How do I use Amazon EFS with Amazon EKS?
Last updated: 2020-04-03
I want to use Amazon Elastic File System (Amazon EFS) with Amazon Elastic Kubernetes Service (Amazon EKS).
You can use Amazon EFS with your Amazon EKS pods by using the efs-provisioner to mount EFS storage as persistent volumes in Kubernetes. The efs-provisioner runs as a pod in your cluster, can access the EFS volume, and provides a subdirectory in the EFS volume as a persistent volume to your pods.
To configure and deploy the efs-provisioner, complete the following steps.
Important: You must have an existing Amazon EFS file system for the efs-provisioner to mount into your pods. To create an Amazon EFS file system, see Getting Started with Amazon Elastic File System. For the efs-provisioner to work, the security groups in your Amazon EFS file system must allow access from your worker nodes.
1. To download the StorageClass and ConfigMap manifest files, run the following commands:
wget https://raw.githubusercontent.com/kubernetes-incubator/external-storage/master/aws/efs/deploy/class.yaml wget https://raw.githubusercontent.com/kubernetes-incubator/external-storage/master/aws/efs/deploy/configmap.yaml
2. In the configmap.yaml file, change file.system.id and aws.region to the values appropriate for your EFS. See the following example:
apiVersion: v1 kind: ConfigMap metadata: name: efs-provisioner data: file.system.id: fs-390f9d92 aws.region: us-west-2 provisioner.name: example.com/aws-efs dns.name: ""
Note: To mount the EFS by your own DNS name instead of the DNS name assigned by AWS (file-system-id.efs.aws-region.amazonaws.com), use the dns.name property.
3. To apply the StorageClass and ConfigMap to your cluster, run the following commands:
kubectl apply -f class.yaml kubectl apply -f configmap.yaml
4. To download the Deployment and ClusterRole manifest files, run the following commands:
wget https://raw.githubusercontent.com/kubernetes-incubator/external-storage/master/aws/efs/deploy/deployment.yaml wget https://raw.githubusercontent.com/kubernetes-incubator/external-storage/master/aws/efs/deploy/rbac.yaml
5. In your deployment.yaml file, change the volumes configuration to a path of /, and then change server to your file system's DNS name. See the following example:
volumeMounts: - name: pv-volume mountPath: /persistentvolumes volumes: - name: pv-volume nfs: server: fs-1234abcd.efs.us-east-1.amazonaws.com path: /
Note: This updated configuration allows the efs-provisioner to create child directories to back each persistent volume that it provisions at the root of the EFS volume.
6. To apply the RBAC resources and the Deployment manifests, run the following commands:
kubectl apply -f rbac.yaml kubectl apply -f deployment.yaml
Important: The efs-provisioner requires the permissions that are defined in the rbac.yaml file to create Kubernetes resources and run correctly.
7. To download the test pod and persistent volume claim, run the following commands:
wget https://raw.githubusercontent.com/kubernetes-incubator/external-storage/master/aws/efs/deploy/claim.yaml wget https://raw.githubusercontent.com/kubernetes-incubator/external-storage/master/aws/efs/deploy/test-pod.yaml
8. To confirm that the efs-provisioner is working correctly, deploy the test pod by running the following commands:
kubectl apply -f claim.yaml kubectl apply -f test-pod.yaml
Note: The preceding test pod launches and writes "touch /mnt/SUCCESS && exit 0 || exit 1" to the EFS volume. To verify that the pod wrote successfully, check your logs and EFS volume.