Storage devices that are external and/or remote from your local computer are called network drives. These drives can be used as a common software repository, for file sharing, for house forwarded security or application logs and more. Amazon offers a fully managed service called Amazon Elastic File System (EFS) that is scalable and as its name suggests, is elastic, meaning it has the ability to increase and decrease in size as needed.
Amazon’s EFS is a region-locked service. This means compute instances within a single region can connect to and share data stored on EFS with other compute instances regardless of which Availability Zone they inhabit within the region. Customers who need to connect their on-premise machines to EFS can do so using AWS VPN or via AWS Direct Connect.
The following steps show how to create and to connect to an Elastic File System.
Create the Security Groups
1. Log into the AWS Console with an account with admin rights or with rights to manipulate EC2, VPC services.
2. Navigate to the VPC Dashboard.
3. Select the region closest to where you physically reside, for instance, us-east-1 (N. Virginia).
4. On the left side of the screen, under the Security header, select Security Groups.
Two security groups are required for this exercise. One security group allows inbound SSH access to the EC2 instance, and another opens port 2409/TCP to the EFS file system.
5. Select Create Security Group.
6. Fill out the Create Security Group page with the following details.
7. Under Inbound rules, select the Add Rule bottom.
8. Under Type, use the pull-down menu, and select SSH. Also, ensure All Traffic is selected under Outbound rules.
9. Select Create Security Group.
10. Follow the above instructions to create another security group. Fill in these basic details.
11. Under Inbound rules, in the Type field, select NFS.
12. Ensure Custom is selected under Source, and in the field to the right of Custom, select the security group created to provide SSH-access.
13. The rules should look like the following.
14. Select Create Security Group.
Create the EFS file system
- Select Services from the top menu, and type in ‘EFS’ to go to the EFS Dashboard page.
2. Select Create file system.
3. Make sure the default VPC is selected in the configuration screen.
4. Select Create.
5. The file system was created with these defaults, but they can be reconfigured as needed by selecting the Edit button.
6. Select the Network tab in the middle of the page, and verify the Mount target status for each Availability Zone is Available.
Create the EC2 Instance
- Navigate to the EC2 Dashboard page by selecting Services and then EC2, which is found under Computer.
2. Select Launch Instance.
3. Select Amazon Linux 2 AMI.
4. Select t2.micro, and then select Next.
5. Verify the Network and Subnet fields are configured as below.
6. Under File systems, select the Add file system button.
7. Select the file system previously created.
Note: The path name (/mnt/efs/fs1) can be modified if needed, but do make any modifications.
8. Select Next: Add Storage.
9. Select Next: Add Tags.
10. Select Next: Configure Security Group.
11. Choose Select an existing security group, and then select the security group that provides SSH access.
12. Select Review and Launch.
13. Select Launch.
14. Choose an existing key pair, then select the I acknowledge check box.
Verify the File System Mount
15. Select View Instances.
16. Select the newly created EC2 instance, and then select Connect.
17. Issue the df -T -h command, and the output shows the mounted file system /mnt/efs/fs1.
Remove This Environment
1. Right mouse click on the EC2.
2. Select Instance State then Terminate.
3. On the EFS dashboard page, select the EFS, and select Delete.
4. Enter in the name of the filesystem, and select Confirm.