1
00:00:00,130 --> 00:00:02,400
So let's get some practice with EFS.

2
00:00:02,400 --> 00:00:06,390
And to do so, I'm going to go directly into the EFS console

3
00:00:06,390 --> 00:00:09,200
and we are going to create our first file system

4
00:00:09,200 --> 00:00:11,250
which is going to be a network file system.

5
00:00:11,250 --> 00:00:13,720
I get prompted with a dialogue to go really quickly,

6
00:00:13,720 --> 00:00:15,800
but as we want to learn the different options

7
00:00:15,800 --> 00:00:17,640
when creating an EFS file system,

8
00:00:17,640 --> 00:00:21,180
I'm going to go on click on Customize in the bottom.

9
00:00:21,180 --> 00:00:23,690
So here are the file system settings.

10
00:00:23,690 --> 00:00:24,980
So first, a name, which is optional

11
00:00:24,980 --> 00:00:26,850
so I'll leave this empty.

12
00:00:26,850 --> 00:00:30,380
Then we have to choose around availability and durability.

13
00:00:30,380 --> 00:00:34,290
So we have a regional NFS EFS file system

14
00:00:34,290 --> 00:00:37,650
if you want to have your data replicated across multiple AZ,

15
00:00:37,650 --> 00:00:40,350
which is the default option, and this is definitely a setup

16
00:00:40,350 --> 00:00:42,460
you need to have for production.

17
00:00:42,460 --> 00:00:44,530
But if you're just testing EFS out

18
00:00:44,530 --> 00:00:46,240
and you want to reduce cost,

19
00:00:46,240 --> 00:00:50,540
you can opt to use a one zone type of EFS file system

20
00:00:50,540 --> 00:00:52,380
in which the data is stored redundantly

21
00:00:52,380 --> 00:00:55,010
only within a single AZ.

22
00:00:55,010 --> 00:00:56,800
And so therefore if that AZ is down,

23
00:00:56,800 --> 00:00:58,900
then your EFS file system is down,

24
00:00:58,900 --> 00:01:00,680
and then you choose the AZ.

25
00:01:00,680 --> 00:01:04,440
But to keep it simple, we'll keep it as regional next.

26
00:01:04,440 --> 00:01:05,480
We have automated backup.

27
00:01:05,480 --> 00:01:07,460
So we want to backup EFS file system

28
00:01:07,460 --> 00:01:09,360
and you can enable it or disable it,

29
00:01:09,360 --> 00:01:11,760
but let's just leave it enable right now.

30
00:01:11,760 --> 00:01:13,260
Then we have lifecycle management.

31
00:01:13,260 --> 00:01:14,540
So this is very important.

32
00:01:14,540 --> 00:01:16,350
This is for cost savings

33
00:01:16,350 --> 00:01:18,410
and is saying, "Okay, if my objects

34
00:01:18,410 --> 00:01:20,390
are not being used very often,

35
00:01:20,390 --> 00:01:24,340
then transition them into a different access tier

36
00:01:24,340 --> 00:01:28,200
called the Standard-Infrequent Access Storage class."

37
00:01:28,200 --> 00:01:30,390
And so we're saying, "Okay, if a file

38
00:01:30,390 --> 00:01:32,690
has not been accessed for 30 days,

39
00:01:32,690 --> 00:01:34,400
then transition it into IA,

40
00:01:34,400 --> 00:01:35,890
which is going to save us some cost.

41
00:01:35,890 --> 00:01:38,920
And then you can transition it out of IA

42
00:01:38,920 --> 00:01:42,710
on first access or never as you want."

43
00:01:42,710 --> 00:01:45,030
For performance mode, we can choose

44
00:01:45,030 --> 00:01:47,830
within General Purpose and Max I/O.

45
00:01:47,830 --> 00:01:50,090
So General Purpose, as the name indicates,

46
00:01:50,090 --> 00:01:51,590
is for general purpose

47
00:01:51,590 --> 00:01:55,360
and it's helpful when you have latency-sensitive use cases,

48
00:01:55,360 --> 00:01:56,760
such as web serving environments

49
00:01:56,760 --> 00:01:58,510
and content management system.

50
00:01:58,510 --> 00:02:00,860
So if you have WordPress and you need some storage

51
00:02:00,860 --> 00:02:03,360
then General Purpose will be great for you.

52
00:02:03,360 --> 00:02:06,220
But if you choose the Max I/O option

53
00:02:06,220 --> 00:02:08,919
is going to give you the highest amount of throughputs

54
00:02:08,919 --> 00:02:11,060
and operations per second, which is great

55
00:02:11,060 --> 00:02:13,290
if you have a big data type of use case,

56
00:02:13,290 --> 00:02:16,170
but you're going to get a higher latency.

57
00:02:16,170 --> 00:02:19,300
To keep it simple, we'll keep it as General Purpose.

58
00:02:19,300 --> 00:02:21,700
Next for throughput mode, we have two options,

59
00:02:21,700 --> 00:02:23,690
either the bursting or provisions.

60
00:02:23,690 --> 00:02:25,600
So with bursting, we're going to get a throughput

61
00:02:25,600 --> 00:02:27,330
that scales with the file system size.

62
00:02:27,330 --> 00:02:28,850
So the bigger the file system,

63
00:02:28,850 --> 00:02:32,010
the more scale we going to have plus some burst,

64
00:02:32,010 --> 00:02:34,130
or for provision, you can say

65
00:02:34,130 --> 00:02:37,510
a value between 1 and 1024 megabytes per second

66
00:02:37,510 --> 00:02:40,700
of how much I want to be able to read my file system

67
00:02:40,700 --> 00:02:41,870
which is a very helpful option

68
00:02:41,870 --> 00:02:43,530
if you have a very tiny file system,

69
00:02:43,530 --> 00:02:45,939
but somehow you need a lot of throughputs

70
00:02:45,939 --> 00:02:47,530
right at the start.

71
00:02:47,530 --> 00:02:48,990
We'll leave it as bursting.

72
00:02:48,990 --> 00:02:50,850
We'll leave encryption of data at rest,

73
00:02:50,850 --> 00:02:53,630
and we won't customize these settings.

74
00:02:53,630 --> 00:02:56,750
Next, we have the network access settings

75
00:02:56,750 --> 00:02:58,910
And they're very important, we have to choose a VPC

76
00:02:58,910 --> 00:03:00,420
I'll choose the default VPC.

77
00:03:00,420 --> 00:03:01,860
And then the mount targets

78
00:03:01,860 --> 00:03:05,460
and because we've chosen a regional type of EFS file system

79
00:03:05,460 --> 00:03:07,740
with three AZs available to us.

80
00:03:07,740 --> 00:03:10,180
So each AZ is going to be assigned to a subnet.

81
00:03:10,180 --> 00:03:12,280
I'll leave it as is, which is a default subnet.

82
00:03:12,280 --> 00:03:16,200
The IP is automatic and we need to assign a security group.

83
00:03:16,200 --> 00:03:17,200
And so we need to go ahead

84
00:03:17,200 --> 00:03:21,870
and create a specific security group for my EFS file system.

85
00:03:21,870 --> 00:03:24,660
So we'll go into the EC2 console

86
00:03:24,660 --> 00:03:27,380
and then I will go into security groups.

87
00:03:27,380 --> 00:03:29,590
I will create a security group

88
00:03:29,590 --> 00:03:33,193
and I will call it sg-efs-demo.

89
00:03:34,530 --> 00:03:37,513
And I will call this one EFS Demo SG.

90
00:03:38,450 --> 00:03:41,400
For now, we will not have any inbound rules.

91
00:03:41,400 --> 00:03:43,730
I click on Create security group.

92
00:03:43,730 --> 00:03:48,540
And we cannot have this, so efs-demo is good enough.

93
00:03:48,540 --> 00:03:49,373
Okay.

94
00:03:49,373 --> 00:03:51,990
So my EFS demo is created successfully.

95
00:03:51,990 --> 00:03:54,150
And to have it appear here,

96
00:03:54,150 --> 00:03:56,530
what I need to do is to refresh the page.

97
00:03:56,530 --> 00:03:57,810
So we'll start all over

98
00:03:57,810 --> 00:04:01,750
but the settings are the basic ones, the default ones.

99
00:04:01,750 --> 00:04:02,983
I click on Next.

100
00:04:02,983 --> 00:04:05,995
And now I can remove these security groups

101
00:04:05,995 --> 00:04:09,722
and choose the efs-demo security group

102
00:04:09,722 --> 00:04:12,389
that I have created from before.

103
00:04:15,851 --> 00:04:17,403
Okay, we're good.

104
00:04:17,403 --> 00:04:21,286
So now we have done all the network access configuration.

105
00:04:21,286 --> 00:04:22,803
I will click on Next.

106
00:04:22,803 --> 00:04:25,095
We have a file system policy that is optional

107
00:04:25,095 --> 00:04:26,283
and we will not touch it right now.

108
00:04:26,283 --> 00:04:29,051
This is pretty advanced and we don't need it right now.

109
00:04:29,051 --> 00:04:30,560
So I will click on Next.

110
00:04:30,560 --> 00:04:31,990
And here we can review and create

111
00:04:31,990 --> 00:04:33,900
all the file system settings.

112
00:04:33,900 --> 00:04:34,960
So we're happy with that.

113
00:04:34,960 --> 00:04:37,550
And when we're done, we'll just click on Create.

114
00:04:37,550 --> 00:04:39,000
Now my file system is creating

115
00:04:39,000 --> 00:04:41,440
and I will get back to you when it is created.

116
00:04:41,440 --> 00:04:43,860
My file system is now available

117
00:04:43,860 --> 00:04:46,120
and I can go in it and see that the fact

118
00:04:46,120 --> 00:04:47,780
that there is six kilobytes of size

119
00:04:47,780 --> 00:04:49,140
that is being used right now.

120
00:04:49,140 --> 00:04:51,770
And when you have a EFS file system,

121
00:04:51,770 --> 00:04:53,760
you only pay for the storage you use.

122
00:04:53,760 --> 00:04:56,030
So right now, mark cost are zero.

123
00:04:56,030 --> 00:04:57,710
So this is good. This is created.

124
00:04:57,710 --> 00:05:01,470
And now we want to mount this onto EC2 instances.

125
00:05:01,470 --> 00:05:02,940
Therefore, you know the next step,

126
00:05:02,940 --> 00:05:05,520
we're going to create EC2 instances.

127
00:05:05,520 --> 00:05:07,453
So let's launch some instance.

128
00:05:09,040 --> 00:05:11,430
And I will name this one Instance A

129
00:05:11,430 --> 00:05:15,360
because we will launch it in subnet of AZ A.

130
00:05:15,360 --> 00:05:18,770
So we are going to run Amazon Linux, version 2.

131
00:05:18,770 --> 00:05:19,603
We're good to go.

132
00:05:19,603 --> 00:05:22,120
We'll use a t2.micro because it's free tier eligible.

133
00:05:22,120 --> 00:05:24,210
We will disable the key pair.

134
00:05:24,210 --> 00:05:25,750
We'll just use EC2 Instance Connect

135
00:05:25,750 --> 00:05:27,800
to connect to our EC2 instance.

136
00:05:27,800 --> 00:05:30,940
For network settings, I will leave it as is

137
00:05:30,940 --> 00:05:33,570
and there will be a new security group created

138
00:05:33,570 --> 00:05:35,290
with these rules right here.

139
00:05:35,290 --> 00:05:39,490
So allow SSH access from anywhere, which is good.

140
00:05:39,490 --> 00:05:42,090
Then we have eight gigabytes of gp2 storage,

141
00:05:42,090 --> 00:05:44,490
but now, because we want to configure the storage

142
00:05:44,490 --> 00:05:46,810
of the EC2 instance into Amazon EFS,

143
00:05:46,810 --> 00:05:50,440
we can actually now do it from within the EC2 console,

144
00:05:50,440 --> 00:05:51,273
which is very exciting.

145
00:05:51,273 --> 00:05:52,600
So let me show you how to do it.

146
00:05:52,600 --> 00:05:54,310
Before we had to run some commands.

147
00:05:54,310 --> 00:05:56,770
So there are zero x File systems.

148
00:05:56,770 --> 00:05:57,880
And you do Edit,

149
00:05:57,880 --> 00:06:00,630
and it says that you cannot add a file system

150
00:06:00,630 --> 00:06:03,080
before you choose to select a subnet.

151
00:06:03,080 --> 00:06:06,780
So we scroll back up, we go to Network settings, we edit it.

152
00:06:06,780 --> 00:06:11,040
And in subnet, I'm going to choose eu-west-1a.

153
00:06:11,040 --> 00:06:13,680
So now that my subnet is created,

154
00:06:13,680 --> 00:06:15,420
I can go back into file systems.

155
00:06:15,420 --> 00:06:18,510
And as you can see, I can add an EFS or an FSx file system

156
00:06:18,510 --> 00:06:20,740
so we'll add an EFS file system.

157
00:06:20,740 --> 00:06:23,413
Then we'll click on Add shared file system.

158
00:06:23,413 --> 00:06:27,040
It's going to be linked to my EFS right here.

159
00:06:27,040 --> 00:06:31,560
The mount point is /mnt/efs/fs1.

160
00:06:31,560 --> 00:06:33,280
This is good enough for us.

161
00:06:33,280 --> 00:06:35,480
This is going to automatically create

162
00:06:35,480 --> 00:06:38,780
and attach security groups for us, which is amazing.

163
00:06:38,780 --> 00:06:39,960
And then it's automatically going

164
00:06:39,960 --> 00:06:42,150
to mount shared file system

165
00:06:42,150 --> 00:06:44,930
by attaching the required user data scripts.

166
00:06:44,930 --> 00:06:47,690
So in the past, we had to run ourselves

167
00:06:47,690 --> 00:06:49,510
onto these two instance manually

168
00:06:49,510 --> 00:06:50,920
or create our own user data script,

169
00:06:50,920 --> 00:06:54,320
but now this is done for us by the EC2 console

170
00:06:54,320 --> 00:06:55,733
which is really nice.

171
00:06:56,610 --> 00:06:59,803
Let's create one instance and launch it.

172
00:07:04,920 --> 00:07:06,630
Okay, so this instance is launched.

173
00:07:06,630 --> 00:07:07,930
I can go view all instances

174
00:07:07,930 --> 00:07:09,840
and I'm going to launch a new one.

175
00:07:09,840 --> 00:07:14,170
I will call this one Instance B.

176
00:07:14,170 --> 00:07:15,870
We'll have Amazon Linux 2,

177
00:07:15,870 --> 00:07:17,000
again, to make it quick.

178
00:07:17,000 --> 00:07:19,600
I'm going to proceed without a key pair.

179
00:07:19,600 --> 00:07:23,233
I will go into eu-west-1b.

180
00:07:25,050 --> 00:07:28,640
I can just select the security group of launch-wizard-2

181
00:07:28,640 --> 00:07:30,490
that was created just from before.

182
00:07:30,490 --> 00:07:32,750
And then again, we need to edit this

183
00:07:32,750 --> 00:07:35,990
and add a file system of type EFS.

184
00:07:35,990 --> 00:07:38,660
And we'll use the same file system as before

185
00:07:38,660 --> 00:07:40,410
and the same mount point

186
00:07:40,410 --> 00:07:42,683
and we'll leave these options on as well.

187
00:07:43,680 --> 00:07:44,700
So we're good.

188
00:07:44,700 --> 00:07:46,393
Let's launch that instance.

189
00:07:48,890 --> 00:07:50,950
And now, let's have a look at the interesting stuff

190
00:07:50,950 --> 00:07:51,783
that has happened.

191
00:07:51,783 --> 00:07:56,120
So I'm going to just do Instance state = running,

192
00:07:56,120 --> 00:07:59,220
and refresh this until I see both of my instances.

193
00:07:59,220 --> 00:08:00,380
So now they're both running.

194
00:08:00,380 --> 00:08:01,990
And the interesting thing is that

195
00:08:01,990 --> 00:08:04,480
if we go into the EFS console

196
00:08:04,480 --> 00:08:06,050
and go to the network tab,

197
00:08:06,050 --> 00:08:09,070
as we can see now each availability zone

198
00:08:09,070 --> 00:08:10,850
now has multiple security groups.

199
00:08:10,850 --> 00:08:13,400
So we have the efs-demo we created from before

200
00:08:13,400 --> 00:08:17,380
but also the efs-sg-1 and efs-sg-2,

201
00:08:17,380 --> 00:08:20,930
which were auto created by the EC2 console for us

202
00:08:20,930 --> 00:08:23,500
and attached into our EFS file system.

203
00:08:23,500 --> 00:08:26,650
So if I go into my EC2 instances

204
00:08:26,650 --> 00:08:29,390
and then Security group right here,

205
00:08:29,390 --> 00:08:31,550
I can look at, for example, this efs-sg-2.

206
00:08:32,450 --> 00:08:34,059
Look at the inbound rules,

207
00:08:34,059 --> 00:08:38,179
and as you see, it allows the protocol NFS on port 2049.

208
00:08:39,530 --> 00:08:40,950
And the source of it,

209
00:08:40,950 --> 00:08:43,140
if we have a look at the inbound rules himself,

210
00:08:43,140 --> 00:08:45,730
the source of this is this security group.

211
00:08:45,730 --> 00:08:48,150
And that security group is the one that is attached

212
00:08:48,150 --> 00:08:51,030
into my EC2 instance Instance B.

213
00:08:51,030 --> 00:08:54,430
So this allows my Instance B to access the EFS file system

214
00:08:54,430 --> 00:08:57,860
because that security group right here called efs-sg-2

215
00:08:57,860 --> 00:09:00,840
is attached into my EFS file system.

216
00:09:00,840 --> 00:09:04,930
So all the setup is done by AWS for us, which is truly nice.

217
00:09:04,930 --> 00:09:07,240
So now, if I go into one of these instance,

218
00:09:07,240 --> 00:09:11,150
we're going to connect using EC2 Instance Connect

219
00:09:12,090 --> 00:09:13,410
on this tab.

220
00:09:13,410 --> 00:09:16,390
And then I will also do the exact same thing

221
00:09:16,390 --> 00:09:21,223
by connecting to Instance B over EC2 Instance Connect.

222
00:09:23,140 --> 00:09:26,410
So now I can, for example, verify the fact that,

223
00:09:26,410 --> 00:09:31,040
yes, in ls /mnt/efs/fs1/,

224
00:09:31,040 --> 00:09:32,630
there is an EFS file system,

225
00:09:32,630 --> 00:09:34,330
and now we need to create files in it.

226
00:09:34,330 --> 00:09:36,660
So to make it simple, I will elevate my right

227
00:09:36,660 --> 00:09:37,803
and type sudo su.

228
00:09:38,890 --> 00:09:41,890
And then I can do echo hello world

229
00:09:41,890 --> 00:09:46,370
into the /mnt/efs/fs1/

230
00:09:46,370 --> 00:09:47,890
as a hello.txt.

231
00:09:47,890 --> 00:09:51,270
So we've created that file, and then the hello.txt.

232
00:09:51,270 --> 00:09:55,120
And if I do cat and then this entire file name right here,

233
00:09:55,120 --> 00:09:57,340
as you can see, it says, "hello world".

234
00:09:57,340 --> 00:10:00,760
So this file has been created into my EFS file system

235
00:10:00,760 --> 00:10:05,270
from this EC2 instance, which is an eu-west-1a.

236
00:10:05,270 --> 00:10:07,920
But now if I go into my second EC2 instance

237
00:10:07,920 --> 00:10:10,790
and do ls and then the same file system,

238
00:10:10,790 --> 00:10:12,850
so I look for files in it,

239
00:10:12,850 --> 00:10:17,397
as you can see, we also see this hello.txt file in it.

240
00:10:17,397 --> 00:10:22,397
And if I do cat and then cat the file hello.txt.

241
00:10:22,920 --> 00:10:23,920
It says, "hello world" as well.

242
00:10:23,920 --> 00:10:26,040
So, as you can see, the EFS file system

243
00:10:26,040 --> 00:10:28,680
is indeed mounted as a network drive

244
00:10:28,680 --> 00:10:31,310
onto both my EC2 instances

245
00:10:31,310 --> 00:10:34,920
and they are in different AZs and they share the same EFS.

246
00:10:34,920 --> 00:10:36,080
So that's amazing.

247
00:10:36,080 --> 00:10:37,670
And that's a different kind of storage

248
00:10:37,670 --> 00:10:40,180
that you had the demo of it right now.

249
00:10:40,180 --> 00:10:41,710
So that's it for the EFS demo.

250
00:10:41,710 --> 00:10:42,970
That was pretty complete.

251
00:10:42,970 --> 00:10:44,400
Now to just clean it up,

252
00:10:44,400 --> 00:10:46,790
what you can do is you can terminate

253
00:10:46,790 --> 00:10:48,550
these two EC2 instances.

254
00:10:48,550 --> 00:10:51,743
So you go here and you terminate them.

255
00:10:53,980 --> 00:10:55,040
And something else you can do

256
00:10:55,040 --> 00:10:57,490
is you can go into the EFS file system.

257
00:10:57,490 --> 00:11:01,453
You can delete it by entering the file system ID.

258
00:11:03,240 --> 00:11:05,410
And then when everything is deleted,

259
00:11:05,410 --> 00:11:07,750
you can go ahead into your security groups

260
00:11:07,750 --> 00:11:09,780
and delete the extra security groups

261
00:11:09,780 --> 00:11:11,480
that have been created during this demo.

262
00:11:11,480 --> 00:11:13,010
Okay, that's it for this lecture.

263
00:11:13,010 --> 00:11:14,070
I hope you liked it.

264
00:11:14,070 --> 00:11:16,020
And I will see you in the next lecture.