OSS vs NAS for shared storage of ERP document attachments in multi-region deployment

Cloud Platforms Alibaba Cloud
, , , , , , , ,
1

We’re designing the storage architecture for our ERP system deployment across three Alibaba Cloud regions (China East, China North, China South). The ERP system generates and stores various document attachments - purchase orders, invoices, contracts, quality certificates, etc. We’re debating between OSS and NAS for this shared storage layer.

Our requirements:

  • 50TB initial storage, growing 5TB per year
  • 500+ concurrent users across regions accessing documents
  • Mix of small files (100KB invoices) and large files (50MB technical drawings)
  • Need to integrate with existing ERP application (Java-based)
  • Documents must be accessible from web portal and mobile apps
  • 7-year retention for compliance
  • Budget-conscious but performance matters

I’m leaning toward OSS because it’s naturally multi-region and more cost-effective, but our infrastructure team prefers NAS because it provides POSIX file system semantics which might be easier for the ERP application to integrate. What are the real-world trade-offs? Has anyone implemented similar architectures and can share experiences?

2

From a cost perspective, the numbers strongly favor OSS for your use case. Based on your 50TB initial + 5TB/year growth over 7 years, you’re looking at 85TB total. With OSS Standard storage at around ¥0.12/GB/month, that’s about ¥10,200/month. Add in request costs and bandwidth (estimate 20% overhead), you’re around ¥12,000/month. NAS Performance type for 85TB would cost approximately ¥30,000-35,000/month. Even NAS Capacity type is ¥17,000-20,000/month. Plus, OSS lifecycle policies can move older documents to IA or Archive storage, potentially cutting costs by 50-70% for data older than 1 year. Over 7 years, that’s a difference of over ¥1.5 million. The cost savings alone justify the integration effort.

3

For concurrent read access, OSS actually outperforms NAS at scale because it’s designed for massive parallelism. Each object is independently accessible without file system locking overhead. For your 500+ concurrent users scenario, OSS would handle this better than NAS. However, you’re right about access control - OSS bucket policies are relatively coarse-grained. For complex ERP permission rules, you should implement access control in your application layer using RAM STS temporary credentials. The app authenticates the user, checks permissions against your business rules, then generates a time-limited STS token for OSS access. This gives you fine-grained control while leveraging OSS scalability.

4

I’d actually recommend considering both in a hybrid approach. Use NAS for documents that need frequent random access and modification (like active project files being edited by multiple users), and OSS for long-term archival and documents that are mostly read-only after creation. NAS provides better performance for small file operations and supports file locking, which matters if users are directly editing documents. OSS excels at scale and cost for archival scenarios. The challenge is managing the data lifecycle between the two tiers.

5

Let me share more details from our implementation to help your decision. We chose OSS for several strategic reasons beyond just cost:

OSS vs NAS Comparison for ERP Document Storage:

Concurrent Access Performance: In our testing with 800 concurrent users, OSS consistently delivered better throughput for document retrieval. The key is that OSS is object-based with no file system overhead - each document is independently accessible. We measured average retrieval times of 50-80ms for small files (invoices, POs) and 200-400ms for large files (technical drawings), even during peak loads. NAS performance degraded significantly beyond 300 concurrent connections due to file system locking and NFS protocol overhead.

Multi-Region Architecture: This is where OSS really shines for your three-region deployment. We implemented:

  • Primary OSS bucket in China East (main ERP region)
  • Cross-region replication to China North and South buckets
  • CloudFront/CDN integration for low-latency access from all regions
  • Users automatically routed to nearest bucket replica

With NAS, you’d need to set up NFS mounts across regions over Express Connect, which adds latency and complexity. Or run separate NAS instances with custom replication logic.

Access Control Implementation: You’re correct that OSS bucket policies aren’t sufficient for complex ERP permissions. Here’s our approach:

  1. Application-layer authorization: ERP application validates user permissions based on business rules
  2. STS temporary credentials: After validation, app requests STS token with scope limited to specific document paths
  3. Time-limited access: Tokens expire after 1 hour, forcing re-authentication
  4. Audit trail: All access logged through application and OSS access logs

This gives you fine-grained control (down to individual document level) while still leveraging OSS performance and scalability.

Integration Considerations: For Java-based ERP, the OSS SDK integration is straightforward. We wrapped the SDK in a document service abstraction layer:

  • Upload/download methods that handle multipart uploads for large files
  • Metadata management (document type, version, owner, etc.) stored in RDS
  • Caching layer (Redis) for frequently accessed documents
  • Async processing for thumbnail generation and format conversion

The abstraction layer means if you ever need to switch storage backends, you only change one component.

File Type Optimization: For your mix of small and large files:

  • Small files (invoices, POs): Use OSS Standard storage, excellent for frequent access
  • Large files (technical drawings): Consider OSS Infrequent Access if they’re rarely accessed after initial creation
  • Old documents (>2 years): Lifecycle policy to move to Archive storage automatically

This tiered approach optimized our costs by 60% compared to keeping everything in Standard storage.

Real-World Performance Numbers:

  • Average upload time: 150ms for 500KB invoice, 2.5s for 50MB drawing
  • Download time: 80ms for small files, 1.8s for large files (with CDN)
  • Concurrent user capacity: Successfully tested with 1200+ simultaneous users
  • Monthly cost: ¥8,500 for 65TB (using lifecycle policies)

When NAS Might Be Better: NAS would be preferable if:

  • Your ERP requires direct file system access (can’t modify to use object storage APIs)
  • Users need to mount storage directly to desktops for heavy editing workflows
  • You have applications that need POSIX file locking for concurrent editing
  • Your document workflow involves frequent small updates to existing files (OSS requires full object replacement)

For most ERP document attachment scenarios though, these aren’t typical requirements. Documents are usually created once and then read-only.

Our Recommendation: Go with OSS for your use case. The combination of multi-region support, cost efficiency, and scalability makes it the clear choice for ERP document attachments. The integration effort is well worth it - we completed our implementation in 6 weeks including testing. The key success factors were:

  1. Good abstraction layer in your application
  2. Implementing application-layer access control with STS
  3. Proper lifecycle policies for cost optimization
  4. CDN integration for multi-region performance

Happy to discuss more specific implementation details if you decide to go the OSS route.

6

The hybrid approach is interesting but adds complexity. One concern with pure OSS is the concurrent access patterns - when multiple users try to access the same document simultaneously (like viewing a shared contract during a meeting), how does OSS handle this compared to NAS? Also, what about access control? Our ERP has complex permission rules where document access depends on user roles, departments, and document types. Can OSS bucket policies handle this level of granularity, or do we need to implement access control in the application layer?