With this tutorial we'll try to make two EC2 instances share the same EFS to launch a simple web server.
We can skip Part 1 if we have a User and Group already provisioned via IAM.
- We log into our
AWS management console using $ https://console.aws.amazon.com.
I'm using MFA to secure my root account access coupled with Google Authenticator on my Android smartphone.
We can bypass this step and login normally to AWS Management Console.
🔴 See output
We go to Services > IAM > Users > Add user
User name : user-1
Access type : Programmatic access
🔴 See output
Next : Permissions > Create group
Group name : Developers
Administrator Access > Create group
🔴 See output
Next : Tags
Key: dev-1 | Value: name of the developer
Create user
🔴 See output
Download .csv (you're going to use these credentials later on in this tutorial)
- We write down our Access key ID and Secret access key > close the window
🔴 See output
- Now in Groups we should have one group named Developers which should list user-1.
🔴 See output
Sercices > Storage > EFS
Configure file system access
🔴 See output
Configure optional settings
Optional - We enable encryption of data at rest.
🔴 See output
Review and create
🔴 See output
Services > EC2
- In "Create Instance" section click on "Launch Instance"
We're going to choose 2 instances
-
We welect Amazon Linux 2 AMI (HVM), SSD Volume Type
-
Instance type: choose t2.micro (Free tier eligible). Instance comes with 1vCPU and 1 GiB (memory).
Next: Configure instance details
We choose to deploy 2 instances and we provision the Advanced details section with the following script:
🔵 See script
#!/bin/bash
yum update -y
yum install httpd -y
service httpd start
chkconfig httpd on
yum install amazon-efs-utils -y
- We leave all fields as they're by default, we just Enable termination protection.
🔴 See output
Next : Add Storage
- We leave all fields as they're by default.
Next : Configure Security Group
- We create a new security group > Security group name: dev-group > Description : Developers Security Group > Review and launch > Launch > Create New Key Pair > Key Pair Name : EC2KP > Download Key Pair.
🔴 See output
Launch Instances > View Instances
- We rename both instances respectively to "EC2 - EFS - Instance 1" and "EC2 - EFS - Instance 2".
🔴 See output
- At this point of the tutorial, we should have one Elastic File System (EFS), two running EC2 instances, a User and a Group created via IAM.
We should remember that we've downloaded an EC2KP.pem file earlier. We will now move this file to a newly created directory.
Ctrl + Alt + T to open a new CLI window
$ cd Desktop > $ mkdir SSH - Creates an SSH directory to store our Key Pair (credentials).
$ cd Downloads > $ sudo mv /home/zaki/Downloads/EC2KP.pem /home/zaki/Desktop>SSH
-
Go to your SSH directory and check that the file persists there : $ cd Desktop/SSH > ls
-
We change the permissions to .pem file, ie: $ chmod 400 EC2KP.pem.
🔴 See output
-
We will now connect to both EC2 instances using our CLI : we open two seperate windows
-
Use : $ ssh ec2-user@your-ipv4-public-address -i EC2KP.pem.
-
Type "yes" when prompted by the CLI
🔴 See output
- Go in root mode :
$ sudo su and use $ aws s3 ls. The last command should return "Unable to locate credentials. We can configure credentials by running "aws configure".
To use your provided credentials use : $ aws configure
Remember that we wrote down our Access Key ID and Secret access key when creating our EC2 Instances. We use the provided credentials.
- We connect to both
EC2 instances using the following command:
$ ssh ec2-user@your-ipv4-address -i EC2KP.pem
- We provide Access Key ID > AWS Secret Access Key > Default region name (use the Availability Zone of our EC2 instance, ie : us-east-1) > default output format : we can use "text" or "json". In this tutorial we use "json".
🔴 See output
Important
If buckets do not show up, we can go to Users > Security credentials > Create a new access key. Or we can create a new EC2 instance and restart the procedure in our `AWS` CLI.
When you Create access key, you'll have to download a file "access.Keys.csv".
On EC2 - EFS - Instance 1 SSH, use :
$ ssh ec2-user@your-ipv4-address -i EC2KP.pem
$ sudo su
$ cd /var/www/html
$ mount -t efs -o tls fs-ID:/ /var/www/html
We're going to create a single web page in order to check later on if it appears on the other EC2 instance SSH.
$ cd html
echo "<html><h1>Hello World</h1></html>" > index.html
To verify that the web page was correctly created, we can perform a simple $ ls or we can connect to our EC2 - EFS - Instance 1 IPv4 Public IP in our browser.
🔴 See output
To check if EC2 - EFS - Instance 2 is sharing the same EFS as EC2 - EFS - Instance 1, we perform the following commands in our EC2 - EFS - Instance 2 SSH:
$ ssh ec2-user@your-ipv4-address -i EC2KP.pem
$ sudo su
$ cd /var/www/html
$ mount -t efs -o tls fs-ID:/ /var/www/html
Note that we did not create an index.html file. Perform a simple ls and check if the index.html created in EC2 - EFS - Instance 1 appears.
If the file appears, it means that both EC2 instances share the same EFS. To make sure everything went fine, we can perform in our EC2 - EFS - Instance 2 SSH:
$ echo "This tutorial works" > testfile.txt
🔴 See output
You can also use EC2 - EFS - Instance 1 and EC2 - EFS - Instance 2 IPv4 Public IP in your web browser. Both queries should append a unique index.html file and retrieve the same web page.
🔴 See output
I hoped you enjoyed this gist. Please fork it and feel free to spread the word about it. Thanks.
