EFS

Elastic File Storage: fully managed file system

Overview

Benefits

Scalability: automatically grows and shrinks as we add and remove files.
- Can support over 10GB/sec, >500,000 IOPS
Reliability:
- SLA ~ 11 9s durability. Just the same amount of 9s like S3.
- Every EFS object is redundantly stored across multiple AZ.
- Quickly detecting and repairing any lost redundancy.
Integration well with thousands of EC2 instances. EC2 instances can use EFS for parallel shared access.
Access data across AZs

Features

EFS Mount point

A mount point in AWS Elastic File System (EFS) connects the EFS file system to EC2 instances or on-premises servers, allowing file system interaction. It uses the NFSv4 protocol for secure and seamless file operations.

Key Steps:

Create Mount Target: Set up a mount target in each Availability Zone where EC2 instances need EFS access.
Security Groups: Assign security groups to mount targets to control access, allowing NFS connections from EC2 instances.
Mounting: Use the mount command with the EFS DNS name on EC2 instances. For persistent access, add the mount command to the /etc/fstab file.
Performance: Consider mount options and network performance between EC2 instances and EFS mount targets to optimize file operations.

Correctly configured mount points enable the use of EFS’s scalable and durable shared file storage.

Provide a serverless, set-and-forget elastic NFSv4 (Network File System) File System service.
- Traditional hierarchial directory structure
- Trandional file permissions
- File locking
For cost down, consider using:
- EFS-IA
- EFS One Zone-IA

Application specific directory & permission

Using EFS access points for restrict access to File system, or specific directory.
Using AWS IAM policy to ensure specific app only access specific EFS Access Point.

Storage classes

There are 4 storage classes in EFS

Standard storage class: for frequently accessed files.
EFS IA (Infrequent Access) storage class
EFS One Zone
EFS One Zone-IA

Lower cost storage class.
Turn on EFS Lifecycle management to using this storage class.
- When files have not been access for a period of time -> go to IA storage class
- Using Lifecycle policy to define that period (1, 7, 14, 30, 60, 90 days). Maximum is 90 days.

Performance modes

	General purpose	Max I/O
latency	Lowest	-
throughput	-	Higher

General purpose

Max I/O

latency

Lowest

throughput

Higher

Throughput modes

	Bursting	Provisioned
throughput	dynamically scale depend on Size	Higher dedicated throughput
config	can not	can be configured independently

Bursting

Provisioned

throughput

dynamically scale depend on Size

Higher dedicated throughput

config

can not

can be configured independently

Containers and serverless file storage

Serverless architecture do not have server (no EBS), so it needs a Shared storage service to handle IOPS-heavy workload or Latency-sensitive workload.
Allow container services like: ECS, EKS, Fargate, Lambda to handle stateful workloads.

Security

Encryption

Data at rest using encryption keys managed by KMS.
Data at transit using Transport Layer Security (TLS)

Trivia

Amazon EFS is NOT supported on Windows instances. Only for Linux (POSIX). Amazon FSx is a specific service used for Windows File Server.
- FSx --> shared Windows file system（SMB）
- EFS --> Linux NFS

PreviousEBS NextFSx

Last updated 9 months ago