Hunter Ford Hunter Ford

Amazon EC2 and NFS

There is a lack of updated information online about launching NFS in EC2 specifically, so I thought I would contribute to help those who might encounter this in the future; and it's actually quite easy.

We're running Fedora 8 (while we wait for Fedora 13 to be supported).

NFS-utils and rpcbind should already be installed, but if not, you need to run the following on the instance that will act as the server:

yum install nfs-utils rpcbind

*Note: you'll find in a lot of tutorials portmap is used instead of rpcbind. Portmap was renamed to rpcbind.

Still on the server, we need to define what directory we want to share, with whom (which server), along with the permissions and options for that share.

# open up our definition file
nano /etc/exports

You can look at all the options in the exports man page.

For the purpose of this tutorial I'm just going to share a directory I created under /var/www

/var/www/test   ec2-180-71-131-129.compute-1.amazonaws.com(rw,async)

In the example above, I'm using the public DNS of one of my instances that has an elastic IP. Elastic IP DNS names inside EC2 get translated to internal IPs (you can verify it with ping). You can use hostnames, IPs, netmasks and even wildcards. rw specifies that it's read/writable and async allows disk operations to happen asynchronously. Next we need to load the changes.

exportfs -ar

You can use that anytime you add another mount point.

And now we need to start the server and related services:

service rpcbind start
service nfs start
service nfslock start

Next, we need to open up some ports in Amazon's security group. Through the EC2 Console or API, you want to allowing connections from your client to your server on the following ports:

TCP: 111, 2049
UDP: 111, 32806

On the client, you need to start nfslock and rpcbind, and optionally add them to startup:

service rpcbind start
service nfslock start
chkconfig --level 2345 rpcbind on
chkconfig --level 2345 nfslock on

We need to create a directory as a mount point and mount the NFS server:

mkdir /var/www/test
mount -t nfs ec2-180-71-131-132.compute-1.amazonaws.com:/var/www/test /var/www/test

*Make sure to change the host name to the hostname or IP of your NFS server.

That's all there is to it.

Originally I had only opened up port TCP 111 and 2049. This only gave me this error:

mount to NFS server '10.214.58.54' failed: timed out, retrying

I then opened up UDP 111 and by running the mount command in verbose mode (-v) I saw that I needed to open UDP 32806. It looks like the mount command requires TCP and UDP 111, but only TCP 2049 and UDP 32806.

If you want these services to run on startup, you'll want to do the following:

chkconfig --level 2345 rpcbind on
chkconfig --level 2345 nfs on
chkconfig --level 2345 nfslock on

And to have the mounts created at startup, edit /etc/fstab

ec2-180-71-131-132.compute-1.amazonaws.com:/var/www/test    /var/www/test       nfs rsize=8192,wsize=8192,timeo=14,intr 0 0