Amazon Elastic File System (EFS) - How To Access Files

[jimmyjuarez]

This project is an excellent starter-kit to help someone (me) with novice experience to build a production-ready AWS environment with minimal effort--thank you! With that said, I'm having a difficult time accessing the files stored on the EFS from a NFS client on my mac. Ideally, I am looking for an easy solution similar to FTP, where I can connect to an EFS server to CRUD files included in the WordPress distribution, but I don't know where to start. On a similar note, I successfully implemented "W3 Total Cache" per the instructions found in this document: http://d0.awsstatic.com/whitepapers/deploying-wordpress-with-aws-elastic-beanstalk.pdf (page 23). I attached an S3 Origin to my CloudFront distribution, now I can access the wp-includes and wp-content folders directly from my FTP client, Transmit, that supports S3. I would like to access EFS in a similar fashion to FTP, please help.

[RGuilfoyle]

Currently accessing EFS from on-premises systems is only supported using Direct Connect; https://aws.amazon.com/efs/faq/#on-premises. There may be other ways to achieve this, I have seen mention of accessing over a TLS or SSH tunnel, though the FAQ specifically points out that access over a VPN is unsupported.

You might have some success modifying the architecture to allow the bastion host to mount the EFS File System and then use an SSH tunnel to access it from your Mac. A better approach might be to build an SSH tunnel through to a WordPress instance, via the bastion. Neither would really be considered best practice and so I'm afraid are unlikely to be integrated in the Reference Architecture.

[jimmyjuarez]

Thanks @RGuilfoyle for the suggestions. I would like to explore your last recommendation a bit more, to build a SSH tunnel through to a WordPress instance, via the bastion. Can you walk me through what this would look like, step-by-step? As I mentioned, I'm a complete novice.

[jimmyjuarez]

I've searched high and low for a solution to access files, from trying to implement a VPN to trying to implement Direct Connect to trying to use an SSH tunnel through the bastion--I can't seem to figure this one out. Basically, all I'm trying to do is install Wordpress themes and plugins, but I get stopped by the error message "The uploaded file exceeds the upload_max_filesize directive in php.ini.". How do I increase the upload_max_filesize limit in this environment that is preventing me from installing themes and plugins?

[RGuilfoyle]

Jimmy, this looks like a change is needed in php.ini. You should be able to start a bastion by changing the desired capacity on the Auto Scaling group to 1. This can be done through the console. Once a bastion host is booted you can log in via SSH. From there you can log into your WordPress instances and edit the php.ini file. This change will, however, be reverted as new instances are deployed. I'll investigate implications of adding this to the templates to increase the default.

Note: The bastion will automatically recognise your ssh key to allow you to log in. You will have to copy the private key to the bastion to allow onward access to the WordPress instances.

[darrylsosborne]

To SSH to any instance in private subnets (web, etc.):

• change the min & desired instance count of the Bastion ASG to 1
• wait for the Bastion instance to launch
• follow the direction from our AWS Security blog to SSH to instances in private subnets - https://aws.amazon.com/blogs/security/securely-connect-to-linux-instances-running-in-a-private-amazon-vpc/

[lfreneda]

@darrylsosborne can you explain a little bit more? ;(

[jimmyjuarez]

Step 1: Download your EC2 keypair (.pem file) on you local machine;

Step 2: Launch the Bastion Host EC2 > Auto Scaling > Auto Scaling Group, set Desired, Min, and Max to “1”, the Bastion Host will launch automatically;

Step 3: Open console/terminal, key in the following commands:

Step 4: Load Keypar $ ssh-add -K /[your-keypair-path]/[your-keypair-file].pem

Step 5: SSH into Bastion Host $ ssh -A ec2-user@[EC2 Bastion Public DNS (IPv4) IP]

Step 6: SSH into Web Server $ ssh -A ec2-user@[EC2 Web ASG Private DNS IP]

Step 7: Open php.ini $ sudo vi /etc/php.ini

Step 8: Edit “Upload Max File Size” parameter (upload_max_filesize = 90M)

Step 9: Restart Apache $ sudo service httpd restart

Step 10: Reset the Auto Scaling Group and Terminate Bastion Host

[lfreneda]

@jimmyjuarez u r GOD :innocent:

[jimmyjuarez]

@lfreneda, thank you. All the thanks goes to @darrylsosborne and @RGuilfoyle for building and supporting such an amazing project. Looking forward to where they take this thing next!

[lfreneda]

@jimmyjuarez sure.

did u have issues updating and installing plugins?

[narimanahmadi]

Hi,

I have a question and hope you can help me. Our Wordpress team needs access to the WordPress directory through sftp/scp.

What is the best way to do so? Any suggestions would be really appreciated!

Thanks