Amazon EFS Mount from OSX
For anyone who is looking for answers to this kind of question, the comment from Michael solved my problem.
We have direct connect to AWS and after adding the right inbound rule (TCP 2049 office subnet) to the security group, I am able to mount EFS to my local macbook.
sudo mount -t nfs -o vers=4 -o tcp -w x.x.x.x:/ efs
Related videos on Youtube
09 : 52
08 : 16
10 : 20
10 : 01
16 : 00
G Rodriguez
Updated on September 18, 2022Comments
-
G Rodriguez almost 2 years
Gentlemen, I followed the instruction on this excellent post but failed to connect. Elastic file system (EFS) mount outside of AWS
I use CoreOS in a Mesos Cluster. We have an EFS connected to all the nodes in the cluster so they can share data, scripts, etc. We have a VPN tunnel to the AWS VPC so we can connect from the office.
My users would like to upload some scripts to the EFS and get the computation results so they would like to mount the NFS locally. So I launch a haproxy as recommended in the article above.
sudo docker run -d --net=host haproxy /bin/bash -c "echo -e 'listen fs-1e7bb658-us-east-1\n bind :2049\n mode tcp\n option tcplog\n timeout tunnel 300000\n server fs-1e7bb658-us-east-1a us-east-1a.fs-1e7bb658.efs.us-east-1.amazonaws.com:2049 check inter 60000 fastinter 15000 downinter 5000' > /haproxy.cfg && haproxy -f /haproxy.cfg"The config is this in case it is not clear:
listen fs-1e7bb658-us-east-1 bind :2049 mode tcp option tcplog timeout tunnel 300000 server fs-1e7bb658-us-east-1a us-east-1a.fs-1e7bb658.efs.us-east-1.amazonaws.com:2049 check inter 60000 fastinter 15000 downinter 5000Which starts haproxy with a tunnel to the EFS as proposed in the above mentioned topic. I know it is working because I can mount the EFS using the Haproxy IP into a second folder in a cluster node (i.e. /testing) and when I write a file to /testing I can see it in all the nodes in the /shared folder. For example:
sudo mount 100.100.100.68:/ /testing # Mount using haproxy echo "testing123!" > /testing/testing.txt # write to a file cat /shared/testing.txt # get from any node in the cluster >>> testing123!So the problem is that when I want to mount from OSX I get:
grodriguez:/ Guimo$ sudo mount 100.100.100.68:/ /sharedfiles mount_nfs: can't mount / from 100.100.100.68 onto /sharedfiles: RPC prog. not availI know HaProxy is listening because I can do from OSX:
grodriguez:/ Guimo$ telnet 100.100.100.68 2049 Trying 100.100.100.68... Connected to 100.100.100.68. Escape character is '^]'.So it connects to the service using telnet, but won't connect using nfs.
The security group is quite liberal and besides I wouldn't have connected using telnet if it didn't work. So the service is working at that port.
I read I could try and look for the mountd and nfs services but nothing. Maybe EFS is hiding them. Maybe that's why OSX complains for the missing service.
grodriguez:/ Guimo$ rpcinfo -p 100.100.100.68 program vers proto port 100000 4 tcp 111 portmapper 100000 3 tcp 111 portmapper 100000 2 tcp 111 portmapper 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 45358 status 100024 1 tcp 60755 status 100021 1 udp 43439 nlockmgr 100021 3 udp 43439 nlockmgr 100021 4 udp 43439 nlockmgr 100021 1 tcp 34893 nlockmgr 100021 3 tcp 34893 nlockmgr 100021 4 tcp 34893 nlockmgrBut still if the tunnel didn't work, why should the agents successfully connect?
BTW. I also tried the AWS way to connect, but OSX also has problems.
grodriguez:/ Guimo$ mount -t nfs4 -o nfsvers=4.1 100.100.100.68:/ /sharedfiles mount: exec /System/Library/Filesystems/nfs4.fs/Contents/Resources/mount_nfs4 for /sharedfiles: No such file or directoryAny help appreciated.
Regards, Guimo
Edit: In case is not clear from my note below. I started a debian using docker for mac, then I installed nfs4 support in the container, then I connected to the HaProxy tunnel. All went fine and I can see my testing.txt file.
So I guess this is an OSX problem specifically and nothing to do with the solution above which is awesome.
-
G Rodriguez almost 8 yearsJust FYI, I run a debian docker image, installed nfs support, connected to the EFS from my machine... all worked fine. I guess its OSX then.
-
Michael - sqlbot almost 8 yearsSpeculation, based on this --
mount -t nfs -o vers=4. Maybe other options, too, liketcpsince EFS only runs over TCP. -
G Rodriguez almost 8 yearsThanks Michael, tried that as well. My suspicion is that OSX is expecting a share folder like nfsip:/sharedfolder and the EFS shares are like nfsip:/ I believe it is trying to create a folder with the same name in the /Volumes folder.
-
Michael - sqlbot almost 8 yearsWhat's the response you get from
sudo mount -t nfs -o vers=4 -o tcp x.x.x.x:/ /sharedfiles? -
Michael - sqlbot almost 8 yearsOr this config change or this pseudo-URI from Finder. With the EFS share always being at the root, you'll want a trailing slash, though it might be possible to mount with a subdirectory name in the target, if you create one in the EFS share.
-
G Rodriguez almost 8 yearsHi Michael. I get this: ``` grodriguez:~ Guimo$ sudo mount -t nfs4 -o nfsvers=4.1,proto=tcp,port=2049 100.100.100.68:/ /Users/Guimo/sharedfiles mount: exec /System/Library/Filesystems/nfs4.fs/Contents/Resources/mount_nfs4 for /Users/Guimo/sharedfiles: No such file or directory ``` And I'm quite sure the folder exists locally.
-
G Rodriguez almost 8 yearsThank you for your help Michael but is too much time lost in something the OS should handle. We have decided for another alternative and drop AWS EFS from the design.
-
Michael - sqlbot almost 8 yearsI'm not affiliated with AWS, but I'm sorry to hear that. It sounds like there's a missing binary on the system. I'd like to think we'll find an answer -- it certainly has the potential to be useful to future visitors.
-
