AWS EFS based Cloud Storage with

Load Balancer

Abstract
We will create an Amazon EFS file system and attach it to multiple EC2 instances. We will then
verify access to the EFS file system from each instance. Following this, we will deploy a simple PHP
application that allows users to upload and download files from the EFS file system through a web
browser, using a designated domain name

Avinash Vamshi Hanumanthu

[avinashvamshi280@gmail.com]
 1

AWS EFS-Based Cloud Storage System with Load Balancer

Introduction

Context: ABC Company is a medium-sized financial firm with approximately 300 employees. The employees
frequently upload invoices and receipt images to their server, making these files accessible to all staff members.
The company seeks a scalable and highly available file-sharing solution that allows employees to upload and
access files through a web browser using a domain.

Objective

Create an EFS-Based Cloud Storage System with Load Balancer. We will create an Amazon EFS file system and
attach it to multiple EC2 instances. We will then verify access to the EFS file system from each instance.
Following this, we will deploy a simple PHP application that allows users to upload and download files from the
EFS file system through a web browser, using a designated domain.

Project Architecture

Figure 1: EFS Based Cloud Storage Project Architecture

Components Used:

EC2 (Elastic Compute Cloud): Scalable virtual servers in the cloud for running applications.

EFS (Elastic File System): Fully managed, scalable, shared file storage for use with AWS Cloud services and on-
premises resources.

VPC (Virtual Private Cloud): Isolated network environment for your AWS resources, allowing for custom
network configuration.
 2

ALB (Application Load Balancer): Load balancing for HTTP and HTTPS traffic, with advanced routing capabilities
to distribute incoming application traffic across multiple targets.

Route 53: Scalable and highly available Domain Name System (DNS) web service for domain registration and
routing.

Overview

This project aims to set up a Virtual Private Cloud (VPC) environment with associated resources to implement a
cloud-based file storage and web server system using Amazon Elastic File System (EFS) and an Application Load
Balancer (ALB). The project includes the creation of a VPC, security groups, EFS, EC2 instances, web server
configuration, PHP scripts for file management, and load balancing with Route 53.

Table of Contents

1. VPC Creation
2. Security Groups Creation
3. EFS File System Creation
4. EC2 Instances Creation and Configuration
5. Web Server and PHP Installation
6. PHP Scripts for File Upload and Download
7. Application Load Balancer Creation
8. Route 53 Domain Configuration
9. Verification and Testing

1. VPC Creation

Settings

• VPC Name: project-efs-vpc

• CIDR Block: 10.0.0.0/16
• Availability Zones (AZs): 2
• Public Subnets: 2 (one in each AZ)
• Private Subnets: 2 (one in each AZ)
• DNS Settings: Enable both DNS resolution and DNS hostnames

Steps

1. Create the VPC:

o Navigate to the VPC dashboard in AWS Management Console.
o Click "Create VPC".
o Enter the name project-efs and CIDR block 10.0.0.0/16.
o Enable both DNS options.
o Click "Create".
2. Create Subnets:
o Create two public subnets in different AZs (e.g., 10.0.1.0/24 and 10.0.2.0/24).
 3

o Create two private subnets in different AZs (e.g., 10.0.3.0/24 and 10.0.4.0/24).

Figure 2: VPC Creation

2. Security Groups Creation

Security Groups

1. MyWebServerSecurityGroup
o Allow inbound HTTP (port 80), HTTPS (port 443), and SSH (port 22) access.
o Allow full outbound access.
2. MyEFSMountTargetSecurityGroup
o Allow inbound NFS (port 2049) access from MyWebServerSecurityGroup.
o Allow full outbound access.

Steps

1. Create Security Groups:

o Navigate to the VPC dashboard.
o Select "Security Groups" and click "Create security group".
o Create MyWebServerSecurityGroup:
▪ Allow inbound rules for HTTP (80), HTTPS (443), and SSH (22).
▪ Allow all outbound traffic.
o Create MyEFSMountTargetSecurityGroup:
▪ Allow inbound NFS (2049) from MyWebServerSecurityGroup.
▪ Allow all outbound traffic.
 4

Figure 3: MyWebServerSecurityGroup

Figure 4: MyEFSMountTargetSecurityGroup
 5

3. EFS File System Creation

Settings

• Name: myefsFileServer
• VPC: project-efs-vpc
• Automatic Backups: Disabled
• Encryption: Disabled
• Security Group: MyEFSMountTargetSecurityGroup

Steps

1. Create the EFS:

o Navigate to the EFS dashboard.
o Click "Create file system".
o Name it myefsFileServer.
o Select the project-efs-vpc.
o Disable automatic backups and encryption.
o Choose the mount targets in the availability zones where EC2 instances will be deployed.
o Assign MyEFSMountTargetSecurityGroup.
o Note the DNS endpoint (e.g., fs-0388a11182575107b.efs.us-east-1.amazonaws.com).

Figure 5: my EFS File System

4. EC2 Instances Creation and Configuration

Steps
 6

1. Create EC2 Instances:

o Launch two EC2 instances in different AZs using the Amazon Linux 2 AMI.
o Place them in the public subnets and enable IPv4 Public Addresses.
o Assign the MyWebServerSecurityGroup.
2. Configure EC2 Instances:
o SSH into each instance and execute the following commands:

sudo yum update -y #updates all installed packages to their latest versions
sudo yum install -y amazon-efs-utils #installs the Amazon EFS utilities package
cd /mnt #changes working directory to mnt directory
sudo mkdir efs #creates a new directory named efs in the present working directory
sudo mount -t efs -o tls fs-0388a11182575107b.efs.us-east-1.amazonaws.com:/ efs #mounts an Amazon Elastic File
System (EFS) to the local directory "efs" using the EFS file system ID fs-0388a11182575107b, with encryption in
transit enabled
cd efs #changes the working directory to efs
sudo touch file1.txt #creates an empty file in the present working directory
ls -l #lists files and directories in the present working directory.

3. Verify EFS Mount:

o Ensure file1.txt is visible on both instances, confirming the shared EFS setup.

Figure 6: WebServer-One EC2 Instance in us-east-1a

 7

Figure 7: WebServer-Two EC2 instance in us-east-1b

Figure 8: WebServer-One Ec2 Instance Commands Execution

 8

Figure 9: WebServer-Two EC2 Instance Commands Execution

5. Web Server and PHP Installation

Steps

1. Install and Configure Apache and PHP:

o On both EC2 instances, execute:

sudo yum install httpd -y #installs the Apache Httpd Server Package
sudo systemctl start httpd #starts the Apache Server
sudo systemctl enable httpd #configures Apache Server to start at boot time automatically
sudo amazon-linux-extras install php7.4 -y #installs php version 7.4 using amazon linux extras
sudo yum install -y php php-cli php-fpm #installs the main PHP package (php), the PHP Command Line
Interface (php-cli), and the PHP FastCGI Process Manager (php-fpm)
sudo systemctl restart httpd #restarts the Apache Httpd Server
sudo mkdir /mnt/efs/uploads #creates a directory uploads at /mnt/efs directory
sudo chmod 777 /mnt/efs/uploads #sets the permission of /mnt/efs/uploads directory to read, write, execute

6. PHP Scripts for File Upload and Download

Files

1. upload_display.php
o Script to upload and display files.
o Path: /var/www/html/upload_display.php
 9

2. download.php
o Script to download files.
o Path: /var/www/html/download.php

Contents

upload_display.php:

<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_FILES['fileToUpload'])) {
$target_dir = "/mnt/efs/uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;

if (file_exists($target_file)) {
echo "Sorry, file already exists.<br>";
$uploadOk = 0;
}

if ($_FILES["fileToUpload"]["size"] > 5000000) {

echo "Sorry, your file is too large.<br>";
$uploadOk = 0;
}

$allowedTypes = ['jpg', 'jpeg', 'png', 'gif', 'pdf'];

$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
if (!in_array($imageFileType, $allowedTypes)) {
echo "Sorry, only JPG, JPEG, PNG, GIF & PDF files are allowed.<br>";
$uploadOk = 0;
}

if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.<br>";
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo "The file " . htmlspecialchars(basename($_FILES["fileToUpload"]["name"])) . " has been uploaded.<br>";
} else {
echo "Sorry, there was an error uploading your file.<br>";
}
}
}

$files = scandir('/mnt/efs/uploads');
?>

<!DOCTYPE html>
<html>
<body>

<form action="upload_display.php" method="post" enctype="multipart/form-data">

<h2><u>A Simple Cloud Storage Concept</u></h2>
<b>Select file to upload:</b>
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" value="Upload File" name="submit">
</form>

<h3>Uploaded Files:</h3>
 10

<ul>
<?php
foreach ($files as $file) {
if ($file != "." && $file != "..") {
echo "<li><a href='download.php?file=" . urlencode($file) . "' target='_blank'>" . $file . "</a></li>";
}
}
?>
</ul>

</body>
</html>

download.php:

<?php
$file = $_GET['file'];
$file_path = '/mnt/efs/uploads/' . basename($file);

if (file_exists($file_path)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($file_path));
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file_path));

readfile($file_path);
exit;
} else {
echo "File not found.";
}
?>

Steps

1. Upload Scripts to Web Server:

o Place the PHP files in /var/www/html/ on both EC2 instances.
2. Restart Apache:
o Execute:

sudo systemctl restart httpd

3. Access Web Interface:

o Open a web browser and navigate to the public IP of one of the EC2 instances followed by
/upload_display.php.
4. Upload and Download Files:
o Use the interface to upload files.
o Ensure files are listed and can be downloaded.
5. Repeat on Second EC2 Instance:
o Perform the same steps on the second EC2 instance to ensure consistency.
 11

7. Application Load Balancer Creation

Steps

1. Create Target Group:

o Navigate to the EC2 dashboard.
o Select "Target Groups" and create a new target group name efs-target-group
o Choose "Instances" as the target type.
o Select the VPC project-efs-vpc.
o Add both EC2 instances to the target group.
2. Create Application Load Balancer:
o Navigate to the "Load Balancers" section and create an ALB named efs-alb
o Select "Application Load Balancer".
o Name the ALB (e.g., efs-alb).
o Select the VPC project-efs-vpc.
o Choose the public subnets.
o Assign a security group that allows HTTP (80) traffic.
o Attach the previously created target group.
3. Note the ALB DNS Name:
o After creation, note the DNS name of the ALB.

Figure 10: Application Load balancer with the Target Group

 12

Figure 11: ALB Target Groups

8. Route 53 Domain Configuration

Steps

1. Create a Hosted Zone:

o Navigate to the Route 53 dashboard.
o Create a new hosted zone for your domain, named avinashvamshih.online
2. Create Alias Record:
o Within the hosted zone, create an alias record that points to the ALB DNS name.
3. Verify DNS Resolution:
o Ensure that navigating to the domain resolves to the ALB and serves the web interface.
 13

Figure 12: Route 53 Hosted Zone

Figure 13: DNS Name Servers on External Registrar

 14

9. Verification and Testing

Steps

1. Access Domain:
o Open a web browser and navigate to the domain name configured in Route 53.
2. Test File Upload and Download:
o Use the web interface to upload and download files.
o Verify that the files are accessible from both EC2 instances via the ALB.
3. Check Load Balancing:
o Ensure requests are balanced across the EC2 instances.

Outcome

• Files uploaded from the web interface should be visible and downloadable from any instance via the
ALB.
• Load balancing should distribute traffic between the two EC2 instances effectively.

Figure 14: Uploading Files through Domain Name

Conclusion

The setup provides a scalable and reliable cloud storage solution using AWS VPC, EFS, EC2 instances, and an
Application Load Balancer. The web interface allows for easy file uploads and downloads, leveraging the shared
EFS storage, and the ALB ensures high availability and load distribution.