Using File Systems Across Regions Or Accounts

CFS

  • Updates and Announcements
    • Function Release Records
    • Product Announcement
      • Announcement on CFS Metric Adjustments
  • Product Description
    • Product Introduction
    • Basic concepts
    • Product features
    • Product specifications
    • Usage Limits and Recommendations
    • Selection Guide
      • How to Choose Between CFS and PFS
      • How to Choose Between CFS, BOS and CDS
    • Application scenarios
  • Product pricing
    • Pay-as-you-go
    • Storage package billing
    • Insufficient balance reminders and debt handling
    • Billing Cases
  • Quick Start
    • Getting Started Overview
    • Quick start (Linux)
    • Quick start (Windows)
  • Operation guide
    • Activate Service
    • Manage File System
      • Create file system
      • Delete a file system
      • View file system details
      • Set File System Capacity Upper Limit
    • Mount and Access
      • Add mount target
      • Mount and Unmount CFS on BCC
        • Mount and Unmount on Linux System
          • Mount and Unmount SMB Protocol CFS on Single BCC
          • Batch mounting and unmounting NFS CFS on multiple BCC
          • Mounting and unmounting NFS CFS on a single BCC
        • Mount and Unmount SMB Protocol CFS on Windows System
        • Mount CFS File System When Purchasing New BCC
      • Using CFS in CCE
    • Permission Group Management
    • Identity and access management
    • Data encryption
    • Management Tags
    • Backup
    • Monitor and Alarm
      • View monitoring
      • Alarm management
      • Metric definition
    • Cloud Audit
  • Typical Practices
    • Set Different User Permissions for Different Directories
    • Using File Systems Across Regions Or Accounts
    • Use SFTP to Upload and Download CFS File System Data
    • Use Rsync to Sync From Old File System to CFS File System
    • Best Practices for Managing CFS with Terraform
    • Performance Testing Methods
      • Linux System Performance Testing Methods
      • Windows System Performance Testing Methods
  • API Reference
    • API Function Update Records
    • API Overview
    • Interface Overview
    • General Description
    • Service domain
    • Error code
    • File System Related Interfaces
      • Create file system
      • Update file system
      • Query file system
      • Query mount client
      • Drop file system
      • Update file system tags
    • mount target Related Interfaces
      • Create mount target
      • Query mount targets
      • Delete mount target
    • Permission Group-related APIs
      • Create Permission Group
      • Update permission group
      • Query Permission Groups
      • Delete permission group
      • Create permission group rules
      • Update permission group rules
      • Query permission group rules
      • Delete permission group rule
    • Data type
  • Go-SDK
    • Overview
    • Initialization
    • File system
    • Mount target
    • Error handling
  • FAQs
    • Common Questions Overview
    • General Problems
    • Billing Problems
    • NFS protocol questions
    • SMB Protocol Issues
  • Service Level Agreement (SLA)
    • CFS Service Level Agreement (SLA)
All documents
menu
No results found, please re-enter

CFS

  • Updates and Announcements
    • Function Release Records
    • Product Announcement
      • Announcement on CFS Metric Adjustments
  • Product Description
    • Product Introduction
    • Basic concepts
    • Product features
    • Product specifications
    • Usage Limits and Recommendations
    • Selection Guide
      • How to Choose Between CFS and PFS
      • How to Choose Between CFS, BOS and CDS
    • Application scenarios
  • Product pricing
    • Pay-as-you-go
    • Storage package billing
    • Insufficient balance reminders and debt handling
    • Billing Cases
  • Quick Start
    • Getting Started Overview
    • Quick start (Linux)
    • Quick start (Windows)
  • Operation guide
    • Activate Service
    • Manage File System
      • Create file system
      • Delete a file system
      • View file system details
      • Set File System Capacity Upper Limit
    • Mount and Access
      • Add mount target
      • Mount and Unmount CFS on BCC
        • Mount and Unmount on Linux System
          • Mount and Unmount SMB Protocol CFS on Single BCC
          • Batch mounting and unmounting NFS CFS on multiple BCC
          • Mounting and unmounting NFS CFS on a single BCC
        • Mount and Unmount SMB Protocol CFS on Windows System
        • Mount CFS File System When Purchasing New BCC
      • Using CFS in CCE
    • Permission Group Management
    • Identity and access management
    • Data encryption
    • Management Tags
    • Backup
    • Monitor and Alarm
      • View monitoring
      • Alarm management
      • Metric definition
    • Cloud Audit
  • Typical Practices
    • Set Different User Permissions for Different Directories
    • Using File Systems Across Regions Or Accounts
    • Use SFTP to Upload and Download CFS File System Data
    • Use Rsync to Sync From Old File System to CFS File System
    • Best Practices for Managing CFS with Terraform
    • Performance Testing Methods
      • Linux System Performance Testing Methods
      • Windows System Performance Testing Methods
  • API Reference
    • API Function Update Records
    • API Overview
    • Interface Overview
    • General Description
    • Service domain
    • Error code
    • File System Related Interfaces
      • Create file system
      • Update file system
      • Query file system
      • Query mount client
      • Drop file system
      • Update file system tags
    • mount target Related Interfaces
      • Create mount target
      • Query mount targets
      • Delete mount target
    • Permission Group-related APIs
      • Create Permission Group
      • Update permission group
      • Query Permission Groups
      • Delete permission group
      • Create permission group rules
      • Update permission group rules
      • Query permission group rules
      • Delete permission group rule
    • Data type
  • Go-SDK
    • Overview
    • Initialization
    • File system
    • Mount target
    • Error handling
  • FAQs
    • Common Questions Overview
    • General Problems
    • Billing Problems
    • NFS protocol questions
    • SMB Protocol Issues
  • Service Level Agreement (SLA)
    • CFS Service Level Agreement (SLA)
  • Document center
  • arrow
  • CFS
  • arrow
  • Typical Practices
  • arrow
  • Using File Systems Across Regions Or Accounts
Table of contents on this page
  • Problem background
  • Basic principles
  • Steps for using file systems across regions
  • Select either the North China - Beijing or South China - Guangzhou region, and create a peering connection for the VPC
  • (Recommended) Enable DNS Synchronization, and use the mount target address to mount the file system across regions
  • (Optional) Disable DNS Synchronization, and use the mount target address to mount the file system across regions
  • Steps for using file systems across users

Using File Systems Across Regions Or Accounts

Updated at:2025-11-11

Problem background

In some scenarios, users may need to use file systems across different accounts and regions. Typical cases include the following:

  • A user has multiple Baidu AI Cloud accounts, and one account has purchased CFS and wants to share it with another account;
  • A user who has purchased a file system in one region and wants to access it from another region.

This usage method is generally not recommended due to the reliance on connecting networks across accounts or regions to address such needs. While this enables file system usage, it may pose data security risks and impact access performance. If this requirement is necessary, follow the steps outlined in this document.

Basic principles

The method introduced in this document uses the “VPC Peering Connection” feature of VPC. For detailed introductions to this feature, please refer to Document 1 and Document 2.

Steps for using file systems across regions

For example, suppose cross-region access to a file system is needed between "North China - Beijing" and "South China - Guangzhou." The file system is created in "South China - Guangzhou," and the VPCs requiring connection are named "test_vpc_bj" (Beijing) and "test_vpc_gz" (Guangzhou).

Select either the North China - Beijing or South China - Guangzhou region, and create a peering connection for the VPC

  1. Access the VPC instance management interface and select test_vpc_bj:

d518074bb8d424824dcefe3d5152438c.png

  1. On the Peering Connections page, click Create Peering Connection:

f17290cfa454b97e2163d32fe61ac9c3.png

  1. Select Same Account as the connection type, then choose the peer region and VPC, and set the maximum bandwidth:

Snipaste_2019-07-25_13-30-36.jpg

Note: If the CIDR blocks of the local VPC and the peer VPC overlap, ensure that the subnet segments of the virtual machines do not overlap, as this will lead to network conflicts.

  1. After successful creation, click the peering connection ID to access the details page, where you can view information such as the local region and the peer region.

bdf19524314aaa36822ce9446d8fcce0.png

4ee192edeb1126dde646fb87ceb273ee.png

  1. Add routing rules for the VPCs in the two regions. The destination of each rule should be the peer VPC segment or subnet segment:

25d161ca6fb94e1290b4742bf07e2152.png 8162099124592d681828850a52b51055.png

  1. Once the peering connection is established, you can ping the private IP address of a VM in the peer region's VPC from a VM in the local region's VPC to verify network connectivity. If the connection fails, review the security group rules.

Snipaste_2019-07-25_14-54-22.jpg

(Recommended) Enable DNS Synchronization, and use the mount target address to mount the file system across regions

  1. Enable DNS Synchronization for the peering connection:

a47b0dcbf945a6351459d990582459c6.png

  1. After confirming that the mount target address is reachable from the VM, mount the file system:

Snipaste_2019-07-25_15-08-59.jpg

(Optional) Disable DNS Synchronization, and use the mount target address to mount the file system across regions

If you cannot enable DNS Synchronization for the peering connection due to special reasons, you can mount the file system directly using the IP address.The risk of this method is that after a mount target is deleted, its IP address may be occupied by other newly created mount targets or services. This could lead to accessing the wrong file system or service, so use it with caution.

  1. On a VM in the region where the file system is located, use the host command to resolve the IP address corresponding to the mount target address:

Snipaste_2019-07-25_14-56-02.jpg

  1. On a VM in the other region, mount the file system using the resolved IP address:

Snipaste_2019-07-25_15-00-01.jpg

Steps for using file systems across users

The process for using a file system across accounts is almost identical to the steps for cross-region mounting, except for the establishment of a "Peering Connection.\

On the Create Peering Connection page, select Cross-Account as the type, then provide the Peer User ID and Peer Network (e.g., VPC ID).

32bce5857d01927846571dad0daceed6.png

After creating the peering connection, sign in to the other user’s account. On the Peering Connections management page of the corresponding VPC, you will see a Connection Request:

Snipaste_2019-07-25_15-24-49.jpg

Accept the connection request. The remaining steps are the same as those for cross-region usage:

Snipaste_2019-07-25_15-25-19.jpg

Previous
Set Different User Permissions for Different Directories
Next
Use SFTP to Upload and Download CFS File System Data