How to Setup an Amazon AWS EC2 NFS Share

This article will be short and to the point, so whoever wants to mount a remote nfs share in their local machine they should be able to get it up and running in 5 mins or less. Here we go!

Step – 1 Setup AWS security groups

In your EC2 instance setup following Security group exemptions, it would be a good idea to create a separate security group called “NFS Services” or something to leave these exemptions separate from the rest of your security groups.

TCP
Port (Service) Source
111 0.0.0.0/0  
2049 0.0.0.0/0  
32768 0.0.0.0/0  
44182 0.0.0.0/0  
54508 0.0.0.0/0  
UDP
Port (Service) Source
111 0.0.0.0/0  
2049 0.0.0.0/0  
32768 0.0.0.0/0  
32770 – 32800 0.0.0.0/0  

I have set source to 0.0.0.0 for those ports but I do restrict who can access those services via /etc/hosts.deny in next step. Or if you prefer set the IP address of the client machine (external ip) to source when you add those port exemptions.

Step – 2 Install the NFS server

You need a running NFS service in your remote server so that the client can access shared directories/paths, install nfs server by typing the following line in the terminal of your aws instance.

sudo apt-get update && sudo apt-get install nfs-kernel-server

Step – 3 Decide what you want to share

Whatever you wanna share should go in /etc/exports file. So edit it using nano/vi/ or whatever text editor you have in the terminal, I use nano here

sudo nano /etc/exports

and add entries of the directories you want to share

/home/purinda *(rw,async,insecure,all_squash,no_subtree_check,anonuid=1001,anongid=1001)
/opt *(rw,no_subtree_check,sync,insecure)

If you read a nice article on how these exports thingy work you will figure out that the astrix is to specify the client IP (which can be specified as a CIDR address such as  241.111.42.23/32 or * to allow any client).

I have a different configuration set for /home/purinda as I use a Mac OSx 10.8.2 mountain lion client which uses nfsv2 client to connect and it require some security tweaks like I have mentioned. Or read my other article on this subject.

Step – 4 Reload the NFS service 

Type

sudo service nfs-kernel-server reload

to reload the NFS service on your ec2 instance.

and you may or may not require

exports -av

Step – 5 Connect!

In your local/desktop open up a terminal and create a directory which should be used for mounting the remote directory, for example if you want the remote /home/purinda mounted in your /Volumes/purinda in MacOS x

then

mkdir /Volumes/purinda
mount -t nfs -o nfsvers=2 <elastic-ip-of-ec2>:/home/purinda /Volumes/purinda/

on a linux desktop/client you may be able to just do

mount -t nfs <elastic-ip-of-ec2>:/home/purinda /Volumes/purinda/

Enjoy!

Advertisements