AWS EFS Windows

Elastic File System (EFS) from Amazon was introduced at the end of 2016 (at re:Invent 2016) and in fact adds great value to cloud compute services like EC2. If you are not aware of this new service, in short - it is file share that you can mount to your cloud (or even on-prem servers connected to your VPC through Direct Connect service). Simply saying you can do mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 :/ /tmp. This is copy/paste from AWS console with recommendation on mounting file share to Linux instance (of course you need to have NFS client with v4.1 support). And you can do this to multiple EC2 instances as well (even more - you can add this into Advanced details -> User's data for launching new instances with EFS attached by default for all new instances). Something like this:

However this is limitation, - MS Windows is not supported. So if you have either 2012 or 2016 or something else, you are not able to mount your EFS to it. Bad. Let's think wide and try to figure out available options. What if we can re-export mounted NFS as SMB share and map it to MS Windows of our choice?

NB! I do run the below commands as root, so if you are not, prepend sudo where applicable.

Setting up EFS

First of all make sure you are in the region, that supports AWS EFS. At the time of writing this post you are looking at 6 regions out of 14. Withing each region you can either allow or deny access to your share for each availability zone. Each AZ points to your security group(s). For the EFS availability we just need to open up to the world 2049 port (EC2 -> Security Group) and it is pre-defined in the list of protocols (just pick it and define your IP, CIDR or another Security Group). EFS creation takes some time, when done you should be able to see further instructions. For example for ubuntu just drop the following into your shell:


apt-get install -y nfs-common
mkdir /mnt/efs
mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 your-efs-fqdn:/ /mnt/efs

Just change your your-efs-fqdn to your output from the AWS -> EFS section. As I said earlier you can drop this boilerplate into User's data section of your EC2 launch, so your instance is going to access this share once ready.

Re-exporting NFS share for using in Windows

Now, when we have EFS mounted we want to give our Windows user's access to it's files. Let's do this using samba. Again, drop the following to your shell for installing SMB services in your ubuntu:


apt-get install -y samba samba-common python-glade2 system-config-samba
cp -pf /etc/samba/smb.conf /etc/samba/smb.conf.bak
cat /dev/null > /etc/samba/smb.conf
vim /etc/samba/smb.conf

If you don't have vim use texteditor of your choice (for example nano /etc/samba/smb.conf) and paste the following boilerplate (feel free to customize it if you need):


[global]
workgroup = WORKGROUP
server string = AWS-EFS-Windows
netbios name = ubuntu
dns proxy = no
socket options = TCP_NODELAY

[efs]
path = /mnt/efs
read only = no
browseable = yes
guest ok = yes

Save and start your samba by /etc/init.d/smbd restart. Just to make sure you have set the configuration file right testparm can help to validate it.


testparm /etc/samba/smb.conf
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[efs]"
Loaded services file OK.
Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

# Global parameters
[global]
    netbios name = UBUNTU
    server string = SMB-Server
    dns proxy = No
    idmap config * : backend = tdb


[efs]
    path = /mnt/efs
    read only = No
    guest ok = Yes
    

Our SMB is ready, let's move to Windows environment and map this share to some drive latter as "Add a network location".

Mapping AWS EFS to Windows

This is done for EC2 instances (but I am sure you can map SMB share from anywhere). Just make sure you have setup your security group accordingly (445 and 139 ports should be open between source and target). For the test purposes you can do quick script to fill up your folder with images from google and return back to your Windows and see if it has those files available for read. Drop something to this share from your Windows environment and check back from your Linux machine and it's available. Check further from other instances and see if this concept works.

Conclusion

There might be some performance issues with SMB, I am happy to hear back other creative ideas on how to re-export NFS share for Windows boxes.

That's it!


In short, this is about:
#efs
#amazon efs
#amazon

Start discussion:
Related articles:
122 what is possible with aws free tier preview
I made light talk on one of our recent #AWSRus community gathering in Moscow and decided to discover this topic with further series of posts in my blog covering various AWS services. ... more
about 1 month#free tier #amazon
81 mount aws s3 bucket to your el capitan preview
Learn how to mount S3 bucket to your Mac OS ... more
120 ec2 user data script example preview
Launching AWS EC2 can be supplied by something what is known as "user data" and it helps to have things ready before you access it. ... more
111 data backup and disaster recovery with aws preview
CloudAcademy webinar: how to use AWS services for Backup and DR challenges. I am presenter! ... more
118 how to send sms using amazon sns and python preview
Send text messages (SMS) with few lines of Python code using Amazon SNS and boto3 SDK. ... more
79 mount aws s3 bucket to your debian preview
In this very short tutorial we are going to mount S3 bucket from AWS to the local folder of Debian. ... more
88 amazon solutions architect associate exam preview
August, 9th, 2016 - passed my Amazon CSAA. Few tips I'd love to share here. ... more
61 amazon web services cloudfront with subdirectory preview
In this article we are going to set up CloudFront for static site. And there is nice tip how to nested content (i.e. subfolders) available. ... more
101 aws ec2 linux backup preview
Amazon Web Services (AWS) has its own AWS Linux AMI (also free tier). There are several reasons you want to use this AMI for your projects. ... more
110 awsrus russian st petersburg user group for aws preview
AWSRus — Official AWS User Group Russia (St. Petersburg). ... more
119 smtp server for notifications preview
AWS SES supports SMTP settings for sending through it-self. This is really helpful if we want to configure personal outbound server. ... more
117 seo friendly aws static website with ssl preview
It's been written many times, however there is no consistency how to make static web site with SSL and SEO friendly urls (301 redirect). Pure AWS based services static website ahead, check details inside! ... more
121 aws ec2 user data script windows preview
How to pre-deploy App using user data script for Windows OS with powershell powered script in EC2? Example inside. ... more