Using the EFS mount helper to automatically re-mount EFS file systems

Use the EFS mount helper to configure the /etc/fstab on EC2 Linux instances to automatically remount your EFS file systems when the instance re-starts.

Attach an EFS file system when creating an EC2 instance to enable automatic mounting on reboot

This method uses the EFS mount helper to mount the file system update the /etc/fstab file on the EC2 instance. The mount helper is part of the amazon-efs-utils set of tools.

When you create a new Amazon EC2 Linux instance using the EC2 Launch Instance Wizard, you can configure it to mount your Amazon EFS file system automatically. The EC2 instance mounts the file system automatically the instance first launched and also whenever it restarts.

Note

Amazon EFS file systems do not support mounting on Amazon EC2 Mac instances running macOS Big Sur or Monterey at instance launch.

Before you perform this procedure, make sure that you have created your Amazon EFS file system. For more information, see Step 1: Create your Amazon EFS file system in the Amazon EFS Getting Started exercise.

Note

You can't use Amazon EFS with Microsoft Windows–based Amazon EC2 instances.

Before you can launch and connect to an Amazon EC2 instance, you need to create a key pair, unless you already have one. Follow the steps in Setting Up with Amazon EC2 in the Amazon EC2 User Guide for Linux Instances to create a key pair. If you already have a key pair, you can use it for this exercise.

To configure your EC2 instance to mount an EFS file system automatically at launch

1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

2. Choose Launch Instance.

3. In Step 1: Choose an Amazon Machine Image (AMI), find an Amazon Linux AMI at the top of the list and choose Select.

4. In Step 2: Choose an Instance Type, choose Next: Configure Instance Details.

5. In Step 3: Configure Instance Details, provide the following information:

   • For Network, choose the entry for the same VPC that the EFS file system you're mounting is in.

   • For Subnet, choose a default subnet in any Availability Zone.

   • For File systems, choose the EFS file system that you want to mount. The path shown next the file system ID is the mount point that the EC2 instance will use, which you can change.

   • Under Advanced Details, the User data is automatically generated, and includes the commands needed to mount the EFS file systems you specified under File systems.

6. Choose Next: Add Storage.

7. Choose Next: Add Tags.

8. Name your instance and choose Next: Configure Security Group.

9. In Step 6: Configure Security Group, set Assign a security group to Select an existing security group. Choose the default security group to make sure that it can access your EFS file system.

   You can't access your EC2 instance by Secure Shell (SSH) using this security group. For access by SSH, later you can edit the default security and add a rule to allow SSH or a new security group that allows SSH. You can use the following settings:

   • Type: SSH

   • Protocol: TCP

   • Port Range: 22

   • Source: Anywhere 0.0.0.0/0

10. Choose Review and Launch.

11. Choose Launch.

12. Select the check box for the key pair that you created, and then choose Launch Instances.

Your EC2 instance is now configured to mount the EFS file system at launch and whenever it's rebooted.

Using /etc/fstab with EFS mount helper to automatically remount EFS file systems

The /etc/fstab file contains information about file systems. The command mount -a, which runs during instance start-up, mounts all the file systems listed in /etc/fstab. In this procedure, you will manually update the /etc/fstab on an EC2 Linux instance so that the instance uses the EFS mount helper to automatically remount an EFS file system when the instance restarts.

Note

Amazon EFS file systems do not support automatic mounting using /etc/fstab with the EFS mount helper on Amazon EC2 Mac instances running macOS Big Sur or Monterey. Instead, you can use NFS with /etc/fstab to automatically mount your file system on EC2 Mac instances running macOS Big Sur and Monterey.

This method uses the EFS mount helper to mount the file system. The mount helper is part of the amazon-efs-utils set of tools.

The amazon-efs-utils tools are available for installation on Amazon Linux and Amazon Linux 2 Amazon Machine Images (AMIs). For more information about amazon-efs-utils, see Using Amazon EFS client. If you are using another Linux distribution, such as Red Hat Enterprise Linux (RHEL), manually build and install amazon-efs-utils. For more information, see Installing the Amazon EFS client on other Linux distributions.

Prerequisites

The following requirements need to be in place before you can successfully implement this procedure:

• You have already created the Amazon EFS file system that you want to be automatically remounted. For more information, see Step 1: Create your Amazon EFS file system.

• You have already created the EC2 Linux instance that you want to configure to automatically remount an EFS file system.

• The EFS mount helper is installed on the EC2 Linux instance. For more information, see Using Amazon EFS client.

To update the /etc/fstab file on your EC2 instance

1. Connect to your EC2 instance:

   • To connect to your instance from a computer running macOS or Linux, specify the .pem file for your SSH command. To do this, use the -i option and the path to your private key.

   • To connect to your instance from a computer running Windows, you can use either MindTerm or PuTTY. To use PuTTY, install it and convert the .pem file to a .ppk file.

   For more information, see the following topics in the Amazon EC2 User Guide for Linux Instances:

   • Connecting to your Linux instance from Windows using PuTTY

   • Connecting to your Linux instance using SSH

2. Open the /etc/fstab file in an editor.

3. For automatic mounting using either IAM authorization or an EFS access point:

   • To automatically mount with IAM authorization to an Amazon EC2 instance that has an instance profile, add the following line to the /etc/fstab file.

     file-system-id:/ efs-mount-point efs _netdev,noresvport,tls,iam 0 0

   • To automatically mount with IAM authorization to a Linux instance using a credentials file, add the following line to the /etc/fstab file.

     file-system-id:/ efs-mount-point efs _netdev,noresvport,tls,iam,awsprofile=namedprofile 0 0

   • To automatically mount a file system using an EFS access point, add the following line to the /etc/fstab file.

     file-system-id:/ efs-mount-point efs _netdev,noresvport,tls,iam,accesspoint=access-point-id 0 0

   Warning

   Use the _netdev option, used to identify network file systems, when mounting your file system automatically. If _netdev is missing, your EC2 instance might stop responding. This result is because network file systems need to be initialized after the compute instance starts its networking. For more information, see Automatic mounting fails and the instance is unresponsive.

   For more information, see Mounting with IAM authorization and Mounting with EFS access points.

4. Save the changes to the file.

5. Test the fstab entry by using the mount command with the 'fake' option along with the 'all' and 'verbose' options.

   $ sudo mount -fav
   home/ec2-user/efs      : successfully mounted

Your EC2 instance is now configured to mount the EFS file system whenever it restarts.

Note

In some cases, your Amazon EC2 instance might need to start regardless of the status of your mounted Amazon EFS file system. In such cases, add the nofail option to your file system's entry in your /etc/fstab file.

The line of code you added to the /etc/fstab file does the following.

Field	Description
file-system-id:/	The ID for your Amazon EFS file system. You can get this ID from the console or programmatically from the CLI or an AWS SDK.
efs-mount-point	The mount point for the EFS file system on your EC2 instance.
efs	The type of file system. When you're using the mount helper, this type is always efs.
mount options	Mount options for the file system. This is a comma-separated list of the following options: _netdev – This option tells the operating system that the file system resides on a device that requires network access. This option prevents the instance from mounting the file system until the network has been enabled on the client. noresvport – Tells the NFS client to use a new Transmission Control Protocol (TCP) source port when a network connection is reestablished. Doing this helps make sure that the EFS file system has uninterrupted availability after a network recovery event. tls – Enables encryption of data in transit. iam – Use this option to mount with IAM authorization to an Amazon EC2 that has an instance profile. Using the iam mount option requires also using the tls option. For more information, see Using IAM to control file system data access. awsprofile=namedprofile – Use this option with the iam and tls options to mount with IAM authorization to a Linux instance using a credentials file. For more information about EFS access points, see Using IAM to control file system data access. accesspoint=access-point-id – Use this option with the tls option to mount using an EFS access point. For more information about EFS access points, see Working with Amazon EFS access points.
0	A nonzero value indicates that the file system should be backed up by dump. For EFS, this value should be 0.
0	The order in which fsck checks file systems at boot. For EFS file systems, this value should be 0 to indicate that fsck should not run at start-up.