AWS EFS 的网络接口无法与 static IP 关联
[英]Network interface of AWS EFS fails to be associated with a static IP
问题描述
My issue is basically what is said in this question , except it's about EFS, rather than EC2, and I can't solve my problem with Route 53, as it's suggested .
我的问题基本上是这个问题中所说的,除了它是关于 EFS,而不是 EC2,而且我无法按照建议用 Route 53 解决我的问题。
I have an EFS instance and I try to mount it locally on my Windows machine (over WSL running Ubuntu 22.04.1 LTS) like so:我有一个 EFS 实例,我尝试将它本地安装在我的 Windows 机器上(通过运行 Ubuntu 22.04.1 LTS 的 WSL),如下所示:
sudo mount -t efs -o tls,accesspoint=fsap-08fa969084c23b344 fs-003f3467bf1e15b13:/ efs
This results in the following:这导致以下结果:
Failed to resolve "fs-003f3467bf1e15b13.efs.us-east-1.amazonaws.com" - check that your file system ID is correct, and ensure that the VPC has an EFS mount target for this file system ID.
See https://docs.aws.amazon.com/console/efs/mount-dns-name for more detail.
Attempting to lookup mount target ip address using botocore.
It seems that the issue arises from the fact that I'm not trying to access EFS from an EC2 instance in my VPC, but from the public inte.net, where the DNS fs-003f3467bf1e15b13.efs.us-east-1.amazonaws.com and the private IP 172.31.43.109 obviously can't be resolved.问题似乎是因为我不是试图从我的 VPC 中的 EC2 实例访问 EFS,而是来自公共 inte.net,其中 DNS fs-003f3467bf1e15b13.efs.us-east-1.amazonaws.com和 private IP 172.31.43.109显然无法解析。
Therefore, I want to assign a static Elastic IP to the.network interface of EFS, so I can access it publicly, but I get the following error:因此,我想给EFS的.network接口分配一个static Elastic IP,这样就可以公开访问了,但是报如下错误:
Failed to associate address with eni-0fa8cf69d68b7bb01: You do not have permission to access the specified resource.
I don't think that I "do not have permission" because I'm the owner of the account and I have the AdministratorAccess IAM policy.我不认为我“没有权限”,因为我是帐户的所有者并且我有AdministratorAccess IAM 策略。
Is there a way to make EFS publicly accessible or mount it in any other way on my own machine?有没有办法让 EFS 可以公开访问或以任何其他方式将其安装在我自己的机器上?
1 个解决方案
解决方案1
1 已采纳 2022-12-05 15:19:45
Therefore, I want to assign a static Elastic IP to the.network interface of EFS, so I can access it publicly, but I get the following error:
That's not a supported configuration on AWS.这不是 AWS 上受支持的配置。 You can't assign a public IP to EFS.您不能将公共 IP 分配给 EFS。 You need to look into SSH tunneling, or a VPN connection into the VPC, in order to mount an EFS volume from outside the VPC.您需要查看 SSH 隧道或 VPC 的 VPN 连接,以便从 VPC 外部安装 EFS 卷。
My guess is that AWS doesn't allow me to make EFS publicly available because that might make their AWS Transfer Family product obsolete, since it seems to solve the same problem - using EFS outside the cloud.
That's a very cynical take on things.这是一种非常愤世嫉俗的态度。 In actuality Amazon simply designed EFS to be a service that complemented their compute services (EC2, ECS, EKS, Fargate, and Lambda).实际上,Amazon 只是将 EFS 设计为一种服务,以补充其计算服务(EC2、ECS、EKS、Fargate 和 Lambda)。 They did not design it to be a global, public NFS mountable file system.他们并没有将其设计成一个全局的、公共的 NFS 可挂载文件系统。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.