When Libboo migrated from hosting everything ourselves to using Amazon's Elastic Compute Cloud (EC2), we decided to do a bit of rearchitecting at the same time to make scaling easier in the future. Part of this was removing any assumptions that everything was running on a single server, so we wanted to put our data in one place that could be shared by any number of webservers.
As we are running everything on Linux, the obvious solution for this was the Network File System (NFS) protocol. NFS is established and well understood in the Unix world... which means that there are a number of tools built for it and most of the bugs are worked out (or at least well understood) already. We're using Ubuntu Server at Libboo, so that's what my examples use. But this should work identically on any Debian-based distribution and be similar anywhere else.
It turns out to be easy to run NFS in EC2, but I didn't see any good documentation about exactly how to do it. So to save others' time, here's what you need to do to set up NFS on Ubuntu 12.04 in EC2:
Step 1 - Install the NFS serverThis is trivial on Ubuntu Server:
sudo apt-get update && sudo apt-get install nfs-kernel-serverThis will download the latest version of the NFS server and set it up.
Step 2 - Configure the shared directories ("exports")Getting to the file you need to work on is simple:
sudo nano /etc/exportsActually configuring the exports is a bit more involved and unfortunately isn't a 'one size fits all' solution -- it just depends on what you want to share to whom and with what permissions. But on the bright side there is a lot of good information out there about configuring NFS exports:
- The NFS HOWTO has good, clear detail
- The Ubuntu Help Wiki also has good information, though it's a bit verbose for my taste
Step 3 - Tell the NFS server about the exportsOnce you've configured the exports, you need to tell the NFS server that you've done it:
sudo service nfs-kernel-server reloadThis will make the NFS server load the configuration you've done and start using it.
Step 4 - Configure EC2 securityThis is the magic bit that has to be done for everything else to work. You need to tell Amazon to allow other systems to connect to your server on the ports that NFS expects to use.
Go to the EC2 dashboard and select "Security Groups" under "NETWORK & SECURITY". Choose the security group you've put your NFS server in and add the following rules:
Inbound TCP ports 111, 2049, 44182, 54508
Inbound UDP ports 111, 2049, 32768, 32770 - 32800You should also be sure to limit these to a specific IP address (or range if you must). Leaving these at the default of 0.0.0.0/0 will allow anyone on the Internet to connect to your server. (You can -- and should -- also restrict this in the NFS configuration, but there's no sense in leaving ports open to anywhere you don't have to.)