如何在 EFS 上创建文件夹? [英] How do I create a folder on EFS?
问题描述
我使用 Terraform 设置了一个 ECS 集群.一切正常,但我有几个问题.
1. 据我了解,EFS 卷不需要挂载到 ECS 实例.AWS 允许我们将 EFS 卷文件夹直接挂载到容器.我说得对吗?
资源aws_ecs_task_definition"任务"{家庭 = var.ServiceNamecontainer_definitions = 文件(service.json")标签 = {名称 = data.terraform_remote_state.Cluster.outputs.TagName项目 = data.terraform_remote_state.Cluster.outputs.TagName}体积 {名称 = 服务存储"efs_volume_configuration {file_system_id = data.terraform_remote_state.Cluster.outputs.EfsVolumeIdroot_directory = "/";}}}root_directory 此处是 EFS 卷内部到文件夹的路径,该文件夹将挂载到容器.
service.json
<预><代码>[{名称":nginx13",图像":nginx",记忆":256,挂载点":[{容器路径":/usr/share/nginx/html",sourceVolume":服务存储"}],端口映射":[{容器端口":80}]}]containerPath 这里是容器内部到安装点的路径,root_directory 文件夹将在该安装点安装.所以没有与ECS实例挂载点或路径相关的参数.
2. 在创建新任务之前,我需要在 EFS 卷上创建一个文件夹,以便稍后将容器安装到该卷上.现在,我只能使用 EFS 卷的根文件夹,因为它是空的.因此,我正在寻找一种使用 terraform 模板管理在 EFS 卷上创建和删除文件夹的方法.这是问题的第一部分,第二部分是将文件放在该文件夹中.什么是最佳实践?我应该使用某种部署解决方案,如 Jenkins 还是可以仅使用 Terraform 来完成?EFS 文件夹权限如何?他们需要改变吗?
使用 EFS 访问点:https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html
接入点通过在 EFS 中创建目录来工作.然后,您可以设置对该目录的访问权限.无论如何,这可能更适合您正在做的事情,因为它可以为您提供访问控制.
<块引用>如果文件系统上不存在访问点的根目录路径,Amazon EFS 会自动创建具有可配置所有权和权限的根目录.
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_access_point
如果这不合适:
我建议使用 lambda.
您可以使用您熟悉的任何可以挂载 EFS 的语言编写 lambda.然后让它创建一个目录.然后你可以用一个空资源 local-exec 调用这个 lambda.
I set up an ECS Cluster with Terraform. Everything works great, but I have a few questions about it.
1. As far as I understood, an EFS volume doesn't need to be mounted to ECS instances. AWS allows us to mount an EFS volume folder directly to a container. Am I right?
resource "aws_ecs_task_definition" "Task" {
family = var.ServiceName
container_definitions = file("service.json")
tags = {
Name = data.terraform_remote_state.Cluster.outputs.TagName
Project = data.terraform_remote_state.Cluster.outputs.TagName
}
volume {
name = "service-storage"
efs_volume_configuration {
file_system_id = data.terraform_remote_state.Cluster.outputs.EfsVolumeId
root_directory = "/"
}
}
}
root_directory here is the path inside of the EFS volume to the folder, which will be mounted to a container.
service.json
[
{
"name": "nginx13",
"image": "nginx",
"memory": 256,
"mountPoints": [
{
"containerPath": "/usr/share/nginx/html",
"sourceVolume": "service-storage"
}
],
"portMappings": [
{
"containerPort": 80
}
]
}
]
containerPath here is the path inside of the container to the mount point where the root_directory folder will be mounted. So there is no parameter related to an ECS instance mount point or path to it.
2. Before I create a new task, I need to create a folder on the EFS volume to mount containers to it later. Now, I can use only the root folder of the EFS volume because it is empty. So, I am looking for a way to manage creating and deleting folders on EFS volumes with a terraform template. And this is the first part of the problem, the second part is to put files in that folder. What are the best practices for that? Should I use some kind of deployment solution like Jenkins or it could be done just with Terraform? What about the EFS folder permissions? Do they need to be changed?
Use EFS Access Points: https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html
Access points work by creating a directory within the EFS. You can then set access permissions on that directory. This is probably better for what you're doing anyway as it gives you access control.
If a root directory path for an access point doesn't exist on the file system, Amazon EFS automatically creates that root directory with configurable ownership and permissions.
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_access_point
If this isn't a good fit:
I would recommend using lambda.
You can write a lambda in any language you're comfortable with that can mount the EFS. Then have it create a directory. Then you can call this lambda with a null resource local-exec.
这篇关于如何在 EFS 上创建文件夹?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
