How can I create a Docker volume using Amazon EFS in Amazon ECS?

Last updated: 2019-06-10

I want to create a Docker volume in Amazon Elastic Container Service (Amazon ECS) using Amazon Elastic File System (Amazon EFS). Then, I can persist and share data without installing an additional volume plugin in the cluster instance. How can I do that?

Resolution

1.    Create an Amazon EFS file system.

2.    Copy the settings of your new file system, and then use the copied settings to mount the file system.

Important: Based on your Linux distribution, install the NFS client before mounting the file system. In the following example, the file system is mounted on a separate Amazon Elastic Compute Cloud (Amazon EC2) instance from a local Amazon Virtual Private Cloud (Amazon VPC). An index.html file is created at the root level of the Amazon EFS mount point.

sudo mkdir /efs
sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport fs-XXXXXX.efs.us-east-1.amazonaws.com:/ /efs
echo "<html><body><h1>It works! EFS Demo :)</h1></body></html>" | sudo tee /efs/index.html

Note: You need the file system settings to create a task definition later. Be sure to replace fs-XXXXXX and us-east-1 with your values.

3.    Create an Amazon ECS cluster.

Note: This step assumes you're creating an Amazon ECS cluster from the EC2 Linux + Networking template. Amazon EFS doesn't support Networking only (Fargate) and EC2 Windows + Networking templates.

4.    Launch your cluster instances in the same VPC where you created your Amazon EFS file system.

5.    Create a security group or use an existing security group to associate with your mount target.

Important: Your mount target must allow inbound access for the TCP protocol on the NFS port (2049) from all Amazon EC2 instances for Amazon ECS.

6.    Create a task definition.

In the following example, a task definition is created with the httpd container image. The Docker volume efs-demo is defined in the volumes property of the JSON template using the settings provided by Amazon EFS. The sourceVolume property is set to efs-demo, and containerPath is set to the directory of the default webpage.

{
    "containerDefinitions": [
        {
            "memory": 128,
            "portMappings": [
                {
                    "hostPort": 80,
                    "containerPort": 80,
                    "protocol": "tcp"
                }
            ],
            "essential": true,
            "name": "apache-container",
            "image": "httpd",
            "cpu": 1024,
            "mountPoints": [
                {
                    "containerPath": "/usr/local/apache2/htdocs/",
                    "sourceVolume": "efs-demo"
                }
            ]
        }
    ],
    "networkMode": "bridge",
    "requiresCompatibilities": [
        "EC2"
    ],
    "volumes": [
        {
            "name": "efs-demo",
            "host": null,
            "dockerVolumeConfiguration": {
                "autoprovision": true,
                "labels": null,
                "scope": "shared",
                "driver": "local",
                "driverOpts": {
                    "type": "nfs",
                    "device": ":/",
                    "o": "addr=fs-XXXXXX.efs.us-east-1.amazonaws.com,nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport"
                }
            }
        }
    ],
    "family": "taskdefinition-demo-efs",
    "placementConstraints": [],
    "memory": null,
    "cpu": null
}

Note: Be sure to replace fs-XXXXXX and us-east-1 with your values.

7.    Run the task on the Amazon ECS cluster that you created in step 3.

8.    To see the test file created inside the Amazon EFS volume, open the Amazon ECS console, and then choose your cluster. Choose the Tasks tab, and then choose the drop-down arrow for the task that you created in step 6. You can review the information in the Details section. In Network bindings, you should see the external link. In Mount Points, you should see the container path and source volume.

Note: The tasks must be in RUNNING status before you check your mount status.


Did this article help you?

Anything we could improve?


Need more help?