How do I attach an NFS volume to my Spinup server?

Owned by Tenyo Grozev (Unlicensed)
Last updated: Jun 12, 2024 by Brandon Tassone

Prerequisites

  • You need a Linux server (mounting NFS volumes on Windows is not currently supported)

  • You need to have at least one NFS volume created and located in the same space as your server

Note: If you don’t know how to create an NFS volume or want to learn more about the NFS offering in Spinup please see https://yaleits.atlassian.net/wiki/spaces/spinup/pages/1862991893

Additional performance tips can be found here: Amazon EFS Performance Tips.

Procedure

  • The first time you will need to download and run this script to install amazon-efs-utils on your server. This is required to easily mount an NFS volume with encryption. The script will install all required pre-requisites depending on your specific Linux distro (see note below if this is not the case for ubuntu). Wait until it finishes running:

    curl https://raw.githubusercontent.com/YaleSpinup/utils-storage/master/amazon-efs-utils/install_efs_utils.sh -o install_efs_utils.sh && \ chmod 755 install_efs_utils.sh && \ sudo ./install_efs_utils.sh


    Note: However, if you do run into install errors on ubuntu. Run the following commands in the terminal and that should fix any package related issues.

    sudo apt install cargo pkg-config libssl-dev -y sudo rm -rf /tmp/efs-utils && sudo ./install_efs_utils.sh

  • You can run the script again to confirm amazon-efs-utils is installed, e.g.

    $ sudo ./install_efs_utils.sh Detected OS: CentOS Linux 7 (Core) amazon-efs-utils already installed stunnel already installed stunnel 5.57 on x86_64-pc-linux-gnu platform No need to patch stunnel, version 5.57 already installed

  • If you run into issues or errors when running the script, you can contact spinup@yale.edu for support

 

  • Determine the File System id of your NFS volume (from the Spinup web interface) - in this case it’s fs-d08e6d24 - you’ll need that to mount the volume


If mounting a volume without the use of an NFS user follow the following steps below:

  • Mount the volume using the file system id - in this case we’ll mount it on /mnt - make sure you use the tls option to enable encryption

  • Confirm that you see the volume, e.g.

  • Keep in mind the size of the volume is unlimited, so you can store any amount of data on it and you will only be charged based on your average usage

 

  • To mount the volume persistently so it shows up after a reboot, add an entry to your /etc/fstab file (make sure you replace fs-d08e6d24 with your id and /mnt with your mount point):

  • Test that the fstab works:

  • If you see any errors above or the volume is not mounted properly, you will need to edit your /etc/fstab and fix any issues before rebooting your server! Errors in your fstab file may render your server unusable after a reboot.


Use the following steps if you are mounting a volume that requires the use of an NFS user:

  • In order to mount a volume with the use of an NFS user (required for high risk spaces) AWS cli is also required to be downloaded and installed. The install steps for this are located here: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html However it should be noted that on linux server instances if possible please install the awscli tools through your instances package managing system.

    For example, in the case of a CentOS - CIS server:

  • This will install the toolset and prevent any issues with it being accessed via your users linux profile. You can verify its success by performing the following:



  • Once the AWS cli tool has been installed the next step is to create the AWS profile where the key id/secret will be stored and used for the NFS mount. In order to do this use the following snippet:

  • The profile name can be anything you wish but for clarity it is recommended to name it the same as the user created on the NFS.

 

  • Once the command has ran it will prompt you for the access key id, secret access key, default region name, and default output format. The access key id and secret access key can be found on the created NFS user in spinup and looks like the following:

  • Simply copy the values for the access key id and the secret access key and input us-east-1 for the region. Default output format can simply be left as none. It should look similar to this:



  • Once this step has been completed the NFS is ready to be mounted with the IAM user profile. The following command will achieve this step:

  • The key parts to this command are specifying the aw sprofile name given in the previous step in this case "user1" while providing the filesystem id located on the NFS view page in spinup. The last part is the target of where you wish to mount the NFS filesystem and should be created ahead of time.

 

  • To mount the volume persistently so it shows up after a reboot, add an entry to your /etc/fstab file. Make sure to replace the fs-097397fa171119b8d with your filesystem id provided on the NFS resource in spinup and the mount target with your specified location.

  • Test that the fstab works:

  • If any errors are generated from the previous commands than there has been an issue with mounting your NFS filesystem. You will need to edit your /etc/fstab to fix any issues before rebooting your server! Errors in your fstab file may render your server unusable after a reboot