~ 5 min read

How to set up EFS and use with multiple instances in different VPCs

This academy article provides hands-on guidance on how you can set up an AWS EFS and use it with instances in different VPCs.

Table of Contents

Introduction

Creating an EFS file system

Access EFS from a different VPC

Conclusion

Other Articles in this series

Introduction

In our academy article - AWS EBS vs S3 vs EFS, we introduced the three storage services provided by AWS. We have already covered S3 and EBS services in our last two academy articles and now let’s dive into AWS EFS in this one!

EFS (Amazon Elastic File System) is a file based storage service from AWS. EFS provides a simple, serverless, set-and-forget elastic file system. It is scalable so removing and adding files makes it grow and shrink automatically. Many instances whether on AWS or on-premise can be attached to EFS. It allows for persistent storage and secure sharing of data.

In this article we will not only cover how to set up an EFS, but we’ll also see how you can access EFS from instances in a different VPC.

Creating an EFS file system

  1. Login to your AWS account ( https://aws.amazon.com/console/ )

  1. Open the Elastic File System console

Open the Elastic File System console

  1. Once the Elastic File System console opens select “Create File System”

“Create File System”‍

  1. Create File System dialogue box opens. Give a name for your file system

Give a name for your file system

  1. Select the VPC in which you want to create the EFS

Select the VPC in which you want to create the EFS‍

  1. Select the type of storage class you want for your EFS

EFS One Zone: One Zone storage classes store file system data and metadata redundantly within a single Availability Zone which makes it less expensive than Standard storage classes. Also we have to select the Availability Zone in which to use the EFS.

EFS One Zone

EFS Standard: Standard storage classes store file system data and metadata redundantly across all Availability Zones within an AWS Region

EFS Standard

  1. Click on “Create” and the EFS file system will be created successfully.

Create## Access EFS from a different VPC

In this section, we will create an EC2 instance with Ubuntu as the OS in a VPC that is different from where the EFS was created. We will use the EFS Mount helper which is part of the amazon-efs-utils set of tools.

  1. Create an EC2 Instance in a VPC different from where we created EFS in the previous section
  2. SSH into the EC2 instance created in the first step
  3. Give appropriate EC2 and EFS permissions to the role attached to this EC2 Instance
  4. Install amazon-efs-utils tool once you SSH into the EC2 instance. Follow the commands below for tool installation:

  1. To be able to access EFS from a different VPC, we will need to create a VPC peering connection between the VPC in which EC2 Instance is created and the VPC in which EFS is created. You can follow the AWS documentation for VPC peering within the same account https://docs.aws.amazon.com/vpc/latest/peering/create-vpc-peering-connection.html#create-vpc-peering-connection-local
  2. Now we need to determine the Availability Zone ID of the EC2 instance. After connecting to your instance from a local machine run the following command and we will get the ZoneId.

aws ec2 describe-availability-zones —zone-name curl -s <http://169.254.169.254/latest/meta-data/placement/availability-zone>

  1. After this, run the below command to find the mount target IP address in the same Availability Zone ID

aws efs describe-mount-targets —file-system-id <file_system_id>

  1. From the output of above command, note the IpAddress and add a line for the mount target IP address to the EC2 instance’s /etc/hosts file using the below command:

echo ” .efs..amazonaws.com” | sudo tee -a /etc/hosts

  1. Add rules to the VPC security groups for the EC2 instance and the EFS mount target to allow access to the EFS file system. You can refer to the following documentation: https://docs.aws.amazon.com/efs/latest/ug/network-access.html

  1. Mounting the file system

          a. Create a directory in your EC2 Instance using the following command:

sudo mkdir /mnt/efs/

          b. Now mount the file system using IAM authorization

sudo mount -t efs -o tls,iam /mnt/efs/

After running the above command you will have successfully mounted the EFS file system and can access the data from it from an instance in a different VPC

This way you can create multiple instances in different VPCs and mount the EFS file system to those instances.

Conclusion

EFS provides persistent storage and is somewhat like the Network Attached Storage (NAS) that we use. This article provides a step-by-step walkthrough of how you can create an EFS file system. It also covers how you can access EFS from your EC2 instances in a different VPC.

  1. AWS EBS vs S3 vs EFS: Differences & Use Cases
  2. How to set up an S3 bucket on AWS
  3. Create, attach, and detach EBS volumes

***

This article is brought to you by Kloudle Academy, a free e-resource compilation, created and curated by Kloudle. Kloudle is a cloud security management platform that uses the power of automation and simplifies human requirements in cloud security. Receive alerts for Academy by subscribing here.

;