same router should not have the same IP addresses;
   • If the global router network will include a Managed Kubernetes cluster on cloud servers, the subnet must not overlap with the ranges 10.10.0.0/16, 10.96.0.0/12, 10.250.0.0/16 and 10.251.0.0/24. If the network will include a cluster on dedicated servers - with the ranges 10.10.0.0/16, 10.222.0.0/16, 10.250.0.0/16, 10.251.0.0/24 and 172.250.0.0/14. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.

3. In the dashboard, on the top menu, click Products and select Cloud Servers.

4. Go to Network → Private Networks tab.

5. From the menu of the network, select Connect to Global Router.

6. Select the global router.

7. For each of the network subnets, enter the IP address that will be assigned to the router, or leave the first available address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network. The last two free subnet addresses will be reserved as service addresses.

8. Click Connect. Do not close the window until you see a message that the network is connected. After that, in the Control Panel:

   • The network will appear in the Selectel Global Router section of the router page of the router you connected it to. You can view it in the control panel: from the top menu, click Products → Global Router → Selectel Global Router → Selectel Global Router → Router page;
   • the network will have the Global Router tag. You can view it in the control panel: in the top menu, click Products → Cloud Servers → Cloud Server page → Network section → Network card.

4. Assign an IP address to the cloud server

Configure a local port on the cloud server that connects to the global router network. On the port, assign an IP address from the subnet you connected to the global router for the cloud server.

1. Add the cloud server to the created subnet of the global router. If you do not already have a cloud server, create one. When creating it, select the global router subnet as the subnet.

2. Apply changes depending on the port parameter Apply changes. You can view the value of the parameter in the control panel: from the top menu, click Products → Cloud Servers → Cloud Server page → Ports tab → Ports Configuration block:

   • When the server reboots. - programmatically reboot the cloud server or manually make changes to the network configuration file on the server;
   • Manually in the network configuration file on the server - Manually make changes to the network configuration file on the server.

5. Prescribe routes on the cloud server

Ubuntu

1. Connect to the cloud server.

2. Disable network configuration. To do this, create the file 99-disable-network-config.cfg:

   echo "network: {config: disabled}" >> /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg

3. Open the configuration file:

   vi /etc/network/interfaces.d/50-cloud-init.cfg

4. Locate the data block of the corresponding network interface.

5. At the end of this block, add a route:

   up route add -net <ip_address> netmask <mask> gw <gateway>

   Specify:

   • <ip_address> - the subnet to which you want to route, e.g. 192.168.0.0;
   • <mask> - mask of the subnet to which the route is to be routed, e.g. 255.255.255.0;
   • <gateway> - gateway for the current server subnet, which is specified on the global router.

6. If you need to prescribe multiple routes, add them sequentially in the same block.

7. Restart the server.

Debian

1. Connect to the cloud server.

2. Open the network settings file:

   vi  /etc/network/interfaces

3. Locate the data block of the corresponding network interface.

4. At the end of this block, add a route:

   up route add -net <ip_address> netmask <mask> gw <gateway>
   down route del -net <ip_address> netmask <mask> gw <gateway>

   Specify:

   • <ip_address> - the subnet to which you want to route, e.g. 192.168.0.0;
   • <mask> - mask of the subnet to which the route is to be routed, e.g. 255.255.255.0;
   • <gateway> - gateway for the current server subnet, which is specified on the global router.

5. If you need to prescribe multiple routes, add them sequentially in the same block.

6. Save the file.

7. Restart the network:

   sudo /etc/init.d/networking restart

CentOS

1. Connect to the cloud server.

2. Disable network configuration. To do this, create the file 99-disable-network-config.cfg:

   echo "network: {config: disabled}" >> /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg

3. Add a new route:

   echo "<ip_address>/<mask> via <gateway>" > /etc/sysconfig/network-scripts/route-<eth_name>

   Specify:

   • <ip_address>/<mask> - the subnet to which you want to route, with a mask, e.g. 192.168.0.0/29;
   • <gateway> - gateway for the current server subnet, which is specified on the global router;
   • <eth_name> - the name of the corresponding LAN interface.

   If you need to add multiple routes, specify them in one command. Specify each route on a new line, for example:

   echo "192.168.0.0/29 via 172.16.0.1
   192.168.1.0/29 via 172.16.0.1" >> /etc/sysconfig/network-scripts/route-eno2

4. Restart the network:

   systemctl restart network

Windows

1. Connect to the cloud server.

2. Add the required routes one at a time:

   route -p ADD <ip_address> MASK <mask> <gateway> METRIC <x>

   Specify:

   • <ip_address> - the subnet to which you want to route, e.g. 192.168.0.0;
   • <mask> - the subnet mask to which you want to route, e.g. 255.255.255.0;
   • <gateway> - gateway for the current server subnet, which is specified on the global router.
   • <x> - a number that determines the priority of the specified gateway, 1 being the highest priority.

6. Create file storage

Control panel

1. In the Control Panel, on the top menu, click Products and select File Storage.

2. Click Create Storage.

3. Enter a name for the repository or leave the name that is automatically created.

4. Select the location where the vault will be created.

   If you need to increase disk space with file storage, select the location where the cloud server or Managed Kubernetes cluster is located.

   If you plan to use storage to store backups, we recommend choosing a location that is different from that of the underlying infrastructure to improve fault tolerance.

5. Fill in the blocks:

   • Subnetwork
   • Settings
   • Access rules

6. Check out the price of file storage.

7. Click Create.

Subnetwork

1. Select the private subnet where the storage will be located. The type of subnet depends on what you want to connect the storage to:

   • cloud private subnet - the storage will be available to Managed Kubernetes cloud servers and clusters only in the pool you selected when creating the storage. You will only need to mount the storage to connect it;
   • global router subnet - the storage will be available for dedicated servers, as well as cloud servers and Managed Kubernetes clusters that are located in other pools. To connect the storage, you need to configure network connectivity between the server or cluster and the storage through the global router. See the Connect File Storage section for examples of how to configure network connectivity.

   Once the repository is created, the subnet cannot be changed.

2. Enter a private IP address for the vault or leave the first available address from the subnet assigned by default. Once the storage is created, the IP address cannot be changed.

Settings

1. Select the type of file storage:

   • HDD Basic,
   • SSD Universal,
   • SSD Fast.

   Once created, the storage type cannot be changed.

2. Specify the storage size: from 50 GB to 50 TB. Once created, you can increase the file storage, but you cannot decrease it.

3. Select a protocol:

   • NFSv4 - for connecting storage to servers with Linux-based OS and other Unix systems;
   • CIFS SMBv3 - for connecting the storage to Windows servers.

   Once the repository is created, the protocol cannot be changed.

Access rules

NFSv4

1. Configure the file storage access rules:

   • available to all - the storage will be available to any IP address of the private subnet in which it is created;
   • access restricted - the storage will be available only to specific IP addresses or private subnets. If you create a file storage without rules, access will be restricted to all IP addresses.

2. If you selected Restricted Access, click Add Rule.

3. Enter the IP address or CIDR of the private subnet, select the access level.

   After creating the repository, you can configure new access rules.

CIFS SMBv3

1. Configure the file storage access rules:

   • available to all - the storage will be available to any IP address of the private subnet in which it is created;
   • access restricted - the storage will be available only to specific IP addresses or private subnets. If you create a file storage without rules, access will be restricted to all IP addresses.

2. If you selected Restricted Access, click Add Rule.

3. Enter the IP address or CIDR of the private subnet.

   After creating the repository, you can configure new access rules.

OpenStack CLI

1. Open the OpenStack CLI.

2. Create a file storage network:

   openstack share network create \
     --name <share_network> \
     --neutron-net-id <net_uuid> \
     --neutron-subnet-id <subnet_uuid>

   Specify:

   • <share_network> - name of the file storage network;
   • <net_uuid> - ID of the private or public network to which the file storage will be connected. The list of networks can be viewed using the command openstack network list;
   • <subnet_uuid> - Subnet ID. The list of subnets can be viewed with the command openstack subnet list.

3. Create file storage:

   openstack share create <share_protocol> <share_size>\
     --name <share_name> \
     --share-network <share_network_id> \
     --share-type <share_type_name> 

   Specify:

   • <share_protocol> - NFSv4 or CIFS SMBv3 file storage connection protocol;
   • <share_size> - file storage size in GB;
   • <share_name> - name of the file storage;
   • <share_network_id> - The ID of the file storage network you created in step 2. You can view the list of file storage networks using the command openstack share network list;
   • <share_type_name> - file storage type. The list of types can be viewed with the command openstack share type list.

Terraform

Use the Create File Storage instructions in the Terraform documentation.

7. Mount the file storage to the cloud server

The mount process depends on the operating system on the server and the file storage protocol: NFSv4 or CIFS SMBv3.

NFSv4

Linux

1. Connect to the cloud server.

2. Open the CLI.

3. Install the NFS protocol package:

   sudo apt install nfs-common

4. Create a folder to mount the repository:

   sudo mkdir -p /mnt/nfs

5. Mount the file storage:

   sudo mount -vt nfs "<filestorage_ip_address>:/shares/share-<mountpoint_uuid>" /mnt/nfs

   Specify:

   • <filestorage_ip_address> - IP address of the file storage. You can view it in control panel: in the top menu, click Products → File Storage → Storage page → tab Settings → field IP;
   • <mountpoint_uuuid> - The ID of the mountpoint. You can look in control panel: in the top menu, click Products → File Storage → Storage page → Block Connection → tab GNU/Linux.

Windows

To work with file storage from Windows, we recommend using file storage with CIFS protocol. If you want to mount the storage with NFSv4 protocol, install and use a client that supports this protocol, and then mount the file storage. To mount the file storage, refer to the documentation of the selected client.

The file storage works only with an NFS client of NFSv4 version. By default, Windows supports NFS client versions NFSv2 and NFSv3. For more information about NFS versions, see the Microsoft NFS Documentation Overview article.

CIFS SMBv3

Linux

1. Connect to the cloud server.

2. Install the CIFS protocol package:

   sudo apt install cifs-utils

3. Create a folder to mount the repository:

   sudo mkdir -p /mnt/cifs

4. Mount the file storage:

   sudo mount.cifs -o guest //<filestorage_ip_address>/share-<mountpoint_uuid> /mnt/cifs

   Specify:

   • <filestorage_ip_address> - IP address of the file storage. You can view it in control panel: in the top menu, click Products → File Storage → Storage page → tab Settings → field IP;
   • <mountpoint_uuuid> - The ID of the mountpoint. You can look in control panel: in the top menu, click Products → File Storage → Storage page → Block Connection → tab GNU/Linux.

Windows

1. Connect to the cloud server.

2. Open the CLI.

3. Mount the file storage:

   net use X: \\\\<filestorage_ip_address>\share-<mountpoint_uuid>

   Specify:

   • <filestorage_ip_address> - IP address of the file storage. You can view it in control panel: in the top menu, click Products → File Storage → Storage page → tab Settings → field IP;
   • <mountpoint_uuuid> - The ID of the mountpoint. You can look in control panel: in the top menu, click Products → File Storage → Storage page → Block Connection → tab Windows.