How to use a scalable file storage for your infrastructure on AWS

Here is a fact. You'll almost always need a file storage for your infrastructure on the cloud which is scalable and can be used across multiple availability zones. In Linux and networking, we always use NFS servers for this requirement. Luckily, AWS provides a service called EFS which is actually NFS for ec2 instances. In this article, I'll be explaining how to create the same infrastructure which I did in but using NFS instead of EBS.

(Note: Go through the article mentioned above for better understanding)

Declare the provider

provider "aws"{
	region = "ap-south-1"

Create a security group

This security group needs to allow the port 81 for HTTP and 22 for SSH.

resource "aws_security_group" "allow_http" {
	name = "allow_http"
		description = "allowing tcp for http port:80"
		from_port = 81
		to_port = 81
		protocol = "tcp"
		cidr_blocks = [""]
		description = "allowing ssh"
		from_port = 22
		to_port = 22
		protocol = "tcp"
		cidr_blocks = [""]
        from_port = 0
        to_port = 0
        protocol = "-1"
        cidr_blocks = [""]
	tags = {
		Name = "allow_http81_and_ssh"

Yes, why write all these codes again. So, I'll jump right on the important one.

If you have already gone through the mentioned article of mine, you can remember when we configured docker using a remote-exec provisioned. One more thing needs to be installed there - "amazon-efs-utils". So, our config_docker null resource would be as follows:

resource "null_resource" "config_docker" {
    provisioner "remote-exec" {
        inline = [
            "sudo yum -y install amazon-efs-utils",
            "sudo yum -y install httpd",
            "sudo service httpd start",
            "sudo yum -y install docker",
            "sudo service docker start",
            "sudo docker pull vimal13/apache-webserver-php",
            "sudo docker run -dit --name webos -p 81:80 -v /web:/var/www/html vimal13/apache-webserver-php"
        connection {
            type = "ssh"
            user = "ec2-user"
            private_key = file("/home/eric/Downloads/mykey111.pem")
            host = "${aws_instance.web_infra.public_ip}"
    depends_on = [null_resource.to_deploy_backup]

Now, let's create an EFS file system

resource "aws_efs_file_system" "efs_fs" {
    tags = {
        Name = "my-efs"
    depends_on = [null_resource.config_docker]

This file system needs to be told which is its target

resource "aws_efs_mount_target" "alpha" {
    file_system_id = "${}"
    subnet_id      = aws_instance.web_infra.subnet_id
    security_groups = ["sg-06824d8745dad1ccb - allow-all"]
    depends_on = [aws_efs_file_system.efs_fs]

Now, let's mount this storage in /web folder in the ec2 instance. To do this, we'll create another remote-exec provisioner

resource "null_resource" "mount_efs" {
	depends_on = [aws_efs_mount_target.alpha]
	provisioner "remote-exec" {
		inline = [
			"sudo mkdir /web"
			"sudo echo ${aws_efs_file_system.efs_fs.dns_name}:/web  efs defaults,_netdev    0   0>> /etc/fstab",
			"sudo mount ${aws_efs_file_system.efs_fs.dns_name}:/ /web",
			"sudo rm -rf /web/*",
			"sudo yum -y install git",
			"sudo git clone /web"
		connection {
			type = "ssh"
			user = "ec2-user"
			private_key = file("/home/eric/Downloads/mykey111.pem")
			host = "${aws_instance.web_infra.public_ip}"

As you can see, we need to update the fstab file to make the mounting permanent. And this is it. Now, our instance can use the EFS file system. If you want to use my code to try this out, you will face errors as I have updated that repo. This project is under task 2 folder in the same folder. Please add that in your repo and try again.

Github link:

So, try deploying this infrastructure on your own and ping me if you face any problems. Until the next time.


