Hosting WordPress files on Elastic File System across multi-AZ

What is Amazon’s Elastic File System?

Amazon Elastic File System (EFS) is a storage system that lets you share files across multiple resources, such as EC2 instances. The storage system can be provisioned to be available in multiple availability zones, or a single availability zone.  EFS is perfect for when sharing files, like web files, across multiple servers.  Additionally, with EFS you only pay for the resources that you use. This is different from an EBS volume where you pay for the allocated amount of storage.  Broadly there are two pricing options: (1) EFS One Zone ($0.043/GB-month), and (2) EFS Standard ($0.08/GB-month) – pricing in US East 1 as of 7/8/2021.  Additionally, apply a lifecycle policy to automatically move infrequently used files to cheaper storage.

Provisioning an Elastic File System

Creating an EFS storage is very simple using the EFS console.  Navigate to the EFS console from the Services dropdown, or searching for EFS from the top navigation.  Once the EFS console loads, double check that you are in the region of choice. For example, if your instances are in us-east-1, choose the same region from the Region dropdown at the top right. Next, click on create file system and provide a name for your storage.  Then choose the VPC where your instances are located and type of Availability & Durability. In the example below, I have chosen Regional as I will be mounting the EFS on EC2 instances in two AZ (us-east-1a and us-east-1f).

Provison new EFS

Creating a Security Group

Once your EFS is provisioned, we need to create a Security Group to allow access from your EC2 instances to your EFS.  Navigate to the EC2 console, and select Security Group from the menu on the left.  Create a new Security Group to allow  inbound NFS traffic from your EC2 instance’s Security Group.

Configure Security Group for NFS access

Adding Mount Targets for your EFS

Now that you have created a Security Group, lets add Mount Targets so that we can mount your EFS on the EC2 instances. Navigate to the EFS console and click on the name of the EFS you just created. From the details page, select the Network tab and click Create Mount Target.  For each availability zone you wish to mount your EFS, add an availability zone and assign the Security Group you just created in the previous step.

Set up mount targets for EFS

Migrating your files to EFS (optional)

If you already have a web server running, such as a WordPress site, then follow these steps to migrate the files over.  Otherwise, you can safely skip this step and move on to mounting your EFS on boot and start adding files.

In order to migrate your files, first connect to your EC2 instance and install the EFS mount helper (Assuming Amazon Linux 2 here, but see link under Resources & References for install on other Linux flavors).

sudo yum install -y amazon-efs-utils

Next, we are going to create a temporary target folder to mount the EFS.

sudo mkdir /efs

We’ll next mount our new EFS using the EFS mount helper.

sudo mount -t efs -o tls fs-XXXXXXXXXXX /efs/

Remember to change the fs-XXXXXXXXXXX to your EFS ID. Also, here we are using the TLS option for an encrypted connection. However you can remove this option if you do not require an encrypted connection between your EC2 and EFS.

Now that the EFS is mounted, lets update the folder ownership so that we can write to it.

sudo chown ec2-user:apache /efs

Then we can copy the contents of our web folder.

cp -a /var/www/html/. /efs

The copying may take a few minutes depending on the size of your files and network latency.  Once the copying is completed, I always like to re-apply the correct permissions to the folders. This is helpful if you are hosting a WordPress site as media upload may fail due to permission errors.

sudo chown -R ec2-user:apache /efs
sudo chmod 2775 /efs && find /efs -type d -exec sudo chmod 2775 {} \;
find /efs -type f -exec sudo chmod 0664 {} \;

The only thing left now is to clean up.  We’ll first unmount the EFS and remove the temporary target folder. Remember, if your current working directory is inside the EFS mount, you must move out in order to unmount or you will receive a busy error (a simple cd ~ will do).

sudo umount /efs

sudo rm -rf /efs

Configuring /ets/fstab for automatic mounting

If you have completed the migration step, or this is a brand new setup then we are ready to configure your EC2 instance to mount the drive automatically. To do this, we will edit the /etc/fstab file as seen below (feel free to use an editor of your choice).

sudo vi /etc/fstab

Add the following line to the very end of the file.

fs-XXXXXXXXXXX:/ /var/www/html efs _netdev,tls 0 0

Save and close the file. Now you can reload your /etc/fstab by running sudo mount -a or simply rebooting sudo reboot. Finally, confirm that your files are there (if you migrated) and folder and file permissions are correct.

Lastly, if the instance you modified is part of an EC2 auto scale group, or just a target group for a load balancer, don’t forget to register any new instances or create a new image so that the EC2 instances will correctly refresh.

There you go! Now you have an Elastic File System provisioned and configured to automatically mount on your EC2 instance. That’s it for this tutorial! I hope this has been helpful and if you have any questions or need assistance with managing your cloud environment, contact us for a free consult!