使用 SMB 在 Linux VM 上装载 Azure 文件存储Mount Azure File storage on Linux VMs using SMB

本文说明如何通过 Azure CLI 使用 SMB 装载利用 Linux VM 上的 Azure 文件存储服务。This article shows you how to use the Azure File storage service on a Linux VM using an SMB mount with the Azure CLI. Azure 文件存储使用标准 SMB 协议在云中提供文件共享。Azure File storage offers file shares in the cloud using the standard SMB protocol.

文件存储使用标准 SMB 协议在云中提供文件共享。File storage offers file shares in the cloud that use the standard SMB protocol. 可以从支持 SMB 3.0 的任何 OS 装载文件共享。You can mount a file share from any OS that supports SMB 3.0. 在 Linux 上使用 SMB 装载时,可轻松备份到 SLA 支持的可靠、永久的存档存储位置。When you use an SMB mount on Linux, you get easy backups to a robust, permanent archiving storage location that is supported by an SLA.

将文件从 VM 移至托管在文件存储上的 SMB 装载,可以很轻松地调试日志。Moving files from a VM to an SMB mount that's hosted on File storage is a great way to debug logs. 同一 SMB 共享可以通过本地方式装载到 Mac、Linux 或 Windows 工作站。The same SMB share can be mounted locally to your Mac, Linux, or Windows workstation. SMB 不会是实时流式传输 Linux 或应用程序日志的最佳解决方案,因为 SMB 协议并非为处理那样重的日志记录任务而构建。SMB isn't the best solution for streaming Linux or application logs in real time, because the SMB protocol is not built to handle such heavy logging duties. 专用统一的日志记录层工具(如 Fluentd)会是 SMB 之上的更好选择,可收集 Linux 和应用程序日志记录输出。A dedicated, unified logging layer tool such as Fluentd would be a better choice than SMB for collecting Linux and application logging output.

本指南需要运行 Azure CLI 2.0.4 或更高版本。This guide requires that you're running the Azure CLI version 2.0.4 or later. 若要查找版本,请运行 az --versionRun az --version to find the version. 如需进行安装或升级,请参阅安装 Azure CLIIf you need to install or upgrade, see Install the Azure CLI.

创建资源组Create a resource group

在“中国东部”位置创建名为 myResourceGroup 的资源组。Create a resource group named myResourceGroup in the China East location.

az group create --name myResourceGroup --location chinaeast

创建存储帐户Create a storage account

使用 az storage account create 在创建的资源组中创建一个新存储帐户。Create a new storage account, within the resource group that you created, using az storage account create. 此示例创建名为 mySTORAGEACCT<random number> 的存储帐户,然后将该存储帐户的名称置于变量 STORAGEACCT 中。This example creates a storage account named mySTORAGEACCT<random number> and puts the name of that storage account in the variable STORAGEACCT. 存储帐户名称必须唯一,请使用 $RANDOM 将一个数字追加到名称末尾,使之变得唯一。Storage account names must be unique, using $RANDOM appends a number to the end to make it unique.

STORAGEACCT=$(az storage account create \
    --resource-group "myResourceGroup" \
    --name "mystorageacct$RANDOM" \
    --location chinaeast \
    --sku Standard_LRS \
    --query "name" | tr -d '"')

获取存储密钥Get the storage key

创建存储帐户时,帐户密钥是成对创建的,这样是为了不中断任何服务就可轮换密钥。When you create a storage account, the account keys are created in pairs so that they can be rotated without any service interruption. 轮换到密钥对中的第二个密钥后,创建新的密钥对。When you switch to the second key in the pair, you create a new key pair. 新的存储帐户密钥始终成对创建,因此始终至少有一个未使用的存储帐户密钥可以切换到。New storage account keys are always created in pairs, so you always have at least one unused storage account key ready to switch to.

使用 az storage account keys list 查看存储帐户密钥。View the storage account keys using az storage account keys list. 此示例将密钥 1 的值存储在 STORAGEKEY 变量中。This example stores the value of key 1 in the STORAGEKEY variable.

STORAGEKEY=$(az storage account keys list \
    --resource-group "myResourceGroup" \
    --account-name $STORAGEACCT \
    --query "[0].value" | tr -d '"')

创建文件共享Create a file share

使用 az storage share create 创建文件存储共享。Create the File storage share using az storage share create.

共享名必须全部采用小写字母、数字和单个连字符,但不能以连字符开头。Share names need to be all lower case letters, numbers, and single hyphens but can't start with a hyphen. 有关命名文件共享和文件的完整详细信息,请参阅 命名和引用共享、目录、文件和元数据For complete details about naming file shares and files, see Naming and Referencing Shares, Directories, Files, and Metadata.

此示例创建名为 myshare 且具有 10-GiB 配额的共享。This example creates a share named myshare with a 10-GiB quota.

az storage share create --name myshare \
    --quota 10 \
    --account-name $STORAGEACCT \
    --account-key $STORAGEKEY

创建装入点Create a mount point

若要在 Linux 计算机上装载 Azure 文件共享,需要确保已安装 cifs-utils 包。To mount the Azure file share on your Linux computer, you need to make sure you have the cifs-utils package installed. 有关安装说明,请参阅安装适用于 Linux 发行版的 cifs-utils 包For installation instructions, see Install the cifs-utils package for your Linux distribution.

Azure 文件使用通过 TCP 端口 445 进行通信的 SMB 协议。Azure Files uses SMB protocol, which communicates over TCP port 445. 如果无法装载 Azure 文件共享,请确保防火墙未阻止 TCP 端口 445。If you're having trouble mounting your Azure file share, make sure your firewall is not blocking TCP port 445.

mkdir -p /mnt/MyAzureFileShare

装载共享Mount the share

将 Azure 文件共享装载到本地目录中。Mount the Azure file share to the local directory.

sudo mount -t cifs //$STORAGEACCT.file.core.chinacloudapi.cn/myshare /mnt/MyAzureFileShare -o vers=3.0,username=$STORAGEACCT,password=$STORAGEKEY,dir_mode=0777,file_mode=0777,serverino

以上命令使用 mount 命令装载特定于 cifs 的 Azure 文件共享和选项。The above command uses the mount command to mount the Azure file share and options specific to cifs. 具体来说,file_mode 和 dir_mode 选项将文件和目录设置为权限 0777Specifically, the file_mode and dir_mode options set files and directories to permission 0777. 0777 权限为所有用户提供读取、写入和执行权限。The 0777 permission gives read, write, and execute permissions to all users. 可以通过将值替换为其他 chmod 权限来更改这些权限。You can change these permissions by replacing the values with other chmod permissions. 还可以使用其他 cifs 选项,例如 gid 或 uid。You can also use other cifs options such as gid or uid.

持久保留装载Persist the mount

重新启动 Linux VM 后,已装载的 SMB 共享会在关闭过程中卸载。When you reboot the Linux VM, the mounted SMB share is unmounted during shutdown. 若要在启动时重新装载 SMB 共享,请向 Linux /etc/fstab 添加一行。To remount the SMB share on boot, add a line to the Linux /etc/fstab. Linux 使用 fstab 文件列出在启动过程中需要装载的文件系统。Linux uses the fstab file to list the file systems that it needs to mount during the boot process. 添加 SMB 共享可确保文件存储共享是 Linux VM 的永久装载文件系统。Adding the SMB share ensures that the File storage share is a permanently mounted file system for the Linux VM. 使用 cloud-init 可以将文件存储 SMB 共享添加到新的 VM。Adding the File storage SMB share to a new VM is possible when you use cloud-init.

//myaccountname.file.core.chinacloudapi.cn/mystorageshare /mnt/mymountpoint cifs vers=3.0,username=mystorageaccount,password=myStorageAccountKeyEndingIn==,dir_mode=0777,file_mode=0777

为了提高生产环境的安全性,应将凭据存储在 fstab 之外。For increased security in production environments, you should store your credentials outside of fstab.

后续步骤Next steps