AWS Storage Services - EFS

Question 1

EFS Features
A fully-managed file storage service that makes it easy to set up and scale file storage in the Amazon Cloud
The service manages all the file storage infrastructure for you, avoiding the complexity of deploying, patching, and maintaining complex file system configurations.
EFS supports the network file system version 4 protocol
Multiple EC2 instances can access an EFS file system at the same time, providing a common data source for workloads and applications running on more than one instance or server
EFS file systems store data and metadata across multiple AZs in a region
EFS file systems can grow to petabyte scale, drive high levels of throughput, and allow massively parallel access from EC2 instances to your data
EFS provides file system access semantics, such as strong data consistency and file locking
EFS enables you to control access to your file systems through portable operating system interface (POSIX) permissions
Moving your EFS file data can be managed simply with DataSync - a managed data transfer service that makes it faster and simpler to move data between on-premises storage and EFS.
You can schedule automatic incremental backups of your EFS file system using EFS-to-EFS backup solution
EFS infrequent access (EFS IA) is a new storage class for EFS that is cost-optimized for files that are accessed less frequently. Customers can use EFS IA by creating a new file system and enabling lifecycle management. With lifecycle management enabled, EFS automatically will move files that have not been accessed for 30 days from standard storage class to the infrequent access storage class.

Answer 1

EFS features

Question 2

Performance Modes
General purpose performance mode (default)
ideal for latency-sensitive use cases

max I/O mode - can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for file operations

Answer 2

Performance Modes

Question 3

Throughput Modes
Bursting throughput mode (default)
throughput scales as your file system grows

Provisioned throughput mode
you specify the throughput of your file system independent of the amount of data stored

Answer 3

Throughput Modes

Question 4

Mount Targets
to access your EFS file system in a VPC, you create one ore more mount targets in the VPC. A mount target provides an IP address for an NFSv4 Endpoint
You can create one mount target in each AZ in a region
you mount your file system using its DNS name, which will resolve to the IP address of the EFS mount target. format of DNS is file-system-id.efs.aws-region.amazonaws.com
when using EFS with an on-premises server, your on-premises server must have a linux based operating system

Answer 4

Mount Targets

Question 5

Access Points
EFS Access Points simplify how applications are provided access to shared data sets in an EFS file system.
EFS Access Points work together with IAM and enforce an operating system user and group, and a directory for every file system request made through the access point

Answer 5

Access Points

Question 6

Components of a file system
ID
creation token
creation time
file system size in bytes
number of mount targets created for the file system
file system state
mount target

Answer 6

Components of a file system

Question 7

Data Consistency
EFS provides the open-after-close consistency semantics that applications expect from NFS
write operations will be durably stored across AZs
applications that perform synchronous data access and perform non-appending writes will have read-after-write consistency for data acces

Answer 7

Data Consistency

Question 8

Managing File Systems
You can create encrypted file systems. EFS supports encryption in transit and encryption at rest. Managing file system network accessibility refers to managing the mount targets: creating and deleting mount targets in a VPC and updating the mount target configuration.
You can create new tags, update values of existing tags, or delete tags associated with a file system
The following list explains the metered data size for different types of file system objects.
Regular files - the metered data size of a regular file is the logical size of the file rounded to the next 4 kib increment, except that it may be less for sparse files
A sparse file is a file to which data is not written to al positions of the file before its logical size is reached. For a sparse file, if the actual storage used is less than the logical size rounded to the next 4 kib increment, EFS reports actual storage used as the metered data size
Directories - the metered data size of a directory is the actual storage used for the directory entries and the data structure that holds them, rounded to the next 4 kib increment. The metered data size doesn’t include the actual storage used by the file data
symbolic links and special files - the metered data size for these objects is always 4 kib

File system deletion is a destructive action that you can’t undo. you lose the file system and any data you have in it, and you can’t restore the data. You should always unmount a file system before you delete it.

you can use DataSync to automatically, efficiently, and securely copy files between two EFS resources, including file systems in different regions and ones owned by different AWS accounts. Using DataSync to copy data between EFS file systems, you can perform one-time migrations, periodic ingest for distributed workloads, or automate replication for data protection and recovery.

Answer 8

Managing File Systems

Question 9

Mounting File systems
to mount your EFS file system on your EC2 instance, use the mount helper in the amazon-efs-utils package
you can mount your EFS file systems on your on-premises data center servers when connected to your VPC with Direct Connect or VPN
you can use fstab to automatically mount your file system using the mount helper whenever the EC2 instance is mounted on reboots

Answer 9

Mounting File systems

Question 10

Lifecycle Management
You can choose from five EFS lifecycle management policies (7,14,30,60, or 90 days) to automatically move files into the EFS infrequent access (EFS IA) storage class and save up to 85% in cost

Answer 10

Lifecycle Management

Question 11

Monitoring File Systems
CloudWatch Alarms
CloudWatch Logs
CloudWatch Events
CloudTrail Log Monitoring
Log files on your file system

Answer 11

Monitoring File Systems

Question 12

Security
You must have valid credentials to make EFS API requests, such as create a file system
you must also have permissions to create or access resources
when you first create the file system, there is only one root directory at /. By default, only the root user (UID 0) has read-write-execute permissions.
Specify EC2 security groups for your EC2 instances and security groups for the EFS mount targets associated with the file system
You can use IAM to manage Network File System (NFS) access for EFS. You can use IAM roles to identify NFS clients with cryptographic security and use IAM policies to manage client-specific permissions

Answer 12

Security

Question 13

Pricing
you pay only for the storage used by your file system
costs related to provisioned throughput are determined by throughput values you specify.

Answer 13

Pricing

Question 14

EBS vs S3 vs EFS
EFS use cases - big data analytics, media processing workflows, content management, web serving, and home directories
EBS use cases - boot volumes, transactional and NoSQL databases, data warehousing, and ETL
S3
web serving and content management, media and entertainment, backups, big data analytics, data lake.

Answer 14

EBS vs S3 vs EFS