Mount NFS Azure file shares on Linux
Azure file shares can be mounted in Linux distributions using either the Server Message Block (SMB) protocol or the Network File System (NFS) protocol. This article is focused on mounting with NFS. For details on mounting SMB Azure file shares, see Use Azure Files with Linux. For details on each of the available protocols, see Azure file share protocols.
Applies to
| File share type | SMB | NFS |
|---|---|---|
| Standard file shares (GPv2), LRS/ZRS |  |
|
| Standard file shares (GPv2), GRS/GZRS | |
|
| Premium file shares (FileStorage), LRS/ZRS | |
 |
Support
Currently, only NFS version 4.1 is supported. NFS 4.1 shares are only supported within the FileStorage storage account type (premium file shares only).
NFS Azure file shares support most features from the 4.1 protocol specification. Some features such as delegations and callback of all kinds, Kerberos authentication, and encryption-in-transit aren't supported.
The nconnect mount option is currently in preview and isn't recommended for production use.
Regional availability
Azure NFS file shares are supported in all the same regions that support premium file storage.
For the most up-to-date list, see the Premium Files Storage entry on the page for Azure products available by region.
Prerequisites
Open port 2049 on the client you want to mount your NFS share to.
Important
NFS shares can only be accessed from trusted networks.
Either create a private endpoint (recommended) or restrict access to your public endpoint.
To enable hybrid access to an NFS Azure file share, use one of the following networking solutions:
Disable secure transfer
Sign in to the Azure portal and access the storage account containing the NFS share you created.
Select Configuration.
Select Disabled for Secure transfer required.
Select Save.
Mount options
The following mount options are recommended or required when mounting NFS Azure file shares.
| Mount option | Recommended value | Description |
|---|---|---|
vers |
4 | Required. Specifies which version of the NFS protocol to use. Azure Files only supports NFS v4.1. |
minorversion |
1 | Required. Specifies the minor version of the NFS protocol. Some Linux distros don't recognize minor versions on the vers parameter. So instead of vers=4.1, use vers=4,minorversion=1. |
sec |
sys | Required. Specifies the type of security to use when authenticating an NFS connection. Setting sec=sys uses the local UNIX UIDs and GIDs that use AUTH_SYS to authenticate NFS operations. |
rsize |
1048576 | Recommended. Sets the maximum number of bytes to be transferred in a single NFS read operation. Specifying the maximum level of 1048576 bytes will usually result in the best performance. |
wsize |
1048576 | Recommended. Sets the maximum number of bytes to be transferred in a single NFS write operation. Specifying the maximum level of 1048576 bytes will usually result in the best performance. |
noresvport |
n/a | Recommended. Tells the NFS client to use a non-privileged source port when communicating with an NFS server for the mount point. Using the noresvport mount option helps ensure that your NFS share has uninterrupted availability after a reconnection. Using this option is strongly recommended for achieving high availability. |
actimeo |
30-60 | Recommended. Specifying actimeo sets all of acregmin, acregmax, acdirmin, and acdirmax to the same value. Using a value lower than 30 seconds can cause performance degradation because attribute caches for files and directories expire too quickly. We recommend setting actimeo between 30 and 60 seconds. |
Mount an NFS share using the Azure portal
Note
You can use the nconnect Linux mount option to improve performance for NFS Azure file shares at scale. For more information, see Improve NFS Azure file share performance.
Once the file share is created, select the share and select Connect from Linux.
Enter the mount path you'd like to use, then copy the script.
Connect to your client and use the provided mounting script. Only the required mount options are included in the script, but you can add other recommended mount options.
You have now mounted your NFS share.
Mount an NFS share using /etc/fstab
If you want the NFS file share to automatically mount every time the Linux server or VM boots, create a record in the /etc/fstab file for your Azure file share. Replace YourStorageAccountName and FileShareName with your information.
<YourStorageAccountName>.file.core.chinacloudapi.cn:/<YourStorageAccountName>/<FileShareName> /media/<YourStorageAccountName>/<FileShareName> nfs vers=4,minorversion=1,_netdev,nofail,sec=sys 0 0
For more information, enter the command man fstab from the Linux command line.
Validate connectivity
If your mount failed, it's possible that your private endpoint wasn't set up correctly or isn't accessible. For details on confirming connectivity, see Verify connectivity.
NFS file share snapshots
Customers using NFS Azure file shares can create, list, and delete NFS Azure file share snapshots. This capability allows users to roll back entire file systems or recover files that were accidentally deleted or corrupted.
Important
You should mount your file share before creating snapshots. If you create a new NFS file share and take snapshots before mounting the share, attempting to list the snapshots for the share will return an empty list. We recommend deleting any snapshots taken before the first mount and re-creating them after you've mounted the share.
Limitations
Only file management APIs (AzRmStorageShare) are supported for NFS Azure file share snapshots. File data plane APIs (AzStorageShare) aren't supported.
AzCopy isn't currently supported for NFS file shares. To copy data from an NFS Azure file share or share snapshot, use file system copy tools such as rsync or fpsync.
Create a snapshot
You can create a snapshot of an NFS Azure file share using the Azure PowerShell or Azure CLI. A share can support the creation of up to 200 share snapshots.
To create a snapshot of an existing file share, run the following PowerShell command. Replace <resource-group-name>, <storage-account-name>, and <file-share-name> with your own values.
New-AzRmStorageShare -ResourceGroupName "<resource-group-name>" -StorageAccountName "<storage-account-name>" -Name "<file-share-name>" -Snapshot
List file share snapshots
You can list all the snapshots for a file share using the Azure PowerShell, or Azure CLI.
To list all file shares and snapshots in a storage account, run the following PowerShell command. Replace <resource-group-name> and <storage-account-name> with your own values.
Get-AzRmStorageShare -ResourceGroupName "<resource-group-name>" -StorageAccountName "<storage-account-name>" -IncludeSnapshot
Delete snapshots
Existing share snapshots are never overwritten. They must be deleted explicitly. You can delete share snapshots using the Azure PowerShell or Azure CLI.
To delete a file share snapshot, run the following PowerShell command. Replace <resource-group-name>, <storage-account-name>, and <file-share-name> with your own values. The SnapshotTime parameter must follow the correct name format, such as 2021-05-10T08:04:08Z.
Remove-AzRmStorageShare -ResourceGroupName "<resource-group-name>" -StorageAccountName "<storage-account-name>" -Name "<file-share-name>" -SnapshotTime "<snapshot-time>"
To delete a file share and all its snapshots, run the following PowerShell command. Replace <resource-group-name>, <storage-account-name>, and <file-share-name> with your own values.
Remove-AzRmStorageShare "<resource-group-name>" -StorageAccountName "<storage-account-name>" -Name "<file-share-name>" -Include Snapshots
Mount an NFS Azure file share snapshot
To mount an NFS Azure file share snapshot to a Linux VM (NFS client) and restore files, follow these steps.
Run the following command in a console. See Mount options for other recommended mount options. To improve copy performance, mount the snapshot with nconnect to use multiple TCP channels.
sudo mount -o vers=4,minorversion=1,proto=tcp,sec=sys $server:/nfs4account/share /media/nfsChange the directory to
/media/nfs/.snapshotsso you can view the available snapshots. The.snapshotsdirectory is hidden by default, but you can access and read from it like any directory.cd /media/nfs/.snapshotsList the contents of the
.snapshotsfolder.lsEach snapshot has its own directory that serves as a recovery point. Change to the snapshot directory for which you want to restore files.
cd <snapshot-name>List the contents of the directory to view a list of files and directories that can be recovered.
lsCopy all files and directories from the snapshot to a restore directory to complete the restore.
cp -r <snapshot-name> ../restore
The files and directories from the snapshot should now be available in the /media/nfs/restore directory.
Next steps
- Learn more about Azure Files with Planning for an Azure Files deployment.
- If you experience any issues, see Troubleshoot NFS Azure file shares.