How to create an NFS share
Azure file shares are fully managed file shares that live in the cloud. They can be accessed using either the Server Message Block protocol or the Network File System (NFS) protocol. This article covers creating a file share that uses the NFS protocol. For more information on both protocols, see Azure file share protocols.
While in preview, NFS has the following limitations:
- NFS 4.1 currently only supports most features from the protocol specification. Some features such as delegations and callback of all kinds, lock upgrades and downgrades, Kerberos authentication, and encryption are not supported.
- If the majority of your requests are metadata-centric, then the latency will be worse when compared to read/write/update operations.
- Must create a new storage account in order to create an NFS share.
- Only the management plane REST APIs are supported. Data plane REST APIs are not available, which means that tools like Storage Explorer will not work with NFS shares nor will you be able to browse NFS share data in the Azure portal.
- AzCopy is not currently supported.
- Only available for the premium tier.
- NFS shares only accept numeric UID/GID. To avoid your clients sending alphanumeric UID/GID, you should disable ID mapping.
- Shares can only be mounted from one storage account on an individual VM, when using private links. Attempting to mount shares from other storage accounts will fail.
Azure Storage features not yet supported
Also, the following Azure Files features are not available with NFS shares:
- Identity-based authentication
- Azure Backup support
- Soft delete
- Full encryption-in-transit support (for details see NFS security)
- Azure File Sync (only available for Windows clients, which NFS 4.1 does not support)
- East US (LRS and ZRS)
- East US 2
- West US 2
- West Europe
- Southeast Asia
- UK South
- Australia East (LRS and ZRS)
- France Central
Create a FileStorage account.
NFS shares can only be accessed from trusted networks. Connections to your NFS share must originate from one of the following sources:
If you intend to use the Azure CLI, install the latest version.
Register the NFS 4.1 protocol
If you're using the Azure PowerShell module or the Azure CLI, register your feature using the following commands:
Connect-AzAccount $context = Get-AzSubscription -SubscriptionId <yourSubscriptionIDHere> Set-AzContext $context Register-AzProviderFeature -FeatureName AllowNfsFileShares -ProviderNamespace Microsoft.Storage Register-AzResourceProvider -ProviderNamespace Microsoft.Storage
az login az feature register --name AllowNfsFileShares \ --namespace Microsoft.Storage \ --subscription <yourSubscriptionIDHere> az provider register --namespace Microsoft.Storage
Verify feature registration
Registration approval can take up to an hour. To verify that the registration is complete, use the following commands:
Get-AzProviderFeature -ProviderNamespace Microsoft.Storage -FeatureName AllowNfsFileShares
az feature show --name AllowNfsFileShares --namespace Microsoft.Storage --subscription <yourSubscriptionIDHere>
Verify storage account kind
Currently, only FileStorage accounts can create NFS shares.
To verify what kind of storage account you have, navigate to it in the Azure portal. Then, from your storage account, select Properties. From the properties blade, examine the value under Account kind, the value should be FileStorage.
Create an NFS share
Now that you have created a FileStorage account and configured the networking, you can create an NFS file share. The process is similar to creating an SMB share, you select NFS instead of SMB when creating the share.
Navigate to your storage account and select File shares.
Select + File share to create a new file share.
Name your file share, select a provisioned capacity.
For Protocol select NFS (preview).
For Root Squash make a selection.
- Root squash (default) - Access for the remote superuser (root) is mapped to UID (65534) and GID (65534).
- No root squash - Remote superuser (root) receives access as root.
- All squash - All user access is mapped to UID (65534) and GID (65534).
Now that you've created an NFS share, to use it you have to mount it on your Linux client. For details, see How to mount an NFS share.
If you experience any issues, see Troubleshoot Azure NFS file shares.