AWS EFS (Elastic File System)

Hey guys, below you can find notes about EFS , my recent video on YouTube. I hope you would like it. If you like what i am doing, please share and spread the word.

Thanks,
Salman

EFS
1) Stands for Elastic File System
2) It’s based on NFS [ Network File System ]
3) EFS is a shared file system for Linux only.
4) It can be shared between many EC2 Instances
5) By default EFS is only for the VPC it’s provisioned into, However with support for inter-region VPC
peering,
you can connect EC2 instances in one region to EFS file systems in another. This also helps to copy frequently-
accessed data across
regions to optimize performance, and synchronize data across AWS Regions for disaster recovery.
6) EFS can be accessed over VPN or Direct Connect.

Now Let’s start our Demo (Available on YouTube)
For this purpose i have already two EC-2 instances in N Virginia region with different subnets in AZ us-
east-1a and AZ us-east-1b If you are not sure how to create EC-2 instances please check my video about AWS
EC-2 Refresher.
Make sure that Security group is same for both instances and communication is allowed among both EC-2
instances.
*Note about Security Group & DNS
1) Make sure VPC has DNS hostname & Resolution Enabled [If not you can go to VPC , click Action , then click
edit DNS hostname or resolution and select true.
2) EC-2 Instances have the same Security Group
3) Enable NFS TCP 2049 sg-06c1d9410caed84ec (itpings-secgrp-1) From local Security group Itpings
4) Also Make sure that when creating EFS , click on Customize and make sure the correct security groups are
chosen.

============================================================
Few things to remember about EFS
1) MAX IO is used for scaling and applications which require parallel operations and workloads.It has high
throughput but the drawback is it’s high latency
2) General purpose: it is the one we will be using by default and is fine for most of our needs.
Setting up EFS:
From AWS Console type EFS
Click Create File System
Then give it a name and select your VPC (In our case it will be ITpings VPC)
Click on Customzie [ Just to look at few things]
Then check the modes. Click next, click Create. Then on the Network tab, check if the mount points are
available. Wait for few mins.
Once available long in to your EC-2 instances
and issue the following command on both EC-2 instances we created ealier.
df -h to check if anything is mounted or not
Now we need to install amazon-efs-utils , but we are using centos7 we would need to build it. For this purpose
lets
run the below script on both ec-2 instances as root

vim efs-utils.sh

#!/bin/bash
yum -y install git
git clone https://github.com/aws/efs-utils
cd efs-utils
yum -y install rpm-build
yum -y install make
yum -y install rpm-build
make rpm
yum -y install ./build/amazon-efs-utils*rpm

Change the permission
chmod +x efs-utils.sh 
Now
source the script as below
# source efs-utils.sh
Once installed confirm by giving the following command
[root@ip-10-1-4-181 efs-utils]# rpm -qa amazon-efs-utils
amazon-efs-utils-1.29.1-1.el7.noarch
Create a mount point
# mkdir -p /mnt/efs-mp
Now to make it permanent

vim /etc/fstab
fs-c4430b33:/ /mnt/efs-mp efs _netdev,tls 0 0
Note: 
fs-c4430b33 is filesystem id we created in Amazon EFS
_netdev: It's helps to mount the nfs system when system reloads.
tls: transport layer security

Now mount
mount /mnt/efs-mp
If you receive the below error

[root@ip-10-1-5-54 centos]# mount /mnt/efs-mp/


WARNING: Your client lacks sufficient controls to properly enforce TLS. Please upgrade stunnel, or disable
“stunnel_check_cert_hostname” in /etc/amazon/efs/efs-utils.conf.
See https://docs.aws.amazon.com/console/efs/troubleshooting-tls for more detail.

[root@ip-10-1-5-54 centos]#
vim /etc/amazon/efs/efs-utils.conf
and set from true to false
stunnel_check_cert_hostname = false
save and exit

Repeat the same on other instance

mount /mnt/efs-mp

It should work
Create file and check on the both system.
Done !!!

Thanks,

Salman Francis

Website: https://www.tekco.net

Like us on Facebook: https://www.facebook.com/linuxking77

Like us on Instagram: https://www.instagram.com/linuxking77

Twitter: @linuxking77

reddit: u/linuxking77

Leave a Comment

Your email address will not be published. Required fields are marked *