Prereq#1- Verify that the security group associated with your EFS file system and worker nodes allows NFS traffic
Your EFS file system’s security group must have an inbound rule that allows NFS traffic from the CIDR for your cluster’s VPC. Allow port 2049 for inbound traffic.
The security group that’s associated with your worker nodes where the pods are failing to mount the EFS volume must have an outbound rule. Specifically, this outbound rule must allow NFS traffic (port 2049) to the EFS file system.
If the security group doesn’t allow NFS traffic, then the pods that are mounting the file system return the following errors:
“mount.nfs: Connection timed out”
“Unable to attach or mount volumes: timed out waiting for the condition”
Step 1 – Create a Bucket
![](https://www.devopsschool.com/blog/wp-content/uploads/2023/12/image-26-1024x440.png)
![](https://www.devopsschool.com/blog/wp-content/uploads/2023/12/image-27-1024x379.png)
Step 2 – Create a dir and Upload a file
![](https://www.devopsschool.com/blog/wp-content/uploads/2023/12/image-28-1024x500.png)
Step 3 – Change Bucket Permission to allow public access
![](https://www.devopsschool.com/blog/wp-content/uploads/2023/12/image-29.png)
Step 4 – Change Bucket Object Ownership
![](https://www.devopsschool.com/blog/wp-content/uploads/2023/12/image-30.png)
Step 5 – Modify Object Permission
![](https://www.devopsschool.com/blog/wp-content/uploads/2023/12/image-31-1024x395.png)
Step 6 – Access the object URL
![](https://www.devopsschool.com/blog/wp-content/uploads/2023/12/image-32-1024x410.png)
Latest posts by Rajesh Kumar (see all)
- Mastering Qualitative Research: The Role of Focus Groups in Data Collection - July 11, 2024
- What is robots ops? - July 10, 2024
- 5 Effective Online Learning Strategies for DevOps Professionals - July 4, 2024