Amazon EFS

Written by

Yujin Boby

in

Amazon EFS can be used to mount same drive on multiple EC2 instances allowing you to make the website scale on multiple web servers.

To mount EFS drive on Ubuntu, you need to install

apt-get -y install nfs-common

To mount a EFS drive, run

mkdir /efs
mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 fs-YOUR-ID.efs.us-east-1.amazonaws.com:/ /efs

Here is fstab entry for auto-mounting the EFS file system on boot. In this example, the EFS filesystem is mounted as /efs directory.

root@ip-10-0-0-224:~# cat /etc/fstab 
LABEL=cloudimg-rootfs   /    ext4   defaults,discard    0 0
fs-4fg8d351.efs.us-east-1.amazonaws.com:/ /efs nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 0 0
root@ip-10-0-0-224:~#

Or

fs-a27131eb.efs.us-east-1.amazonaws.com:/ /efs nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev 0 0

Connection Error and Security Group

If you get an error like the following when trying to mount the EFS file system, you need to allow traffic between security groups used by EFS and EC2 on TCP port 2049.

root@ip-172-31-39-189:~# mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2            fs-021c514bd4d641fb3.efs.eu-central-1.amazonaws.com:/ /efs
mount.nfs4: Connection timed out for fs-021c514bd4d641fb3.efs.eu-central-1.amazonaws.com:/ on /efs
root@ip-172-31-39-189:~#

To connect to EFS, you need to edit the security group associated with your EFS mount target. This, you can find by going to 

EFS > Network

Here you will see all networks and associated security groups. Edit the security group and allow connection from the ec2 server security group

Add an Inbound Rule:

Type: NFS

Protocol: TCP

Port Range: 2049

Source: Select the security group associated with your EC2 instance, or use 0.0.0.0/0 for testing (though for security reasons, using the security group of your EC2 instance is recommended).

Security group associated with EC2 usually allows all outgoing traffic. If not, you may need to add a rule to allow traffic to EFS security group on TCP port 2049.

Create Dummy Data in Amazon EFS

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts