Suman Debnath, profile picture
Uploaded bySuman Debnath
PDF, PPTX31 views

EFS_Integration.pdf

The document discusses Amazon EFS (Elastic File System) and how it can be used with serverless and containerized applications. Some key points discussed include: - Stateful applications benefit from durable shared storage provided by Amazon EFS for storing state. - Distributed applications like web serving and machine learning inference benefit from a shared storage layer. - Modern data-intensive applications require fast access to large volumes of data stored in Amazon EFS. - Amazon EFS can be used to migrate existing applications to the cloud or modernize applications into containerized/serverless architectures for increased scalability and efficiency. - Amazon EFS provides a shared file system that can be mounted by containers,

Download as PDF, PPTX
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. Suman Debnath Developer Advocate, Amazon EFS Amazon EFS Serverless and Container Integration
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Stateful applications need durable shared storage Availability and durability Data sharing Scalable ā€¦ Containers and serverless functions are transient in nature; long-running applications can benefit from keeping state in a durable storage Distributed applications like web serving, machine learning inference, and continuous integration and delivery benefit from shared storage layer Modern data-intensive applications like analytics require fast access to large volumes of data
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Lift & shift today, accelerate modernization Migrate Lift & shift applications to the cloud Amazon EKS Amazon ECS AWS Fargate AWS Lambda Amazon SageMaker Amazon EFS Amazon EC2
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Lift & shift today, accelerate modernization Migrate Lift & shift applications to the cloud Amazon EKS Amazon ECS AWS Fargate AWS Lambda Amazon SageMaker Amazon EFS Amazon EC2 Modernize Convert existing applications and build new applications with microservices like containers and serverless
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Availability zone Availability zone AWS Lambda Mount Target Mount Target Amazon EFS file system Amazon EFS and AWS Lambda
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Availability zone Availability zone AWS Lambda Mount Target Mount Target Amazon EFS file system Elastic, shared, serverless storage Petabyte-scale elastic storage for Lambda functions Build stateful applications Low-latency Pay for what you use Serverless storage Share data across 1000s of function invocations Amazon EFS and AWS Lambda
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon EFS and AWS Lambda : How it works Create an Amazon EFS file system
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Create an Amazon EFS file system Create an Access Point Amazon EFS and AWS Lambda : How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Configuring the Access Point Amazon EFS and AWS Lambda : How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Configuring the Access Point Creating the Lambda Function Amazon EFS and AWS Lambda : How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Adding the file system Amazon EFS and AWS Lambda : How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Adding the file system Select the file system Amazon EFS and AWS Lambda : How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL What we are going to build ? User Request Prediction
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Letā€™s focus on thisā€¦ User Request Prediction
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Client Application Architecture
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application User Request Architecture
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer AWS Lambda Trigger
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer AWS Lambda Trigger Response Prediction
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer AWS Lambda Trigger Response Prediction
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer AWS Lambda Trigger Response Prediction
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer AWS Lambda Trigger Response Prediction app1(s3-efs) app2(ml-inference)
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Demo @ aws-samples/amazon-efs-developer-zone
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon Elastic File System (Amazon EFS) EC2 instance or on-premises server Application code Task Container 1 Container 2 Amazon ECS Amazon EC2 Pod Container 1 Container 2 Amazon EKS Amazon EC2 CSI driver AWS Fargate AWS Fargate Elastic, shared, highly-available storage Persist storage across containers Pay for what you use Serverless storage Application level security Amazon ECS and AWS Container Services
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon ECS and Amazon EFS: How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon ECS Cluster Amazon ECS and Amazon EFS: How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon ECS Cluster Create Amazon ECS and Amazon EFS: How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon ECS Cluster Create a security group for Amazon EFS Create an Amazon EFS file system Amazon ECS and Amazon EFS: How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon ECS and Amazon EFS: How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Create a task definition Mount Point definition Amazon ECS and Amazon EFS: How it works
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon EKS Cluster Amazon EFS CSI Driver for Kubernetes
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon EKS Cluster Create a security group for Amazon EFS Amazon EFS CSI Driver for Kubernetes
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon EKS Cluster Create a security group for Amazon EFS Create an Amazon EFS file system Amazon EFS CSI Driver for Kubernetes
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon EKS Cluster Create a security group for Amazon EFS Create an Amazon EFS file system Deploy EFS CSI Driver (Open Source) Amazon EFS CSI Driver for Kubernetes
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Defining Storage class Amazon EFS CSI Driver for Kubernetes
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Defining Storage class Persistent Volume Claim Mounting on the container/pod Amazon EFS CSI Driver for Kubernetes
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Kubeflow with Amazon EKS and Amazon EFS Amazon EKS Training Container 2 Training Container n Amazon EFS CSI driver Pod Pod Amazon ECR Pod Training Container 1 Build the container image for training and push it to ECR Save the training dataset on Amazon EFS
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon EFS Developer Zone
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. Suman Debnath Developer Advocate, Amazon EFS Thank You
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Backup
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Goals for security and identity 1. File systems should only be mountable by applications that need them 2. Applications that mount file systems should only have access to data they need Amaz on EFS $ cat /my_app/data ### SUCCESS THIS IS MY FILE ### $ cat /someone_elses_app/data cat: /someone_elses_app/data : Permission denied
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Using IAM for file system access { ā€œStatementā€ : { ā€œEffectā€ : ā€œallowā€, ā€œActionā€ : ā€œelasticfilesystem:Client*ā€, ā€œPrincipalā€ : { ā€œAWSā€: ā€œarn:..Lambdaā€ } } } Amazon EFS IAM { ā€œStatementā€ : { ā€œEffectā€ : ā€œallowā€, ā€œActionā€ : ā€œelasticfilesystem:Client*ā€, "Resource": ā€fs-feedfeed" } } Task or execution role Function Container ECS EKS Lambda
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Understanding container identity ECS task Task identity (IAM role) IAM Container image Application identity User: Root Group: Root $ ls ā€“l /efs/home drwx------ bob . BobHome drwx------ maria . MariaHome drwxrwx--- . biusers BI_Shared By default, POSIX identity comes from the container image, not the task/pod runtime
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Understanding function identity Lambda function IAM $ ls ā€“l /efs/home drwx------ bob . BobHome drwx------ maria . MariaHome drwxrwx--- . biusers BI_Shared By default, Lambda functions have no predetermined identity Task identity (IAM role)
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL Amazon EFS access points { ā€œNameā€: ā€œMyAppā€, "FileSystemId": ā€fs-feedfeed", ā€œPosixUserā€: { ā€œUidā€: 123 ā€œGidā€: 123, ā€œSecondaryGidsā€: [100, 200, 300] }, ā€œRootDirectoryā€: { ā€œPathā€: ā€œ/apps/myappā€, ā€œCreationInfoā€: { ā€œOwnerUidā€: 123, ā€œOwnerGidā€: 123, ā€œPermissionsā€: ā€œ0700ā€ } } } Creates application-specific directory and permissions No Amazon EC2 instance required Applications only see the data they need Enforces file system identity Root containers cannot escalate access Arbitrary users are not locked out ECS EKS Lambda
Ā© 2022, Amazon Web Services, Inc. or its Affiliates. CONFIDENTIAL { ā€œNameā€: ā€œMyAppā€, ā€œPosixUserā€: { ā€œUidā€: 123 ā€œGidā€: 123, ā€œSecondaryGidsā€: [100, 200, 300] }, ā€œRootDirectoryā€: { ā€œPathā€: ā€œ/apps/myappā€, ā€œCreationInfoā€: { ā€œOwnerUidā€: 123, ā€œOwnerGidā€: 123, ā€œPermissionsā€: ā€œ0700ā€ } } } How Amazon EFS access points work Amazon EFS with POSIX permissions ā€œEffectā€ : ā€œallowā€, ā€œActionā€ : ā€œelasticfilesystem:Client*ā€, ā€œPrincipalā€ : { ā€œAWSā€: ā€œapproleā€ }, ā€œConditionā€* : {ā€œaccessPointArnā€ : ā€œfsap-1234ā€

More Related Content

PPTX
AWS SSA Webinar 8 - Getting Started on AWS: Compute
byCobus Bernard
Ā 
PDF
Amazon Web Services_2019_0314-STG_Slide-Deck.pdf
byNguyen Van Linh
Ā 
PDF
Amazon Elastic File System (Amazon EFS)
byDanilo Poccia
Ā 
PDF
Modern Applications Web Day | Container Workloads on AWS
byAWS Germany
Ā 
PDF
Containers on AWS - State of the Union
byAWS Germany
Ā 
PDF
India cloudsummit Bangalore - Advanced Container Use-cases on AWS Container S...
byMani Chandrasekaran
Ā 
PDF
Enable stateful applications on aws with persistent storage for k8s.pptx
byLibbySchulze
Ā 
PDF
AWS Black Belt Online Seminar 2018 re:Invent Recap: Compute, Container and Ne...
byAmazon Web Services Japan
Ā 
AWS SSA Webinar 8 - Getting Started on AWS: Compute
byCobus Bernard
Ā 
Amazon Web Services_2019_0314-STG_Slide-Deck.pdf
byNguyen Van Linh
Ā 
Amazon Elastic File System (Amazon EFS)
byDanilo Poccia
Ā 
Modern Applications Web Day | Container Workloads on AWS
byAWS Germany
Ā 
Containers on AWS - State of the Union
byAWS Germany
Ā 
India cloudsummit Bangalore - Advanced Container Use-cases on AWS Container S...
byMani Chandrasekaran
Ā 
Enable stateful applications on aws with persistent storage for k8s.pptx
byLibbySchulze
Ā 
AWS Black Belt Online Seminar 2018 re:Invent Recap: Compute, Container and Ne...
byAmazon Web Services Japan
Ā 

Similar to EFS_Integration.pdf

PPTX
AWS SSA Webinar 12 - Getting started on AWS with Containers
byCobus Bernard
Ā 
PDF
Containers on AWS
byReham Maher El-Safarini
Ā 
PDF
Getting started with AWS Storage PDF slide.pdf
byAvneesh Jain
Ā 
PPTX
Pitt Immersion Day Module 4 - storage in AWS
byEagleDream Technologies
Ā 
PDF
[AWS Container Service] Getting Started with Cloud Map, App Mesh and Firecracker
byAmazon Web Services Korea
Ā 
PDF
Getting started with Amazon ECS
byIoannis Polyzos
Ā 
PPTX
How Easy to Automate Application Deployment on AWS
byInstitut Teknologi Sepuluh Nopember Surabaya
Ā 
PPTX
ECS and Docker at Okta
byJon Todd
Ā 
PDF
Amazon EFS (Elastic File System) ģ“ķ•“ķ•˜ź³ ģ‚¬ģš©ķ•˜źø°
byAmazon Web Services Korea
Ā 
PDF
intro elastic container service amazon aws
byDanielJara92
Ā 
PDF
Securing Container-Based Applications at the Speed of DevOps
byDevOps.com
Ā 
PDF
Securing Container-Based Applications at the Speed of DevOps
byWhiteSource
Ā 
PPTX
AWS User Group 5/12 meetup - ECS
byShimon Tolts
Ā 
PDF
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
byAWS Summits
Ā 
PDF
Microservices for Startups - Donnie Prakoso - AWS - CC18
byCodeOps Technologies LLP
Ā 
PPTX
Containers State of the Union I AWS Dev Day 2018
byAWS Germany
Ā 
PDF
Amazon Container Services - Let me count the ways
byRichard Harvey
Ā 
PDF
A 60-minute tour of AWS Compute (November 2016)
byJulien SIMON
Ā 
PPTX
Armazenamento em Amazon Web Service para Setor Publico
byAmazon Web Services LATAM
Ā 
PDF
[AWS Start-up ć‚¼ćƒŸ / DevDay ē·Ø] 悈恏恂悋čŖ²é”Œć‚’äø€ę°—ć«č§£čŖ¬ļ¼ å¾”ē¤¾ć®ęŠ€č”“ćƒ¬ćƒ™ćƒ«ćŒć‚¢ćƒƒćƒ—ć™ć‚‹ 2018 ē§‹ęœŸč¬›ēæ’
byAmazon Web Services Japan
Ā 
AWS SSA Webinar 12 - Getting started on AWS with Containers
byCobus Bernard
Ā 
Containers on AWS
byReham Maher El-Safarini
Ā 
Getting started with AWS Storage PDF slide.pdf
byAvneesh Jain
Ā 
Pitt Immersion Day Module 4 - storage in AWS
byEagleDream Technologies
Ā 
[AWS Container Service] Getting Started with Cloud Map, App Mesh and Firecracker
byAmazon Web Services Korea
Ā 
Getting started with Amazon ECS
byIoannis Polyzos
Ā 
How Easy to Automate Application Deployment on AWS
byInstitut Teknologi Sepuluh Nopember Surabaya
Ā 
ECS and Docker at Okta
byJon Todd
Ā 
Amazon EFS (Elastic File System) ģ“ķ•“ķ•˜ź³ ģ‚¬ģš©ķ•˜źø°
byAmazon Web Services Korea
Ā 
intro elastic container service amazon aws
byDanielJara92
Ā 
Securing Container-Based Applications at the Speed of DevOps
byDevOps.com
Ā 
Securing Container-Based Applications at the Speed of DevOps
byWhiteSource
Ā 
AWS User Group 5/12 meetup - ECS
byShimon Tolts
Ā 
Deep Dive on Amazon Elastic Container Service (ECS) | AWS Summit Tel Aviv 2019
byAWS Summits
Ā 
Microservices for Startups - Donnie Prakoso - AWS - CC18
byCodeOps Technologies LLP
Ā 
Containers State of the Union I AWS Dev Day 2018
byAWS Germany
Ā 
Amazon Container Services - Let me count the ways
byRichard Harvey
Ā 
A 60-minute tour of AWS Compute (November 2016)
byJulien SIMON
Ā 
Armazenamento em Amazon Web Service para Setor Publico
byAmazon Web Services LATAM
Ā 
[AWS Start-up ć‚¼ćƒŸ / DevDay ē·Ø] 悈恏恂悋čŖ²é”Œć‚’äø€ę°—ć«č§£čŖ¬ļ¼ å¾”ē¤¾ć®ęŠ€č”“ćƒ¬ćƒ™ćƒ«ćŒć‚¢ćƒƒćƒ—ć™ć‚‹ 2018 ē§‹ęœŸč¬›ēæ’
byAmazon Web Services Japan
Ā 

More from Suman Debnath

PPTX
OpenSourceIndia-Suman.pptx
bySuman Debnath
Ā 
PDF
Introduction to AWS
bySuman Debnath
Ā 
PPTX
Develop a Graph Based Recommendation System in Python on AWS
bySuman Debnath
Ā 
PDF
Deploy PyTorch models in Production on AWS with TorchServe
bySuman Debnath
Ā 
PDF
Data engineering
bySuman Debnath
Ā 
PDF
Introduction to AI/ML with AWS
bySuman Debnath
Ā 
PDF
AWS AI Services 101
bySuman Debnath
Ā 
PDF
AWS DynamoDB
bySuman Debnath
Ā 
PDF
An introduction to the Transformers architecture and BERT
bySuman Debnath
Ā 
PDF
Introduction to Transformers
bySuman Debnath
Ā 
PDF
Transformers and BERT with SageMaker
bySuman Debnath
Ā 
PDF
Introduction to ML and Decision Tree
bySuman Debnath
Ā 
PDF
LambdaMongoDB.pdf
bySuman Debnath
Ā 
PPTX
AWS Serverless with Chalice
bySuman Debnath
Ā 
PDF
Docker on AWS
bySuman Debnath
Ā 
PDF
Introduction to k-Nearest Neighbors and Amazon SageMaker
bySuman Debnath
Ā 
OpenSourceIndia-Suman.pptx
bySuman Debnath
Ā 
Introduction to AWS
bySuman Debnath
Ā 
Develop a Graph Based Recommendation System in Python on AWS
bySuman Debnath
Ā 
Deploy PyTorch models in Production on AWS with TorchServe
bySuman Debnath
Ā 
Data engineering
bySuman Debnath
Ā 
Introduction to AI/ML with AWS
bySuman Debnath
Ā 
AWS AI Services 101
bySuman Debnath
Ā 
AWS DynamoDB
bySuman Debnath
Ā 
An introduction to the Transformers architecture and BERT
bySuman Debnath
Ā 
Introduction to Transformers
bySuman Debnath
Ā 
Transformers and BERT with SageMaker
bySuman Debnath
Ā 
Introduction to ML and Decision Tree
bySuman Debnath
Ā 
LambdaMongoDB.pdf
bySuman Debnath
Ā 
AWS Serverless with Chalice
bySuman Debnath
Ā 
Docker on AWS
bySuman Debnath
Ā 
Introduction to k-Nearest Neighbors and Amazon SageMaker
bySuman Debnath
Ā 

Recently uploaded

PDF
Top-10-Cloud-Service-Companies-in-2025-Market-Leaders-and-Innovators.pdf
byArtjoker Software Development Company
Ā 
PDF
Top 11 Sites to Buy Verified GitHub Accounts in 2025
byBuy GitHub Accounts Looking for a verified GitHub account?
Ā 
PDF
SQL Server BI Modeling Designing Data for Success with SqlDBM.pdf
bySQL DBM
Ā 
PDF
n8n - Next Generation Workflow Automation with Open Source
byDaisuke Masuda
Ā 
PDF
Immer vorne mit dabei sein - Roaming leicht gemacht
bypanagenda
Ā 
PDF
Embracing Karpenter to scale, optimise and upgrade Kubernetes
byMarko Bevc
Ā 
PDF
AI Enabled Task Automation Technology Trends in the IT Industry
byManish Chopra
Ā 
PDF
FME Realize in the Real World - The Power of Spatial Computing in Action
bySafe Software
Ā 
PDF
RaBitQ, JSON Index, Schema Evolution, What's New in Milvus 2.6
byZilliz
Ā 
PPTX
Autonomous Convoy Routing via Drone Swarms and Multi-Modal Threat Detection
byIvan Ruchkin
Ā 
PDF
The End of the Missed Call - How AI Recaptures Lost Leads and Secures ROI
byiovox
Ā 
PPTX
Artificial Intelligence lecture slides.pptx
bymaimelabernard6
Ā 
PDF
The Invisible Threads: How 'Connection' Builds the Smartest Organizations. By...
byTheta Prime Institute, Cheyenne, Wyoming, USA.
Ā 
PDF
ZGC: A Decade of Innovation by Stefan Johansson
byScyllaDB
Ā 
PPTX
xCapture v3: Efficient, Always-On Thread Level Observability with eBPF by Tan...
byScyllaDB
Ā 
PDF
The State of Adventure Capital - Grant Gregory | Cantos
byRazin Mustafiz
Ā 
DOCX
Formula 3 - MACO using general limit.docx
byMarkus Janssen
Ā 
PDF
Morgenbooster: Navigating Ai Criticism with Systems Thinking
by1508 A/S
Ā 
PDF
Transcript: Ready, set, go: Pre-fall sales trends and data-driven insights - ...
byBookNet Canada
Ā 
DOCX
Formula 1 - APIC general MACO calculation.docx
byMarkus Janssen
Ā 
Top-10-Cloud-Service-Companies-in-2025-Market-Leaders-and-Innovators.pdf
byArtjoker Software Development Company
Ā 
Top 11 Sites to Buy Verified GitHub Accounts in 2025
byBuy GitHub Accounts Looking for a verified GitHub account?
Ā 
SQL Server BI Modeling Designing Data for Success with SqlDBM.pdf
bySQL DBM
Ā 
n8n - Next Generation Workflow Automation with Open Source
byDaisuke Masuda
Ā 
Immer vorne mit dabei sein - Roaming leicht gemacht
bypanagenda
Ā 
Embracing Karpenter to scale, optimise and upgrade Kubernetes
byMarko Bevc
Ā 
AI Enabled Task Automation Technology Trends in the IT Industry
byManish Chopra
Ā 
FME Realize in the Real World - The Power of Spatial Computing in Action
bySafe Software
Ā 
RaBitQ, JSON Index, Schema Evolution, What's New in Milvus 2.6
byZilliz
Ā 
Autonomous Convoy Routing via Drone Swarms and Multi-Modal Threat Detection
byIvan Ruchkin
Ā 
The End of the Missed Call - How AI Recaptures Lost Leads and Secures ROI
byiovox
Ā 
Artificial Intelligence lecture slides.pptx
bymaimelabernard6
Ā 
The Invisible Threads: How 'Connection' Builds the Smartest Organizations. By...
byTheta Prime Institute, Cheyenne, Wyoming, USA.
Ā 
ZGC: A Decade of Innovation by Stefan Johansson
byScyllaDB
Ā 
xCapture v3: Efficient, Always-On Thread Level Observability with eBPF by Tan...
byScyllaDB
Ā 
The State of Adventure Capital - Grant Gregory | Cantos
byRazin Mustafiz
Ā 
Formula 3 - MACO using general limit.docx
byMarkus Janssen
Ā 
Morgenbooster: Navigating Ai Criticism with Systems Thinking
by1508 A/S
Ā 
Transcript: Ready, set, go: Pre-fall sales trends and data-driven insights - ...
byBookNet Canada
Ā 
Formula 1 - APIC general MACO calculation.docx
byMarkus Janssen
Ā 

EFS_Integration.pdf

  • 1.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. Suman Debnath Developer Advocate, Amazon EFS Amazon EFS Serverless and Container Integration
  • 2.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Stateful applications need durable shared storage Availability and durability Data sharing Scalable ā€¦ Containers and serverless functions are transient in nature; long-running applications can benefit from keeping state in a durable storage Distributed applications like web serving, machine learning inference, and continuous integration and delivery benefit from shared storage layer Modern data-intensive applications like analytics require fast access to large volumes of data
  • 3.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Lift & shift today, accelerate modernization Migrate Lift & shift applications to the cloud Amazon EKS Amazon ECS AWS Fargate AWS Lambda Amazon SageMaker Amazon EFS Amazon EC2
  • 4.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Lift & shift today, accelerate modernization Migrate Lift & shift applications to the cloud Amazon EKS Amazon ECS AWS Fargate AWS Lambda Amazon SageMaker Amazon EFS Amazon EC2 Modernize Convert existing applications and build new applications with microservices like containers and serverless
  • 5.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Availability zone Availability zone AWS Lambda Mount Target Mount Target Amazon EFS file system Amazon EFS and AWS Lambda
  • 6.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Availability zone Availability zone AWS Lambda Mount Target Mount Target Amazon EFS file system Elastic, shared, serverless storage Petabyte-scale elastic storage for Lambda functions Build stateful applications Low-latency Pay for what you use Serverless storage Share data across 1000s of function invocations Amazon EFS and AWS Lambda
  • 7.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon EFS and AWS Lambda : How it works Create an Amazon EFS file system
  • 8.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Create an Amazon EFS file system Create an Access Point Amazon EFS and AWS Lambda : How it works
  • 9.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Configuring the Access Point Amazon EFS and AWS Lambda : How it works
  • 10.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Configuring the Access Point Creating the Lambda Function Amazon EFS and AWS Lambda : How it works
  • 11.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Adding the file system Amazon EFS and AWS Lambda : How it works
  • 12.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Adding the file system Select the file system Amazon EFS and AWS Lambda : How it works
  • 13.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL What we are going to build ? User Request Prediction
  • 14.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Letā€™s focus on thisā€¦ User Request Prediction
  • 15.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Client Application Architecture
  • 16.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application User Request Architecture
  • 17.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture
  • 18.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models
  • 19.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer
  • 20.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer AWS Lambda Trigger
  • 21.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer AWS Lambda Trigger Response Prediction
  • 22.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer AWS Lambda Trigger Response Prediction
  • 23.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer AWS Lambda Trigger Response Prediction
  • 24.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon API Gateway Client Application AWS Lambda User Request Invoke Architecture Amazon EFS Loading Models Amazon S3 Uploading Models ML Engineer AWS Lambda Trigger Response Prediction app1(s3-efs) app2(ml-inference)
  • 25.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Demo @ aws-samples/amazon-efs-developer-zone
  • 26.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon Elastic File System (Amazon EFS) EC2 instance or on-premises server Application code Task Container 1 Container 2 Amazon ECS Amazon EC2 Pod Container 1 Container 2 Amazon EKS Amazon EC2 CSI driver AWS Fargate AWS Fargate Elastic, shared, highly-available storage Persist storage across containers Pay for what you use Serverless storage Application level security Amazon ECS and AWS Container Services
  • 27.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon ECS and Amazon EFS: How it works
  • 28.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon ECS Cluster Amazon ECS and Amazon EFS: How it works
  • 29.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon ECS Cluster Create Amazon ECS and Amazon EFS: How it works
  • 30.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon ECS Cluster Create a security group for Amazon EFS Create an Amazon EFS file system Amazon ECS and Amazon EFS: How it works
  • 31.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon ECS and Amazon EFS: How it works
  • 32.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Create a task definition Mount Point definition Amazon ECS and Amazon EFS: How it works
  • 33.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon EKS Cluster Amazon EFS CSI Driver for Kubernetes
  • 34.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon EKS Cluster Create a security group for Amazon EFS Amazon EFS CSI Driver for Kubernetes
  • 35.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon EKS Cluster Create a security group for Amazon EFS Create an Amazon EFS file system Amazon EFS CSI Driver for Kubernetes
  • 36.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Create Amazon EKS Cluster Create a security group for Amazon EFS Create an Amazon EFS file system Deploy EFS CSI Driver (Open Source) Amazon EFS CSI Driver for Kubernetes
  • 37.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Defining Storage class Amazon EFS CSI Driver for Kubernetes
  • 38.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Defining Storage class Persistent Volume Claim Mounting on the container/pod Amazon EFS CSI Driver for Kubernetes
  • 39.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Kubeflow with Amazon EKS and Amazon EFS Amazon EKS Training Container 2 Training Container n Amazon EFS CSI driver Pod Pod Amazon ECR Pod Training Container 1 Build the container image for training and push it to ECR Save the training dataset on Amazon EFS
  • 40.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon EFS Developer Zone
  • 41.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. Suman Debnath Developer Advocate, Amazon EFS Thank You
  • 42.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Backup
  • 43.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Goals for security and identity 1. File systems should only be mountable by applications that need them 2. Applications that mount file systems should only have access to data they need Amaz on EFS $ cat /my_app/data ### SUCCESS THIS IS MY FILE ### $ cat /someone_elses_app/data cat: /someone_elses_app/data : Permission denied
  • 44.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Using IAM for file system access { ā€œStatementā€ : { ā€œEffectā€ : ā€œallowā€, ā€œActionā€ : ā€œelasticfilesystem:Client*ā€, ā€œPrincipalā€ : { ā€œAWSā€: ā€œarn:..Lambdaā€ } } } Amazon EFS IAM { ā€œStatementā€ : { ā€œEffectā€ : ā€œallowā€, ā€œActionā€ : ā€œelasticfilesystem:Client*ā€, "Resource": ā€fs-feedfeed" } } Task or execution role Function Container ECS EKS Lambda
  • 45.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Understanding container identity ECS task Task identity (IAM role) IAM Container image Application identity User: Root Group: Root $ ls ā€“l /efs/home drwx------ bob . BobHome drwx------ maria . MariaHome drwxrwx--- . biusers BI_Shared By default, POSIX identity comes from the container image, not the task/pod runtime
  • 46.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Understanding function identity Lambda function IAM $ ls ā€“l /efs/home drwx------ bob . BobHome drwx------ maria . MariaHome drwxrwx--- . biusers BI_Shared By default, Lambda functions have no predetermined identity Task identity (IAM role)
  • 47.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL Amazon EFS access points { ā€œNameā€: ā€œMyAppā€, "FileSystemId": ā€fs-feedfeed", ā€œPosixUserā€: { ā€œUidā€: 123 ā€œGidā€: 123, ā€œSecondaryGidsā€: [100, 200, 300] }, ā€œRootDirectoryā€: { ā€œPathā€: ā€œ/apps/myappā€, ā€œCreationInfoā€: { ā€œOwnerUidā€: 123, ā€œOwnerGidā€: 123, ā€œPermissionsā€: ā€œ0700ā€ } } } Creates application-specific directory and permissions No Amazon EC2 instance required Applications only see the data they need Enforces file system identity Root containers cannot escalate access Arbitrary users are not locked out ECS EKS Lambda
  • 48.
    Ā© 2022, AmazonWeb Services, Inc. or its Affiliates. CONFIDENTIAL { ā€œNameā€: ā€œMyAppā€, ā€œPosixUserā€: { ā€œUidā€: 123 ā€œGidā€: 123, ā€œSecondaryGidsā€: [100, 200, 300] }, ā€œRootDirectoryā€: { ā€œPathā€: ā€œ/apps/myappā€, ā€œCreationInfoā€: { ā€œOwnerUidā€: 123, ā€œOwnerGidā€: 123, ā€œPermissionsā€: ā€œ0700ā€ } } } How Amazon EFS access points work Amazon EFS with POSIX permissions ā€œEffectā€ : ā€œallowā€, ā€œActionā€ : ā€œelasticfilesystem:Client*ā€, ā€œPrincipalā€ : { ā€œAWSā€: ā€œapproleā€ }, ā€œConditionā€* : {ā€œaccessPointArnā€ : ā€œfsap-1234ā€