Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Creating a single-node file server using the management console

Written by
Updated at November 27, 2025

To create an infrastructure for a single-node file server using the Yandex Cloud management console:

  1. Get your cloud ready.
  2. Create a security group.
  3. Create a virtual machine to host your file server.
  4. Set up Samba and NFS.
  5. Test your file server.

If you no longer need the resources you created, delete them.

Getting started

Sign up for Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or create a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure.

Learn more about clouds and folders here.

The cost for hosting a single node file server includes:

Prepare your network infrastructure

  1. Navigate to the Yandex Cloud management console and select a folder for your network infrastructure.
  2. Make sure the selected folder contains a network with a subnet you can connect your VM to. On the folder page, click Virtual Private Cloud. You will see the list of available networks. If the list contains at least one network, click it to see its subnets. If you cannot see any networks or subnets create them as required.

Create a security group

To create a security group for your file server:

  1. In the management console, select Virtual Private Cloud.

  2. Open the Security groups tab.

  3. Create a security group:

    1. Click Create security group.

    2. In the Name field, specify the security group name: fileserver-sg.

    3. In the Network field, select the network hosting the fileserver-tutorial VM.

    4. Under Rules, create the following rules using the instructions below the table:

      Traffic
      direction      		 Description Port range Protocol Destination name /
      Source      		 CIDR blocks
      Outbound any All Any CIDR 0.0.0.0/0
      Inbound ssh 22 TCP CIDR 0.0.0.0/0
      Inbound ext-http 80 TCP CIDR 0.0.0.0/0
      Inbound ext-https 443 TCP CIDR 0.0.0.0/0
      Inbound nfs 2049 TCP CIDR 0.0.0.0/0
      1. Select the Egress or Ingress tab.
      2. Click Add.
      3. In the Port range field of the window that opens, specify a single port or a port range for traffic to come to or from. To open all ports, click Select entire range.
      4. In the Protocol field, specify the required protocol or leave Any to allow traffic over any protocol.
      5. In the Destination name or Source field, select CIDR for the rule to apply to a range of IP addresses. In the CIDR blocks field, specify 0.0.0.0/0.
      6. Click Save. Repeat these steps to create all rules from the table.

    5. Click Save.

Create a virtual machine to host your file server

To create a VM:

  1. In the management console, select the folder where you want to create your VM.

  2. In the list of services, select Compute Cloud.

  3. In the left-hand panel, select Virtual machines.

  4. Click Create virtual machine.

  5. Select Advanced setup.

  6. Under Boot disk image, select the Ubuntu public image.

  7. Under Location, select an availability zone for your VM.

  8. Add a secondary disk for data storage:

    • Under Disks and file storages, click Add.

    • In the window that opens, select Disk.

    • Select Create new disk and specify the parameters:

      • Contents: Empty
      • Name: fileserver-tutorial-disk
      • Type: SSD
      • Size: 100 GB

    • Click Add disk.

  9. Under Computing resources, navigate to the Custom tab, select the platform and specify the file server parameters:

    • vCPU: 8 or more
    • Guaranteed vCPU performance: 100%
    • RAM: 56 GB or more

  10. Under Network settings:

    • In the Subnet field, enter the ID of a subnet in the new VM’s availability zone. Alternatively, select a cloud network from the list.

      • Each network must have at least one subnet. If there is no subnet, create one by selecting Create subnet.

      • If you do not have a network, click Create network to create one:

        • In the window that opens, specify the network name and select the folder where it will be created.
        • Optionally, enable the Create subnets setting to automatically create subnets in all availability zones.
        • Click Create network.

    • In the Public IP address field, select Auto to assign the VM a random external IP address from the Yandex Cloud pool. If you reserved a static IP address, you can select it from the list.

    • In the Security groups field, select the fileserver-sg security group you created earlier.

  11. Under Access, select SSH key and specify the VM access credentials:

    • In the Login field, enter a name for the user you want to create on the VM, e.g., ubuntu.

      Alert

      Do not use root or other reserved usernames. To perform operations requiring root privileges, use the sudo command.

    • In the SSH key field, select the SSH key saved in your organization user profile.

      If there are no SSH keys in your profile or you want to add a new key:

      1. Click Add key.

      2. Enter a name for the SSH key.

      3. Select one of the following:

        • Enter manually: Paste the contents of the public SSH key. You need to create an SSH key pair on your own.

        • Load from file: Upload the public part of the SSH key. You need to create an SSH key pair on your own.

        • Generate key: Automatically create an SSH key pair.

          When adding a new SSH key, an archive containing the key pair will be created and downloaded. In Linux or macOS-based operating systems, unpack the archive to the /home/<user_name>/.ssh directory. In Windows, unpack the archive to the C:\Users\<user_name>/.ssh directory. You do not need additionally enter the public key in the management console.

      4. Click Add.

      The system will add the SSH key to your organization user profile. If the organization has disabled the ability for users to add SSH keys to their profiles, the added public SSH key will only be saved in the user profile inside the newly created resource.

  12. Under General information, specify the VM name: fileserver-tutorial.

  13. Click Create VM.

It may take a few minutes to create the VM. When the VM status switches to RUNNING, copy the public IP address from the Network section on the VM page. You will need it later to configure NFS and Samba.

Set up Samba and NFS

After the fileserver-tutorial VM enters the RUNNING status, run:

  1. On the VM page of the management console, under Network, find the VM's public IP address.

  2. Connect to the VM over SSH.

    We recommend using a key pair when authenticating over SSH. Make sure to set up the created key pair so that the private key matches the public key sent to the VM.

  3. Configure Samba and NFS:

    1. Download and install Samba:

      sudo apt-get update
sudo apt-get install nfs-kernel-server samba

    2. Prepare and mount the file system on the disk:

      sudo mkfs -t ext4 -L data /dev/vdb

    3. Prepare and mount a folder named my_folder for data storage on the disk:

      sudo mkdir /my_folder
echo "LABEL=data /my_folder ext4 defaults 0 0" | sudo tee -a /etc/fstab
sudo mount /my_folder

    4. Set the NFS configuration in the /etc/exports file. You can edit the file using nano:

      sudo nano /etc/exports

      Add the following lines to the file:

      /my_folder <IP_address>(rw,no_subtree_check,fsid=100)
/my_folder 127.0.0.1(rw,no_subtree_check,fsid=100)

      Where <IP_address> is the IP address of the computer you are going to connect the network data disk to via NFS.

    5. Set the Samba configuration in the /etc/samba/smb.conf file. You can edit the file using nano:

      sudo nano /etc/samba/smb.conf

      Edit the file as follows:

      [global]
   workgroup = WORKGROUP
   server string = %h server (Samba)
   dns proxy = no
   log file = /var/log/samba/log.%m
   max log size = 1000
   syslog = 0
   panic action = /usr/share/samba/panic-action %d
   server role = standalone server
   passdb backend = tdbsam
   obey pam restrictions = yes
   unix password sync = yes
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
   pam password change = yes
   map to guest = bad user
   usershare allow guests = yes
[printers]
   comment = All Printers
   browseable = no
   path = /var/spool/samba
   printable = yes
   guest ok = no
   read only = yes
   create mask = 0700
[print$]
   comment = Printer Drivers
   path = /var/lib/samba/printers
   browseable = yes
   read only = yes
   guest ok = no
[data]
   comment = /my_folder
   path = /my_folder
   browseable = yes
   read only = no
   writable = yes
   guest ok = yes
   hosts allow = <IP_address> 127.0.0.1
   hosts deny = 0.0.0.0/0

      Where <IP_address> in the [data] section is the IP address of the computer you are going to connect the network data disk to via NFS.

    6. Restart Samba and NFS:

      sudo service nfs-kernel-server restart
sudo service smbd restart

Test your file server

  1. Install ACL on the fileserver-tutorial VM:

    sudo apt install acl

  2. Create a directory named remote and a file named test.txt on the fileserver-tutorial VM:

    sudo mkdir /my_folder/remote
sudo setfacl -m u:<your_username>:rwx /my_folder/remote
echo "Hello world!" > /my_folder/remote/test.txt

  3. Connect the network disk to your computer via NFS and check if the test file is available:

    If needed, install the network disk utility:

    sudo apt-get install nfs-common

    Create a mount point:

    sudo mkdir /remote-test-dir

    Attach a network disk:

    sudo mount -t nfs <VM_public_IP_address>:/my_folder /remote-test-dir

    As as result, the test directory and the file should become available at the mount point.

    Note

    You may need to configure Windows security policies for access to the file server.

    1. Run the cmd.exe utility. To do this, use the Windows + R keyboard shortcut and run the cmd command.

    2. From the command line, run:

      net use x: \\<VM_public_IP_address>\data

    This will create a disk X with the test directory and file.

How to delete the resources you created

To stop paying for the resources you created:

  1. Delete the VM.
  2. Delete the static public IP address if you reserved one.

See also

Previous
Overview
Next
Terraform