Home / Questions / 459365
Accepted
moneyBox
Asked: 2022-06-04 18:42:20 +0800 CST 2022-06-04 18:42:20 +0800 CST

AWS - I can't map an EFS Service to my Instances

  • 772

I have a couple of instances created in the same VPC. Create an EFS to have a "store" in the pair of instances, likewise when creating the EFS I make sure to be in the same Region as where I create the EC2 Instances and on the same VPC.

Having already created the EFS and opening it with the "Associate" option, I observe the recommendations of the mount command , but when I do it in any of the two EC2 instances it keeps me thinking.... and it never mounts :'(

The Network options of the EFS resource have a security indicated as "sg-cd669dcb (default)", that when looking at it in the Security Groups, I see that the Input and Output ports are 100% open because it says: All Traffic (in both of them).

Anyway, I still can't mount the resource and I've run out of ideas :'(.... What do you recommend?

Update 06/16/2021

To have the AWS EFS better organized, in the security part I have removed the "default" and placed a security group called "nfs", which configures everything open like this:

Security group > nfs enter image description here

despite this I still can't mount it, not even from an EC2 instance, less from my own laptop :(

aws

1 Answers

  1. Best Answer

    The resolution was somewhat complicated from the point of view that Amazon has no information about this in its forums or in its documentation, in addition to the fact that it is not indicated anywhere as a warning about this action that I will mention to you.

    When you create an EFS store, you always give it a default name, for example "mydata". From this moment you already have your file storage ready for "according to access" via EFS or NFS, but there is actually a configuration that is not published in your visual console environment, but you have to Enable it in the JSON that you will see in the tab~ a of File System Policies .

    This section will show a JSON that does not tell you much , but only and only when you click on EDIT you will notice that there is a legend indicating "It is not allowed to mount the root".

    From this point you have 2 options:

    1. Create a mount point and this if you can mount it.
    2. If you don't want mount points and directly go to Root (which is my case), you should add this line. "elasticfilesystem:ClientMount"

    And ready with "elasticfilesystem:ClientMount" you can now mount the Root.

    Damn AWS.... you made me lose 2 weeks with this problem!

    • 0