#!/bin/bash # This script follows the following eks workshop # https://www.eksworkshop.com/beginner/190_efs/launching-efs/ # Assume the cluster name is the first cluster in the list CLUSTER_NAME=$(aws eks list-clusters --query clusters --output json | jq -r .[0]) VPC_ID=$(aws eks describe-cluster --name $CLUSTER_NAME --query "cluster.resourcesVpcConfig.vpcId" --output text) CIDR_BLOCK=$(aws ec2 describe-vpcs --vpc-ids $VPC_ID --query "Vpcs[].CidrBlock" --output text) echo 'Cluster name' $CLUSTER_NAME echo 'VPC' $VPC_ID echo "Creating security group ..." MOUNT_TARGET_GROUP_NAME="eks-efs-group" MOUNT_TARGET_GROUP_DESC="NFS access to EFS from EKS worker nodes" aws ec2 create-security-group --group-name $MOUNT_TARGET_GROUP_NAME --description "$MOUNT_TARGET_GROUP_DESC" --vpc-id $VPC_ID sleep 5 MOUNT_TARGET_GROUP_ID=$(aws ec2 describe-security-groups --filter Name=vpc-id,Values=$VPC_ID Name=group-name,Values=eks-efs-group --query 'SecurityGroups[*].[GroupId]' --output text) echo $MOUNT_TARGET_GROUP_NAME $MOUNT_TARGET_GROUP_DESC $MOUNT_TARGET_GROUP_ID aws ec2 authorize-security-group-ingress --group-id $MOUNT_TARGET_GROUP_ID --protocol tcp --port 2049 --cidr $CIDR_BLOCK sleep 2 echo "Creating EFS volume ..." FILE_SYSTEM_ID=$(aws efs create-file-system | jq --raw-output '.FileSystemId') echo $FILE_SYSTEM_ID sleep 10 TAG1=tag:alpha.eksctl.io/cluster-name TAG2=tag:kubernetes.io/role/elb SUBNETS=$(aws ec2 describe-subnets --filter Name=$TAG1,Values=$CLUSTER_NAME Name=$TAG2,Values=1 --query 'Subnets[*].SubnetId' --output text) echo $SUBNETS for subnet in ${SUBNETS} do echo "Creating mount target in" $subnet "in security group" $MOUNT_TARGET_GROUP_ID "for efs" $FILE_SYSTEM_ID aws efs create-mount-target --file-system-id $FILE_SYSTEM_ID --subnet-id $subnet --security-groups $MOUNT_TARGET_GROUP_ID sleep 2 done sleep 30 echo "Mount points state ..." aws efs describe-mount-targets --file-system-id $FILE_SYSTEM_ID | jq --raw-output '.MountTargets[].LifeCycleState' echo 'Done ...'