Hey guys, below you can find notes about EFS , my recent video on YouTube. I hope you would like it. If you like what i am doing, please share and spread the word.
1) Stands for Elastic File System
2) It’s based on NFS [ Network File System ]
3) EFS is a shared file system for Linux only.
4) It can be shared between many EC2 Instances
5) By default EFS is only for the VPC it’s provisioned into, However with support for inter-region VPC
you can connect EC2 instances in one region to EFS file systems in another. This also helps to copy frequently-
accessed data across
regions to optimize performance, and synchronize data across AWS Regions for disaster recovery.
6) EFS can be accessed over VPN or Direct Connect.
Now Let’s start our Demo (Available on YouTube)
For this purpose i have already two EC-2 instances in N Virginia region with different subnets in AZ us-
east-1a and AZ us-east-1b If you are not sure how to create EC-2 instances please check my video about AWS
Make sure that Security group is same for both instances and communication is allowed among both EC-2
*Note about Security Group & DNS
1) Make sure VPC has DNS hostname & Resolution Enabled [If not you can go to VPC , click Action , then click
edit DNS hostname or resolution and select true.
2) EC-2 Instances have the same Security Group
3) Enable NFS TCP 2049 sg-06c1d9410caed84ec (itpings-secgrp-1) From local Security group Itpings
4) Also Make sure that when creating EFS , click on Customize and make sure the correct security groups are
Few things to remember about EFS
1) MAX IO is used for scaling and applications which require parallel operations and workloads.It has high
throughput but the drawback is it’s high latency
2) General purpose: it is the one we will be using by default and is fine for most of our needs.
Setting up EFS:
From AWS Console type EFS
Click Create File System
Then give it a name and select your VPC (In our case it will be ITpings VPC)
Click on Customzie [ Just to look at few things]
Then check the modes. Click next, click Create. Then on the Network tab, check if the mount points are
available. Wait for few mins.
Once available long in to your EC-2 instances
and issue the following command on both EC-2 instances we created ealier.
df -h to check if anything is mounted or not
Now we need to install amazon-efs-utils , but we are using centos7 we would need to build it. For this purpose
run the below script on both ec-2 instances as root
vim efs-utils.sh #!/bin/bash yum -y install git git clone https://github.com/aws/efs-utils cd efs-utils yum -y install rpm-build yum -y install make yum -y install rpm-build make rpm yum -y install ./build/amazon-efs-utils*rpm Change the permission chmod +x efs-utils.sh Now source the script as below
# source efs-utils.sh
Once installed confirm by giving the following command
[root@ip-10-1-4-181 efs-utils]# rpm -qa amazon-efs-utils
Create a mount point # mkdir -p /mnt/efs-mp
Now to make it permanent
fs-c4430b33:/ /mnt/efs-mp efs _netdev,tls 0 0
fs-c4430b33 is filesystem id we created in Amazon EFS
_netdev: It's helps to mount the nfs system when system reloads.
tls: transport layer security
If you receive the below error
[root@ip-10-1-5-54 centos]# mount /mnt/efs-mp/
WARNING: Your client lacks sufficient controls to properly enforce TLS. Please upgrade stunnel, or disable
“stunnel_check_cert_hostname” in /etc/amazon/efs/efs-utils.conf.
See https://docs.aws.amazon.com/console/efs/troubleshooting-tls for more detail.
and set from true to false
stunnel_check_cert_hostname = false
save and exit
Repeat the same on other instance
It should work
Create file and check on the both system.
Like us on Facebook: https://www.facebook.com/linuxking77
Like us on Instagram: https://www.instagram.com/linuxking77