如何创建 NFS 共享How to create an NFS share

Azure 文件共享是位于云中的完全托管文件共享。Azure file shares are fully managed file shares that live in the cloud. 本文介绍如何创建可使用 NFS 协议的文件共享。This article covers creating a file share that uses the NFS protocol. 有关这两种协议的详细信息,请参阅 Azure 文件共享协议For more information on both protocols, see Azure file share protocols.


在预览版阶段,NFS 具有以下限制:While in preview, NFS has the following limitations:

  • NFS 4.1 目前只支持协议规范中的大部分功能。NFS 4.1 currently only supports most features from the protocol specification. 有些功能(如所有类型的委托和回叫、锁定升级和降级、Kerberos 身份验证和加密)不受支持。Some features such as delegations and callback of all kinds, lock upgrades and downgrades, Kerberos authentication, and encryption are not supported.
  • 如果大多数请求是以元数据为中心的,那么,与读取/写入/更新操作相比,延迟将会更加严重。If the majority of your requests are metadata-centric, then the latency will be worse when compared to read/write/update operations.
  • 必须创建新的存储帐户才能创建 NFS 共享。Must create a new storage account in order to create an NFS share.
  • 只支持管理平面 REST API。Only the management plane REST APIs are supported. 数据平面 REST API 不可用,这意味着存储资源管理器之类的工具将无法用于 NFS 共享,你也无法在 Azure 门户中浏览 NFS 共享数据。Data plane REST APIs are not available, which means that tools like Storage Explorer will not work with NFS shares nor will you be able to browse NFS share data in the Azure portal.
  • 目前不支持 AzCopy。AzCopy is not currently supported.
  • 只适用于高级层。Only available for the premium tier.
  • NFS 共享只接受数字 UID/GID。NFS shares only accept numeric UID/GID. 为了避免客户端发送字母数字 UID/GID,应禁用 ID 映射。To avoid your clients sending alphanumeric UID/GID, you should disable ID mapping.
  • 在使用专用链接时,只能从单个 VM 上的一个存储帐户装载共享。Shares can only be mounted from one storage account on an individual VM, when using private links. 尝试从其他存储帐户装载共享将会失败。Attempting to mount shares from other storage accounts will fail.
  • 最好依赖于分配到主要组的权限。It is best to rely on the permissions assigned to primary group. 由于一个已知的 bug,分配到非主要组用户的权限有时可能会导致访问被拒绝。Sometimes, permissions allocated to the non-primary group of the user may result in access denied due to a known bug.

尚不支持 Azure 存储功能Azure Storage features not yet supported

另外,以下 Azure 文件存储功能也不可与 NFS 共享配合使用:Also, the following Azure Files features are not available with NFS shares:

  • 基于标识的身份验证Identity-based authentication
  • Azure 备份支持Azure Backup support
  • 快照Snapshots
  • 软删除Soft delete
  • 完全支持传输中加密(有关详细信息,请参阅 NFS 安全性Full encryption-in-transit support (for details see NFS security)

区域可用性Regional availability

可使用高级文件存储的所有区域都支持 NFS。NFS is supported in ALL regions where Premium Files Storage is available.

我们会继续添加区域。We are continuously adding regions. 有关最新列表,请使用下面的示例查询具有 NFS 支持的区域列表。For the most up-to-date list, use the sample below to query the list of regions with NFS support. 还可以在“高级文件存储”下的各区域的 Azure 产品可用性页面中检查区域支持。You can also check for your region support at Azure Products available by region page under Premium Files Storage.

# Log in first with Connect-AzAccount -Environment AzureChinaCloud

$azContext = Get-AzContext
$azProfile = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile
$profileClient = New-Object -TypeName Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient -ArgumentList ($azProfile)
$token = $profileClient.AcquireAccessToken($azContext.Subscription.TenantId)
$authHeader = @{
    'Authorization'='Bearer ' + $token.AccessToken

# Provide specific subscription id if you want  list for a different subscription
$subscription = $azContext.Subscription.Id

# Invoke the REST API
$restUri = "https://management.chinacloudapi.cn/subscriptions/$subscription/providers/Microsoft.Storage/skus?api-version=2019-06-01"
$response = Invoke-RestMethod -Uri $restUri -Method Get -Headers $authHeader

# List of all regions that has NFS support.
$response.value| Where-Object -FilterScript {$_.capabilities| Where-Object { $_.name -eq 'supportsNfsShare' -and $_.value -eq 'true'}}| Select-Object locations, kind, name

示例响应Sample response

List of regions that support NFS


注册 NFS 4.1 协议Register the NFS 4.1 protocol

如果你使用的是 Azure PowerShell 模块或 Azure CLI,请使用以下命令注册功能:If you're using the Azure PowerShell module or the Azure CLI, register your feature using the following commands:

使用 Azure PowerShell 或 Azure CLI 为 Azure 文件存储注册 NFS 4.1 功能。Use either Azure PowerShell or Azure CLI to register the NFS 4.1 feature for Azure Files.

注册审批可能需要一个小时。Registration approval can take up to an hour. 若要验证注册是否完成,请使用以下命令:To verify that the registration is complete, use the following commands:

使用 Azure PowerShell 或 Azure CLI 检查 Azure 文件存储的 NFS 4.1 功能注册情况。Use either Azure PowerShell or Azure CLI to check on the registration of the NFS 4.1 feature for Azure Files.

创建 FileStorage 存储帐户Create a FileStorage storage account

目前,NFS 4.1 共享仅可用作高级文件共享。Currently, NFS 4.1 shares are only available as premium file shares. 若要部署支持 NFS 4.1 协议的高级文件共享,必须先创建一个 FileStorage 存储帐户。To deploy a premium file share with NFS 4.1 protocol support, you must first create a FileStorage storage account. 存储帐户是 Azure 中的顶级对象,表示可用于部署多个 Azure 文件共享的共享存储池。A storage account is a top-level object in Azure that represents a shared pool of storage which can be used to deploy multiple Azure file shares.

要创建 FileStorage 存储帐户,请导航到 Azure 门户。To create a FileStorage storage account, navigate to the Azure portal.

  1. 在 Azure 门户中,选择左侧菜单中的“存储帐户”。In the Azure portal, select Storage Accounts on the left menu.

    Azure 门户主页 - 选择存储帐户

  2. 在显示的“存储帐户”窗口中,选择“添加”。 On the Storage Accounts window that appears, choose Add.

  3. 选择要在其中创建存储帐户的订阅。Select the subscription in which to create the storage account.

  4. 选择要在其中创建存储帐户的资源组Select the resource group in which to create the storage account

  5. 然后,输入存储帐户的名称。Next, enter a name for your storage account. 所选名称在 Azure 中必须唯一。The name you choose must be unique across Azure. 该名称还必须为 3 到 24 个字符,并且只能包含数字和小写字母。The name also must be between 3 and 24 characters in length, and can include numbers and lowercase letters only.

  6. 选择存储帐户的位置或使用默认位置。Select a location for your storage account, or use the default location.

  7. 对于“性能”,请选择“高级”。 For Performance select Premium.

    必须选择“高级”,“FileStorage”才会成为“帐户类型”下拉列表中的可用选项。You must select Premium for FileStorage to be an available option in the Account kind dropdown.

  8. 依次选择“帐户类型”、“FileStorage”。 Select Account kind and choose FileStorage.

  9. 将“复制”保留设置为默认值“本地冗余存储(LRS)”。 Leave Replication set to its default value of Locally-redundant storage (LRS).


  10. 选择“查看+创建”可查看存储帐户设置并创建帐户。Select Review + Create to review your storage account settings and create the account.

  11. 选择“创建” 。Select Create.

创建存储帐户资源后,请导航到该资源。Once your storage account resource has been created, navigate to it.

创建 NFS 共享Create an NFS share

现在,你已创建了一个 FileStorage 帐户并配置了网络,接下来可以创建一个 NFS 文件共享。Now that you have created a FileStorage account and configured the networking, you can create an NFS file share. 此过程类似于创建 SMB 共享,在创建共享时选择 NFS 而不是 SMB。The process is similar to creating an SMB share, you select NFS instead of SMB when creating the share.

  1. 导航到存储帐户,然后选择“文件共享”。Navigate to your storage account and select File shares.

  2. 选择“+ 文件共享”创建新的文件共享。Select + File share to create a new file share.

  3. 为文件共享命名,选择预配的容量。Name your file share, select a provisioned capacity.

  4. 对于“协议”,请选择“NFS (预览)”。For Protocol select NFS (preview).

  5. 对于“根 Squash”,在以下选项中进行选择。For Root Squash make a selection.

    • 根 Squash (默认) - 远程超级用户(根)的访问映射到 UID (65534) 和 GID (65534)。Root squash (default) - Access for the remote superuser (root) is mapped to UID (65534) and GID (65534).
    • 无根 Squash - 远程超级用户(根)以 root 身份接收访问。No root squash - Remote superuser (root) receives access as root.
    • 所有 Squash - 所有用户访问映射到 UID (65534) 和 GID (65534)。All squash - All user access is mapped to UID (65534) and GID (65534).
  6. 选择“创建”。Select Create.


后续步骤Next steps

现在,你已创建了一个 NFS 共享,要使用它,必须将它装载到 Linux 客户端上。Now that you've created an NFS share, to use it you have to mount it on your Linux client. 有关详细信息,请参阅如何装载 NFS 共享For details, see How to mount an NFS share.

如果遇到任何问题,请参阅解决 Azure NFS 文件共享问题If you experience any issues, see Troubleshoot Azure NFS file shares.