Tuesday, July 30, 2013

AWS:How to Setup a Amazon AWS EC2 NFS Share

Posted by Unknown | 4:01 PM |

This article will be short and to the point, so whoever wants to mount a remote nfs share in their local machine they should be able to get it up and running in 5 mins or less. Here we go!

Setup AWS security groups

In your EC2 instance setup following Security group exemptions, it would be a good idea to create a separate security group called “NFS Services” or something to leave these exemptions separate from the rest of your security groups.
TCP
Port (Service) Source
111 0.0.0.0/0
2049 0.0.0.0/0
32768 0.0.0.0/0
44182 0.0.0.0/0
54508 0.0.0.0/0
UDP
Port (Service) Source
111 0.0.0.0/0
2049 0.0.0.0/0
32768 0.0.0.0/0
32770 – 32800 0.0.0.0/0

I have set source to 0.0.0.0 for those ports but I do restrict who can access those services via /etc/hosts.deny in next step. Or if you prefer set the IP address of the client machine (external ip) to source when you add those port exemptions.

Install the NFS server

You need a running NFS service in your remote server so that the client can access shared directories/paths, install nfs server by typing the following line in the terminal of your aws instance. 

sudo apt-get update && sudo apt-get install nfs-kernel-server

Decide what you want to share

Whatever you wanna share should go in /etc/exports file. So edit it using nano/vi/ or whatever text editor you have in the terminal, I use nano here 

sudo nano /etc/exports
and add entries of the directories you want to share 

/home/purinda *(rw,async,insecure,all_squash,no_subtree_check,anonuid=1001,anongid=1001)
/opt *(rw,no_subtree_check,sync,insecure)
If you read a nice article on how these exports thingy work you will figure out that the astrix is to specify the client IP (which can be specified as a CIDR address such as 241.111.42.23/32 or * to allow any client).
I have a different configuration set for /home/purinda as I use a Mac OSx 10.8.2 mountain lion client which uses nfsv2 client to connect and it require some security tweaks like I have mentioned. Or read my other article on this subject.

Reload the NFS service

Type 

sudo service nfs-kernel-server reload
to reload the NFS service on your ec2 instance.
and you may or may not require 

exports -av

Connect!

In your local/desktop open up a terminal and create a directory which should be used for mounting the remote directory, for example if you want the remote /home/purinda mounted in your /Volumes/purinda in MacOS x
then 

mkdir /Volumes/purinda
mount -t nfs -o nfsvers=2 :/home/purinda /Volumes/purinda/
on a linux desktop/client you may be able to just do 

mount -t nfs elastic-ip-of-ec2:/home/purinda /Volumes/purinda/
Enjoy!

Categories:

2 comments:

  1. AnonymousJanuary 16, 2015 at 9:06 PM

    "exports -av" should be "exportfs -av"

    ReplyDelete
  2. AnonymousMarch 29, 2019 at 6:11 PM


    Great Post,really it was very helpful for us.
    Thanks a lot for sharing!
    I found this blog to be very useful!!
    AWS Cloud training in Bangalore

    ReplyDelete

Subscribe to: Post Comments (Atom)