Amazon Elastic File System (EFS) | Overview & Hands-On.

An overview & Hands-On for Amazon Elastic File System (EFS)

Focus:

• Tailored for Devops, DevSecops & Cloud Engineers.

Breakdown:

• Intro,
• Key Features of AWS EFS,
• Common Use Cases for Amazon EFS,
• When to Use EFS vs. Alternatives,
• Difference between Amazon EFS (Elastic File System) and NFS (Network File System),
• Hands-On.

Intro:

• Amazon EFS (Elastic File System) is a scalable, fully managed NFS-based file storage service designed for use with AWS Cloud services and on-premises resources.
• Amazon EFS (Elastic File System) provides shared, elastic file storage that can grow or shrink automatically as twtech adds or remove files.

 Key Features of AWS EFS

• Fully managed – No infrastructure to manage.
• Elastic scaling – Automatically scales storage up/down.
• POSIX-compliant – Works like a traditional Linux file system.
• Multi-AZ availability – Designed for high availability and durability.
• Shared access – Supports simultaneous access from thousands of EC2 instances.
• Encryption – Supports encryption at rest and in transit.
• Performance modes – General Purpose and Max I/O.
• Throughput modes – Bursting and Provisioned.

Common Use Cases for Amazon EFS

1. Web Serving and Content Management

• Shared file storage for web servers (e.g., WordPress with EC2 Auto Scaling).
• Store images, videos, and assets that need to be accessed by multiple instances.

2. Lift-and-Shift Applications

• Supports legacy applications that require file system access with NFS.
• No need to refactor apps to use object storage (like S3).

3. Big Data and Analytics

• Store large datasets used by Hadoop, Spark, and analytics tools.
• Provides low-latency access and parallel read/write.

4. Machine Learning and AI Workloads

• Share datasets across multiple ML training jobs and instances.
• Useful for distributed training or batch inference.

5. Container Storage (EKS, ECS)

• Persistent storage for Kubernetes pods using EFS CSI driver.
• Ideal for microservices that require shared storage.

6. CI/CD Pipelines

• Share build artifacts and test results across build agents.
• Efficient for DevOps environments where multiple workers need access.

7. Backup and Restore

• Use AWS Backup with EFS for simple and automated file system backups.
• Useful for applications that generate daily data dumps or logs.

8. Media Processing Workflows

• Store raw and processed media files.
• Simultaneous access from rendering or transcoding applications.

 When to Use EFS vs. Alternatives

Use Case	Use EFS	Use EBS	Use S3
Shared access by multiple EC2s	✅ Yes	❌ No	✅ Yes (via SDKs, not NFS)
NFS file system support	✅ Yes	❌ No	❌ No
High performance block storage	❌ No	✅ Yes	❌ No
Long-term archival	❌ No	❌ No	✅ Yes (S3 Glacier)
Cost-sensitive object storage	❌ No	❌ No	✅ Yes

The difference between Amazon EFS (Elastic File System) and NFS (Network File System) lies in their nature, scope, and implementation.

 What They Are

Aspect	Amazon EFS	NFS (Network File System)
Type	Fully managed cloud service	File system protocol
Provider	AWS	Open standard (RFCs)
Purpose	Scalable, shared file storage in  AWS	Protocol for sharing files over a network

 Key Differences

Feature	Amazon EFS	NFS
Nature	A managed storage service that uses NFS behind the scenes	A file-sharing protocol (v2, v3, v4) used to mount remote file systems
Setup	No server management; AWS handles everything	Requires you to set up and manage your own NFS server
Scalability	Automatically scales storage and performance	Must manually scale server, storage, and performance
Availability	Multi-AZ high availability (EFS Standard)	Depends on how twtech configure its NFS server
Performance Modes	General Purpose or Max I/O modes	Performance is limited to server/network/hardware configuration
Security & Compliance	Integrated with IAM, VPC, KMS encryption, AWS Backup	You manage authentication, access, and security policies manually
Access	Mount via NFSv4.1 or v4.2 on Linux	Mount via NFS (various versions), on-prem or cloud
Use Case	Cloud-native apps, serverless, containers, multi-instance workloads	Legacy or on-prem applications requiring file-level storage
Cost Model	Pay-as-you-go, based on usage	Hardware/software costs, plus ongoing admin overhead

twtech-Summary

• Amazon EFS = a fully managed Protocol of NFS file system in the cloud 
• NFS = a file access protocol, commonly used in on-prem and DIY environments.
• twtech thinks of EFS as "NFS service" 
• AWS abstracts EFS away the server and scaling management so twtech can focus on using the file system.

Project: Hands-On 

• How twtech create within its landscape (environment) to provide shared elastic file storage.

Step-1:

• Search for aws service: EFS

Step-2:

• Create file system

• set Customerize settings: 

• Remember, this setting is only  for the dev environment.

• The following configuration is good for the Prod environment with high availabilty:  
• twtech Automatically backup the file system data with AWS Backup using recommended settings.
•  Additional pricing applies.
• twtech recommends that automatic backups  be enabled.

• For Lifecycle management:  
• twtech Automatically saves money.
• Access patterns change by moving files into the Infrequent Access (IA) or Archive storage class. 

• Encryption 
• twtech chooses to enable encryption of file system's data at rest. 
• Uses the AWS KMS service key (aws/elasticfilesystem) by default.

• Performance settings
• Throughput mode 
• twech Chooses a method for the file system's throughput limits.

Additional settings

• Performance mode 
• twtech sets the file system's performance mode based on IOPS required. File systems using Elastic throughput mode only support General Purpose performance mode.

• Tags optional

• Network access
• twtech creates a specific security group to be used in the EFS:  twtech-efs-SG

• twtech sets inbound rules: defaults

• Step-3:
• twtech returns to EFS UI.
• Select the EFS security group created to continue: twtech-efs-SG

• File system policy - optional
• Policy options

twtech reviews configuration and create the efs: twtech-efs

Step-4:

• created the EFS.

• Step-5:
• Acess the Details of EFS created: twtech-efs 

Step-6:

• twtech lunches instances and attaches (mounts) efs to ec2-instances: twtech-web-server

• Select the vpc and subnet that correspond to the AZ of the efs: us-east-2b

• Configure inbound rules:

Step-7:

• twtech Goes to the efs console Network tab to verify whether the status is: Available (Ready to mout to instances)
• Yes: Available.

Step-8:

• twtech goes back to ec2-console (UI) To: Make sure the instances are running.

Step-9:

• twtech goes to the Security group to verify that needed security group was created allows the NFS protocol in port 2049: efs-SG
• Yes: EFS-1 & EFS-2

Step-9:

• twtech double-checks that the Security group (efs-SG) created allows the NFS protocol in: port 2049

Step-10:

twtech Accesses its instances (twtech-web-server) created without key pair:

Step-11:

• twtech log in: to create and mount the path to the efs from comman line interface (CLI)

Step-12:

• Verify any existing efs mount points: CLI

ls /mnt/efs/fs1

• No mount point exist

Step-13:

• twtech creates a mount point with files:
• twtech needs to Elevate itself with the rights to create mount point using the command:  
• twtech Must to run the command as a root user

sudo su

Step-14:

• twtech append (adds to content) or redirect(overites content) some text in the nfs file:

echo "twtech devsecops world" >> /mnt/efs/fs1/twtech-greetings.txt

Step-15:

• twtech Verifies the content of the file in the twtech-db-server: /mnt/efs/fs1/twtech-greetings.txt

cat /mnt/efs/fs1/twtech-greetings.txt

NB:

• When twtech also cat the same mounted file in another instance(twtech-web-server)  the content will display same.

cat /mnt/efs/fs1/twtech-greetings.txt

Step-16:

• How twtech deletes unwanted efs.

• twtech Confirms and delete by entering the:  efs ID