Deploying EFS On Aws Using Terraform

Gupta Aditya
5 min readJan 14, 2023

Hey guys hope you all are doing good today we are going to deploy EFS on aws in my this article we have to deploy Ebs and cloud front and many other things I would like to suggest to read the previous article if not yet read in that article we have used Ebs in there are some limitation of Ebs at it can be attached to the single instance so management can be tough but in case of efs you can create one efs and attach it to subnets so whenever you launch any instance in subnets and if efs is attached to that subnet you can mount any required folder and access that folder from any instance launched in mounted subnets.

Creating a key, launching bucket, CloudFront and integrating Jenkins is covered in the previous article in this article we see how to create efs and attach to instance here I try to do a maximum thing from terraforming code so we don’t have to use web Ui which is generally good practice because we don’t get access to web UI every time.

I am considering you have basic knowledge of AWS, Terraform, watched my previous article, and setup aws profile from using AWS cli.

let’s get started first of all create a folder with any name and create one file with any name extension should be .tf tr you can download from git repo attached at the end.

So first we create provider in code for that type following code

provider “aws” {

region = “ap-south-1”

profile = “default”

}

After this, we create Vpc and in vpc, we create a subnet and in that, we attach an internet gateway with help of route table if want to know more about this in detail can read this article.

For creating vpc, subnet, internet gateway and route table use the following code

resource “aws_vpc” “foo” {

cidr_block = “192.168.0.0/16”

enable_dns_hostnames = “true”

tags = {

Name = “terra”

}

}

resource “aws_subnet” “alpha” {

vpc_id = “${aws_vpc.foo.id}”

availability_zone = “ap-south-1a”

cidr_block = “192.168.0.0/24”

map_public_ip_on_launch = “true”

tags = {

Name = “public”

}

}

resource “aws_internet_gateway” “gw” {

vpc_id = “${aws_vpc.foo.id}”

tags = {

Name = “main”

}

}

resource “aws_route_table” “r” {

vpc_id = “${aws_vpc.foo.id}”

route {

cidr_block = “0.0.0.0/0”

gateway_id = “${aws_internet_gateway.gw.id}”

}

tags = {

Name = “newgateway”

}

}

resource “aws_route_table_association” “a1” {

subnet_id = aws_subnet.alpha.id

route_table_id = aws_route_table.r.id

}

Once this complete we will make Efs and attach it to subnet for that use the following code

resource “aws_efs_file_system” “foo1” {

creation_token = “EFS Shared Data”

performance_mode = “generalPurpose”

tags = {

Name = “EFS Shared “

}

}

resource “aws_efs_mount_target” “alpha” {

file_system_id = “${aws_efs_file_system.foo1.id}”

subnet_id = “${aws_subnet.alpha.id}”

security_groups = [“${aws_security_group.ServiceSG.id}”]

}

After this we create a Security group and Launch instance and save efs id and instance public IP in the text file so that we can use it for ssh.

resource “aws_security_group” “ServiceSG” {

name = “ServiceSG”

description = “Security for allowing ssh and 80”

vpc_id = “${aws_vpc.foo.id}”

ingress {

from_port = 0

to_port = 0

protocol = “-1”

cidr_blocks = [“0.0.0.0/0”]

}

egress {

from_port = 0

to_port = 0

protocol = “-1”

cidr_blocks = [“0.0.0.0/0”]

}

}

resource “aws_instance” “myin” {

ami =”ami-0447a12f28fddb066"

instance_type = “t2.micro”

availability_zone = “ap-south-1a”

key_name = “webserver”

vpc_security_group_ids = [“${aws_security_group.ServiceSG.id}”]

subnet_id= “${aws_subnet.alpha.id}”

user_data = <<-EOF

#! /bin/bash

sudo yum install httpd -y

sudo yum install git -y

sudo yum install java -y

sudo systemctl start httpd

sudo systemctl enable httpd

sudo yum install -y amazon-efs-utils

sudo su — root

EOF

tags = {

Name = “adityaos”

}

}

resource “null_resource” “nulllocal1” {

provisioner “local-exec” {

command = “echo ${aws_instance.myin.public_ip} > publicipinsctance.txt”

}

}

resource “null_resource” “nulllocal2” {

provisioner “local-exec” {

command = “echo ${aws_efs_file_system.foo1.id} > efsid.txt”

}

}

Guys to launch the cloud front, S3, and create a private key approach are in this article.

Once you write the code run the following command inside the folder:-

terraform init -to install necessary plugins

terraform plan-to go through code and give plan what is to be created

terraform apply or terraform apply -auto-approve — to launch on aws

After this command inside the folder, you see two text file with instance public IP and efs id take instance IP and connect through ssh

and to mount the folder write the following code

sudo su — root -to switch user from ec2-user to root

mount -t efs efs_id:/ folder you want to mount -to mount file to efs

Above we are mounting /var/www/html folder to NFS

To check use df -hT

Some more screenshots Efs, instance,vpc and subnet created

Note Efs is not free so be careful while using it.

Once all this is done you can use

terraform destroy or terraform destroy -auto-approve

I am providing full code in Github repo which we see in parts above and also provide Github repo link for the previous article.

Previous article Github repo.

Thanks for reading the article till here I hope you all like the article.

--

--