EFS Filesystems
An EFS filesystem provides simple, scalable, and elastic file storage for your applications. It allows shared access to data using a traditional file permissions model and a hierarchical directory structure. Files stored in an EFS filesystem are persistent, meaning they remain available even if the container or Lambda function that created them is no longer running.
A single filesystem can be mounted by thousands of compute resources concurrently, including Lambda functions and container services. The filesystem is serverless, automatically growing and shrinking as you add and remove files, and you only pay for the storage you use.
Under the hood, Stacktape uses AWS Elastic File System (EFS).
When to use them
EFS filesystems are ideal for use cases that require shared file storage that can be accessed by multiple compute resources at the same time. Common use cases include:
- Web serving and content management
- Media and entertainment workflows
- Home directories
- Database backups
- Container storage
- Big data analytics
Advantages
- Shared access: Can be mounted concurrently by thousands of containers and Lambda functions across multiple Availability Zones.
- Standard file system interface: Uses the NFSv4 protocol, allowing for seamless integration with applications that expect a standard file system.
- Serverless and elastic: Automatically scales storage capacity up or down.
- Highly available and durable: Data is stored redundantly across multiple Availability Zones.
- Performance: Delivers low, consistent latency and high throughput.
- Encryption: Data is encrypted both in transit and at rest.
Disadvantages
- Latency: While latency is low, it's generally higher than with block storage (EBS) due to the distributed nature of EFS.
- Cost: Can be more expensive than object storage (S3) or block storage (EBS) for certain workloads.
- Not optimal for lowest-latency needs: For applications that require the absolute lowest latency for a single instance, EBS might be a better choice.
Basic usage
resources:myFileSystem:type: efs-filesystem
Mounting to resources
You can mount a filesystem to a compute resource by specifying the volumeMounts
property. Stacktape automatically handles the necessary network and IAM permissions.
resources:myEfsFilesystem:type: efs-filesystemmyService:type: web-serviceproperties:packaging:type: stacktape-image-buildpackproperties:entryfilePath: src/server.tsresources:cpu: 0.25memory: 512volumeMounts:- type: efsproperties:efsFilesystemName: myEfsFilesystemmountPath: /mnt/my-mounted-system
Mounting a filesystem to a web service.
You can then access the mounted directory just like any other directory in your compute resource's filesystem.
import * as fs from "fs";import * as path from "path";const mountPath = "/mnt/my-mounted-system";const testFile = path.join(mountPath, "test.txt");fs.writeFileSync(testFile, "Hello from EFS!");const data = fs.readFileSync(testFile, "utf8");// data is now "Hello from EFS!"
An example of writing to and reading from a mounted filesystem.
Throughput mode
You can set a throughput mode for your filesystem. While there are various options, the elastic
mode (the default) is recommended for most use cases.
elastic (Recommended): Best for unpredictable or spiky workloads
- Ideal for workloads using high throughput ≤5% of the time
- Perfect for web apps, CI/CD pipelines, or occasional data analytics
- Automatically scales up/down based on demand
provisioned: Best for steady, predictable workloads
- Ideal when using high throughput >5% of the time
- Suitable for media streaming, production databases
- Requires setting
provisionedThroughputInMibps
bursting: Scales with storage size
- Provides baseline of 50 KiB/s per GiB of storage
- Good for small dev environments and team file shares
- Can hit limits if burst credits are depleted
- Consider switching if consistently using >80% throughput
resources:myFileSystem:type: efs-filesystemproperties:throughputMode: provisionedprovisionedThroughputInMibps: 1000 # when setting throughput mode to 'provisioned', you must also set a throughput value
Backup
You can enable daily backups to protect your data against accidental deletion.
- Uses AWS Backup with default settings of daily backups and 35-day retention period
- Performs incremental backups - only changed, added, or removed files are copied after initial backup
- Backs up data from all storage classes (Standard, IA, Archive) without data access charges
- Restored data is always placed in the Standard storage class
- Default backup plan and vault are automatically created and managed by AWS
resources:myFileSystem:type: efs-filesystemproperties:backupEnabled: true
Limit access
You can limit a resource's access to a specific directory within the filesystem by specifying a rootDirectory
.
- Specifies which directory in the EFS filesystem should be used as the root for this mount
- Only this directory and its subdirectories will be accessible to the function
- If not specified, the entire filesystem will be accessible
resources:myEfsFilesystem:type: efs-filesystemmyFunction:type: functionproperties:packaging:type: stacktape-lambda-buildpackproperties:entryfilePath: lambdas/read-write-efs.tsjoinDefaultVpc: truevolumeMounts:- type: efsproperties:efsFilesystemName: myEfsFilesystemmountPath: /mnt/my-mounted-systemrootDirectory: /my/root/directory
A Lambda function with limited access to a filesystem.