您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

规划 Azure 文件同步部署Planning for an Azure File Sync deployment

使用 Azure 文件同步,即可将组织的文件共享集中在 Azure 文件中,同时又不失本地文件服务器的灵活性、性能和兼容性。Use Azure File Sync to centralize your organization's file shares in Azure Files, while keeping the flexibility, performance, and compatibility of an on-premises file server. Azure 文件同步可将 Windows Server 转换为 Azure 文件共享的快速缓存。Azure File Sync transforms Windows Server into a quick cache of your Azure file share. 可以使用 Windows Server 上可用的任意协议本地访问数据,包括 SMB、NFS 和 FTPS。You can use any protocol that's available on Windows Server to access your data locally, including SMB, NFS, and FTPS. 并且可以根据需要在世界各地具有多个缓存。You can have as many caches as you need across the world.

本指南介绍有关 Azure 文件同步部署的重要注意事项。This article describes important considerations for an Azure File Sync deployment. 我们建议另外阅读规划 Azure 文件部署We recommend that you also read Planning for an Azure Files deployment.

备注

本文进行了更新,以便使用新的 Azure PowerShell Az 模块。This article has been updated to use the new Azure PowerShell Az module. 你仍然可以使用 AzureRM 模块,至少在 2020 年 12 月之前,它将继续接收 bug 修补程序。You can still use the AzureRM module, which will continue to receive bug fixes until at least December 2020. 若要详细了解新的 Az 模块和 AzureRM 兼容性,请参阅新 Azure Powershell Az 模块简介To learn more about the new Az module and AzureRM compatibility, see Introducing the new Azure PowerShell Az module. 有关 Az 模块安装说明,请参阅安装 Azure PowerShellFor Az module installation instructions, see Install Azure PowerShell.

Azure 文件同步的术语Azure File Sync terminology

在阅读 Azure 文件同步部署的规划详细信息之前,必须先了解术语。Before getting into the details of planning for an Azure File Sync deployment, it's important to understand the terminology.

存储同步服务Storage Sync Service

存储同步服务是 Azure 文件同步的顶级 Azure 资源。存储同步服务资源是存储帐户资源的对等物,可按类似方式部署到 Azure 资源组。The Storage Sync Service is the top-level Azure resource for Azure File Sync. The Storage Sync Service resource is a peer of the storage account resource, and can similarly be deployed to Azure resource groups. 由于存储同步服务可通过多个同步组创建与多个存储帐户的同步关系,因此需要从存储帐户资源中获得一个不同的顶级资源。A distinct top-level resource from the storage account resource is required because the Storage Sync Service can create sync relationships with multiple storage accounts via multiple sync groups. 一个订阅可部署有多个存储同步服务资源。A subscription can have multiple Storage Sync Service resources deployed.

同步组Sync group

同步组定义一组文件的同步拓扑。A sync group defines the sync topology for a set of files. 同步组中的终结点保持彼此同步。Endpoints within a sync group are kept in sync with each other. 例如,如果想使用 Azure 文件同步管理两组不同文件,需创建两个同步组并在每个同步组中添加不同的终结点。If, for example, you have two distinct sets of files that you want to manage with Azure File Sync, you would create two sync groups and add different endpoints to each sync group. 存储同步服务可承载任意数量的同步组。A Storage Sync Service can host as many sync groups as you need.

已注册服务器Registered server

已注册服务器对象表示服务器(或群集)与存储同步服务之间的信任关系。The registered server object represents a trust relationship between your server (or cluster) and the Storage Sync Service. 可在存储同步服务实例中随意注册任意数量的服务器。You can register as many servers to a Storage Sync Service instance as you want. 但是,每次只能将服务器(或群集)注册到一个存储同步服务。However, a server (or cluster) can be registered with only one Storage Sync Service at a time.

Azure 文件同步代理Azure File Sync agent

Azure 文件同步代理是一个可下载包,可实现 Windows 服务器与 Azure 文件共享的同步。The Azure File Sync agent is a downloadable package that enables Windows Server to be synced with an Azure file share. Azure 文件同步代理包含 3 个主要组件:The Azure File Sync agent has three main components:

  • FileSyncSvc.exe:后台 Windows 服务,负责监视服务器终结点的更改并启动到 Azure 的同步会话。FileSyncSvc.exe: The background Windows service that is responsible for monitoring changes on server endpoints, and for initiating sync sessions to Azure.
  • StorageSync.sys:Azure 文件同步系统筛选器,负责将文件分层存入 Azure 文件(若云分层已启用)。StorageSync.sys: The Azure File Sync file system filter, which is responsible for tiering files to Azure Files (when cloud tiering is enabled).
  • PowerShell 管理 cmdlet:PowerShell cmdlet,用于与 Microsoft.StorageSync Azure 资源提供程序进行交互。PowerShell management cmdlets: PowerShell cmdlets that you use to interact with the Microsoft.StorageSync Azure resource provider. 可在以下位置(默认位置)找到这些文件:You can find these at the following (default) locations:
    • C:\Program Files\Azure\StorageSyncAgent\StorageSync.Management.PowerShell.Cmdlets.dllC:\Program Files\Azure\StorageSyncAgent\StorageSync.Management.PowerShell.Cmdlets.dll
    • C:\Program Files\Azure\StorageSyncAgent\StorageSync.Management.ServerCmdlets.dllC:\Program Files\Azure\StorageSyncAgent\StorageSync.Management.ServerCmdlets.dll

服务器终结点Server endpoint

服务器终结点代表已注册服务器上的特定位置,例如服务器卷中的文件夹。A server endpoint represents a specific location on a registered server, such as a folder on a server volume. 如果命名空间不重叠(例如 F:\sync1F:\sync2),多个服务器终结点可存在于同一个卷。Multiple server endpoints can exist on the same volume if their namespaces do not overlap (for example, F:\sync1 and F:\sync2). 可为每个服务器终结点单独配置云分层策略。You can configure cloud tiering policies individually for each server endpoint.

你可以通过装入点创建服务器终结点。You can create a server endpoint via a mountpoint. 请注意,服务器终结点中的装入点将被跳过。Note, mountpoints within the server endpoint are skipped.

你可以在系统卷上创建服务器终结点,但这样做有两个限制:You can create a server endpoint on the system volume but, there are two limitations if you do so:

  • 无法启用云分层。Cloud tiering cannot be enabled.
  • 不执行快速命名空间还原(其中系统快速关闭整个命名空间,然后启动以撤回内容)。Rapid namespace restore (where the system quickly brings down the entire namespace and then starts to recall content) is not performed.

备注

仅支持不可删除的卷。Only non-removable volumes are supported. 服务器终结点路径不支持通过远程共享映射的驱动器。Drives mapped from a remote share are not supported for a server endpoint path. 此外,服务器终结点可能位于 Windows 系统卷,然而系统卷上不支持云分层。In addition, a server endpoint may be located on the Windows system volume though cloud tiering is not supported on the system volume.

如果将带一组现有文件的服务器位置作为服务器终结点添加到同步组,则这些文件将与同步组中其他终结点上已有的任何其他文件进行合并。If you add a server location that has an existing set of files as a server endpoint to a sync group, those files are merged with any other files that are already on other endpoints in the sync group.

云终结点Cloud endpoint

云终结点是一个 Azure 文件共享,它属于同步组。A cloud endpoint is an Azure file share that is part of a sync group. 整个 Azure 文件共享同步和 Azure 文件共享只能属于一个云终结点。The entire Azure file share syncs, and an Azure file share can be a member of only one cloud endpoint. 因此,Azure 文件共享只能是一个同步组的成员。Therefore, an Azure file share can be a member of only one sync group. 如果将带一组现有文件的 Azure 文件共享作为云终结点添加到同步组中,则现有文件将与同步组中其他终结点上已有的任何其他文件进行合并。If you add an Azure file share that has an existing set of files as a cloud endpoint to a sync group, the existing files are merged with any other files that are already on other endpoints in the sync group.

重要

Azure 文件同步支持直接对 Azure 文件共享进行更改。Azure File Sync supports making changes to the Azure file share directly. 但是,首先需要通过 Azure 文件同步更改检测作业来发现对 Azure 文件共享进行的更改。However, any changes made on the Azure file share first need to be discovered by an Azure File Sync change detection job. 每 24 小时仅针对云终结点启动一次更改检测作业。A change detection job is initiated for a cloud endpoint only once every 24 hours. 此外,通过 REST 协议对 Azure 文件共享所做的更改将不会更新 SMB 上次修改时间,亦不会被视为同步更改。有关详细信息,请参阅 Azure 文件常见问题解答In addition, changes made to an Azure file share over the REST protocol will not update the SMB last modified time and will not be seen as a change by sync. For more information, see Azure Files frequently asked questions.

云分层Cloud tiering

云分层是 Azure 文件同步的一项可选功能,其中经常访问的文件在服务器本地缓存,而所有其他文件根据策略设置分层到 Azure 文件。Cloud tiering is an optional feature of Azure File Sync in which frequently accessed files are cached locally on the server while all other files are tiered to Azure Files based on policy settings. 有关详细信息,请参阅了解云分层For more information, see Understanding Cloud Tiering.

Azure 文件同步系统要求和互操作性Azure File Sync system requirements and interoperability

本部分介绍了 Azure 文件同步代理的系统要求以及与 Windows Server 功能和角色以及第三方解决方案的互操作性。This section covers Azure File Sync agent system requirements and interoperability with Windows Server features and roles and third-party solutions.

评估 cmdletEvaluation cmdlet

在部署 Azure 文件同步之前, 你应该使用 Azure 文件同步评估 cmdlet 评估它是否与你的系统兼容。Before deploying Azure File Sync, you should evaluate whether it is compatible with your system using the Azure File Sync evaluation cmdlet. 此 cmdlet 将检查文件系统和数据集的潜在问题, 例如不受支持的字符或不受支持的操作系统版本。This cmdlet checks for potential issues with your file system and dataset, such as unsupported characters or an unsupported OS version. 请注意,其检查涵盖了下面提到的大多数但并非全部功能;建议你仔细读完本部分的剩余内容,以确保你的部署顺利进行。Note that its checks cover most but not all of the features mentioned below; we recommend you read through the rest of this section carefully to ensure your deployment goes smoothly.

可以通过安装 Az PowerShell 模块来安装评估 cmdlet, 该模块可按照此处的说明进行安装:安装和配置 Azure PowerShellThe evaluation cmdlet can be installed by installing the Az PowerShell module, which can be installed by following the instructions here: Install and configure Azure PowerShell.

用法Usage

可以采用以下多种不同的方式调用评估工具:可以执行系统检查、数据集检查或者同时执行这两种检查。You can invoke the evaluation tool in a few different ways: you can perform the system checks, the dataset checks, or both. 若要同时执行系统和数据集检查,请使用以下命令:To perform both the system and dataset checks:

    Invoke-AzStorageSyncCompatibilityCheck -Path <path>

若要仅测试数据集,请使用以下命令:To test only your dataset:

    Invoke-AzStorageSyncCompatibilityCheck -Path <path> -SkipSystemChecks

若要仅测试系统要求,请使用以下命令:To test system requirements only:

    Invoke-AzStorageSyncCompatibilityCheck -ComputerName <computer name>

若要以 CSV 格式显示结果,请使用以下命令:To display the results in CSV:

    $errors = Invoke-AzStorageSyncCompatibilityCheck […]
    $errors | Select-Object -Property Type, Path, Level, Description | Export-Csv -Path <csv path>

系统要求System Requirements

  • 运行 Windows Server 2012 R2、Windows Server 2016 或 Windows Server 2019 的服务器:A server running Windows Server 2012 R2, Windows Server 2016 or Windows Server 2019:

    VersionVersion 支持的 SKUSupported SKUs 支持的部署选项Supported deployment options
    Windows Server 2019Windows Server 2019 数据中心和标准版Datacenter and Standard 完整和核心Full and Core
    Windows Server 2016Windows Server 2016 数据中心和标准版Datacenter and Standard 完整和核心Full and Core
    Windows Server 2012 R2Windows Server 2012 R2 数据中心和标准版Datacenter and Standard 完整和核心Full and Core

    将来的 Windows Server 版本将在发布后添加。Future versions of Windows Server will be added as they are released.

    重要

    我们建议使用 Windows 更新提供的最新更新,将用于 Azure 文件同步的所有服务器保持最新。We recommend keeping all servers that you use with Azure File Sync up to date with the latest updates from Windows Update.

  • 最少具有 2 GiB 内存的服务器。A server with a minimum of 2 GiB of memory.

    重要

    如果服务器在启用了动态内存的虚拟机中运行,则至少应当为该 VM 配置 2048 MiB 内存。If the server is running in a virtual machine with dynamic memory enabled, the VM should be configured with a minimum 2048 MiB of memory.

  • 使用 NTFS 文件系统进行了格式化的本地附加卷。A locally attached volume formatted with the NTFS file system.

文件系统功能File system features

功能Feature 支持状态Support status 说明Notes
访问控制列表 (ACL)Access control lists (ACLs) 完全支持Fully supported Windows ACL 由 Azure 文件同步进行保留,并由 Windows Server 在服务器终结点上强制实施。Windows ACLs are preserved by Azure File Sync, and are enforced by Windows Server on server endpoints. 如果直接在云中访问文件,则 Azure 文件不(尚不)支持 Windows ACL。Windows ACLs are not (yet) supported by Azure Files if files are accessed directly in the cloud.
硬链接Hard links 已跳过Skipped
符号链接Symbolic links 已跳过Skipped
装入点Mount points 部分支持Partially supported 装入点可能是服务器终结点的根,但如果包含在服务器终结点的命名空间内,则跳过此装入点。Mount points might be the root of a server endpoint, but they are skipped if they are contained in a server endpoint's namespace.
交接点Junctions 已跳过Skipped 例如,分布式文件系统中的 DfrsrPrivate 和 DFSRoots 文件夹。For example, Distributed File System DfrsrPrivate and DFSRoots folders.
重分析点Reparse points 已跳过Skipped
NTFS 压缩NTFS compression 完全支持Fully supported
稀疏文件Sparse files 完全支持Fully supported 稀疏文件会进行同步(不受阻),但作为完整文件同步到云。Sparse files sync (are not blocked), but they sync to the cloud as a full file. 如果在云中(或在其他服务器上)更改文件内容,则下载更改时,文件不再是稀疏文件。If the file contents change in the cloud (or on another server), the file is no longer sparse when the change is downloaded.
备用数据流 (ADS)Alternate Data Streams (ADS) 保留但不同步Preserved, but not synced 例如,由文件分类基础结构创建的分类标记就不会同步。For example, classification tags created by the File Classification Infrastructure are not synced. 每个服务器终结点的文件上的现有分类标记都保留不变。Existing classification tags on files on each of the server endpoints are left untouched.

备注

仅支持 NTFS 卷。Only NTFS volumes are supported. 不支持 ReFS、FAT、FAT32 及其他文件系统。ReFS, FAT, FAT32, and other file systems are not supported.

跳过的文件Files skipped

文件/文件夹File/folder 注释Note
Desktop.iniDesktop.ini 特定于系统的文件File specific to system
ethumbs.db$ethumbs.db$ 缩略图的临时文件Temporary file for thumbnails
~$*.*~$*.* Office 临时文件Office temporary file
*.tmp*.tmp 临时文件Temporary file
*.laccdb*.laccdb Access DB 锁定文件Access DB locking file
635D02A9D91C401B97884B82B3BCDAEA.*635D02A9D91C401B97884B82B3BCDAEA.* 内部同步文件Internal Sync file
\系统卷信息\System Volume Information 特定于卷的文件夹Folder specific to volume
$RECYCLE.BIN$RECYCLE.BIN 文件夹Folder
\SyncShareState\SyncShareState 用于同步的文件夹Folder for Sync

故障转移群集Failover Clustering

Windows Server 故障转移群集受 Azure 文件同步支持,用于“一般用途文件服务器”部署选项。Windows Server Failover Clustering is supported by Azure File Sync for the "File Server for general use" deployment option. 不可在“适用于应用程序数据的横向扩展文件服务器”(SOFS) 或群集共享卷 (CSV) 上使用故障转移群集。Failover Clustering is not supported on "Scale-Out File Server for application data" (SOFS) or on Clustered Shared Volumes (CSVs).

备注

必须在故障转移群集中的每个节点上安装 Azure 文件同步代理,才能正常进行同步。The Azure File Sync agent must be installed on every node in a Failover Cluster for sync to work correctly.

重复数据删除Data Deduplication

代理版本5.0.2.0 或更高版本 Agent version 5.0.2.0 or newer
Windows Server 2016 和 Windows Server 2019 上启用了云分层的卷支持重复数据删除。Data Deduplication is supported on volumes with cloud tiering enabled on Windows Server 2016 and Windows Server 2019. 启用启用了云分层的卷上的重复数据删除可让你在本地缓存更多文件, 而无需预配更多存储。Enabling Data Deduplication on a volume with cloud tiering enabled lets you cache more files on-premises without provisioning more storage.

在启用了云分层的卷上启用重复数据删除时, 将根据云分层策略设置, 将服务器终结点位置中的重复数据删除优化后的文件与普通文件类似。When Data Deduplication is enabled on a volume with cloud tiering enabled, Dedup optimized files within the server endpoint location will be tiered similar to a normal file based on the cloud tiering policy settings. 将重复数据删除优化文件分层后, 重复数据删除垃圾回收作业将自动运行, 以通过删除卷上的其他文件不再引用的不必要的区块来回收磁盘空间。Once the Dedup optimized files have been tiered, the Data Deduplication garbage collection job will run automatically to reclaim disk space by removing unnecessary chunks that are no longer referenced by other files on the volume.

请注意, 卷节省仅适用于服务器;Azure 文件共享中的数据将不会被重复数据。Note the volume savings only apply to the server; your data in the Azure file share will not be deduped.

Windows Server 2012 R2 或之前的代理版本Windows Server 2012 R2 or older agent versions
对于未启用云分层的卷,Azure 文件同步支持在卷上启用 Windows Server 重复数据删除。For volumes that don't have cloud tiering enabled, Azure File Sync supports Windows Server Data Deduplication being enabled on the volume.

说明Notes

  • 如果在安装 Azure 文件同步代理之前安装了重复数据删除, 则需要重新启动以支持在同一卷上进行重复数据删除和云分层。If Data Deduplication is installed prior to installing the Azure File Sync agent, a restart is required to support Data Deduplication and cloud tiering on the same volume.

  • 如果在启用云分层之后在卷上启用了重复数据删除, 则初始重复数据删除优化作业将优化尚未分层的卷上的文件, 并将对云分层产生以下影响:If Data Deduplication is enabled on a volume after cloud tiering is enabled, the initial Deduplication optimization job will optimize files on the volume which are not already tiered and will have the following impact on cloud tiering:

    • 可用空间策略将根据卷上的可用空间, 使用热度地图继续对文件进行分层。Free space policy will continue to tier files as per the free space on the volume by using the heatmap.
    • 由于对文件进行重复数据删除优化作业, 日期策略将跳过可能已有资格进行分层的文件分层。Date policy will skip tiering of files that may have been otherwise eligible for tiering due to the Deduplication optimization job accessing the files.
  • 对于正在进行的重复数据删除优化作业, 如果尚未对文件进行分层, 则使用日期策略MinimumFileAgeDays的云分层将会延迟。For ongoing Deduplication optimization jobs, cloud tiering with date policy will get delayed by the Data Deduplication MinimumFileAgeDays setting, if the file is not already tiered.

    • 例如:如果 MinimumFileAgeDays 设置为7天, 而云分层日期策略为30天, 则日期策略将在37天后对文件进行分级。Example: If the MinimumFileAgeDays setting is 7 days and cloud tiering date policy is 30 days, the date policy will tier files after 37 days.
    • 注意:Azure 文件同步对文件进行分层后, 重复数据删除优化作业将跳过该文件。Note: Once a file is tiered by Azure File Sync, the Deduplication optimization job will skip the file.
  • 如果运行 Windows Server 2012 R2 的服务器将安装 Azure 文件同步代理升级到 Windows Server 2016 或 Windows Server 2019, 则必须执行以下步骤以支持在同一卷上进行重复数据删除和云分层:If a server running Windows Server 2012 R2 with the Azure File Sync agent installed is upgraded to Windows Server 2016 or Windows Server 2019, the following steps must be performed to support Data Deduplication and cloud tiering on the same volume:

    • 卸载适用于 Windows Server 2012 R2 的 Azure 文件同步代理并重新启动服务器。Uninstall the Azure File Sync agent for Windows Server 2012 R2 and restart the server.
    • 下载新服务器操作系统版本 (Windows Server 2016 或 Windows Server 2019) 的 Azure 文件同步代理。Download the Azure File Sync agent for the new server OS version (Windows Server 2016 or Windows Server 2019).
    • 安装 Azure 文件同步代理并重新启动服务器。Install the Azure File Sync agent and restart the server.

    注意:卸载并重新安装代理时, 会保留服务器上的 Azure 文件同步配置设置。Note: The Azure File Sync configuration settings on the server are retained when the agent is uninstalled and reinstalled.

分布式文件系统 (DFS)Distributed File System (DFS)

Azure 文件同步支持与 DFS 命名空间 (DFS-N) 和 DFS 复制 (DFS-R) 进行互操作。Azure File Sync supports interop with DFS Namespaces (DFS-N) and DFS Replication (DFS-R).

DFS 命名空间 (DFS-N) :Azure 文件同步在 DFS-N 服务器上完全受支持。DFS Namespaces (DFS-N): Azure File Sync is fully supported on DFS-N servers. 可以在一个或多个 DFS-N 成员上安装 Azure 文件同步代理,以在服务器终结点与云终结点之间同步数据。You can install the Azure File Sync agent on one or more DFS-N members to sync data between the server endpoints and the cloud endpoint. 有关详细信息,请参阅 DFS 命名空间概述For more information, see DFS Namespaces overview.

DFS 复制 (DFS-R) :因为 DFS-R 和 Azure 文件同步都是复制解决方案,所以在大多数情况下建议将 DFS-R 替换为 Azure 文件同步。不过在以下几个方案中,可能需要同时使用 DFS-R 和 Azure 文件同步:DFS Replication (DFS-R): Since DFS-R and Azure File Sync are both replication solutions, in most cases, we recommend replacing DFS-R with Azure File Sync. There are however several scenarios where you would want to use DFS-R and Azure File Sync together:

  • 从 DFS-R 部署迁移至 Azure 文件同步部署。You are migrating from a DFS-R deployment to an Azure File Sync deployment. 有关详细信息,请参阅将 DFS 复制 (DFS-R) 部署迁移至 Azure 文件同步For more information, see Migrate a DFS Replication (DFS-R) deployment to Azure File Sync.
  • 并非需要文件数据副本的每个本地服务器都可以直接连接至 Internet。Not every on-premises server which needs a copy of your file data can be connected directly to the internet.
  • 分支服务器将数据合并至单个中心服务器,你希望在该服务器中使用 Azure 文件同步。Branch servers consolidate data onto a single hub server, for which you would like to use Azure File Sync.

对于 Azure 文件同步和 DFS-R 并行工作的情况:For Azure File Sync and DFS-R to work side-by-side:

  1. 必须在包含 DFS-R 复制文件夹的卷上禁用 Azure 文件同步云分层。Azure File Sync cloud tiering must be disabled on volumes with DFS-R replicated folders.
  2. 不应在 DFS-R 只读复制文件夹上配置服务器终结点。Server endpoints should not be configured on DFS-R read-only replication folders.

有关详细信息,请参阅 DFS 复制概述For more information, see DFS Replication overview.

SysprepSysprep

不支持在安装了 Azure 文件同步代理的服务器上使用 sysprep,那样做会导致意外结果。Using sysprep on a server which has the Azure File Sync agent installed is not supported and can lead to unexpected results. 应该在部署服务器映像并完成 sysprep 迷你安装后再安装代理和注册服务器。Agent installation and server registration should occur after deploying the server image and completing sysprep mini-setup.

如果在服务器终结点上启用了云分层功能,则已分层的文件将被跳过,并且不会由 Windows 搜索进行索引。If cloud tiering is enabled on a server endpoint, files that are tiered are skipped and not indexed by Windows Search. 非分层文件会适当进行索引。Non-tiered files are indexed properly.

防病毒解决方案Antivirus solutions

由于防病毒通过扫描文件中的已知恶意代码进行工作,因此防病毒产品可能导致重新调用分层文件。Because antivirus works by scanning files for known malicious code, an antivirus product might cause the recall of tiered files. 在 Azure 文件同步代理 4.0 及更高版本中,分层文件已设置安全 Windows 属性 FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS。In versions 4.0 and above of the Azure File Sync agent, tiered files have the secure Windows attribute FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS set. 我们建议你咨询软件供应商,以了解如何配置其解决方案以跳过读取已设置此属性的文件(许多解决方案会自动执行此操作)。We recommend consulting with your software vendor to learn how to configure their solution to skip reading files with this attribute set (many do it automatically).

Microsoft 的内部防病毒解决方案 Windows Defender 和 System Center Endpoint Protection (SCEP) 都会自动跳过读取设有此属性的文件。Microsoft's in-house antivirus solutions, Windows Defender and System Center Endpoint Protection (SCEP), both automatically skip reading files that have this attribute set. 我们已对这两个解决方案进行了测试并发现了一个小问题:向现有的同步组添加服务器时,在新服务器上会重新调用(下载)小于 800 字节的文件。We have tested them and identified one minor issue: when you add a server to an existing sync group, files smaller than 800 bytes are recalled (downloaded) on the new server. 这些文件将保留在新服务器上并且不会分层,因为它们不符合分层大小要求 (> 64kb)。These files will remain on the new server and will not be tiered since they do not meet the tiering size requirement (>64kb).

备注

防病毒供应商可以使用Azure 文件同步的防病毒兼容性测试套件(可从 Microsoft 下载中心下载) 来检查其产品与 Azure 文件同步之间的兼容性。Antivirus vendors can check compatibility between their product and Azure File Sync using the Azure File Sync Antivirus Compatibility Test Suite, which is available for download on the Microsoft Download Center.

备份解决方案Backup solutions

与防病毒解决方案一样,备份解决方案可能导致重新调用分层文件。Like antivirus solutions, backup solutions might cause the recall of tiered files. 建议使用云备份解决方案来备份 Azure文件共享,而不是使用本地备份产品。We recommend using a cloud backup solution to back up the Azure file share instead of an on-premises backup product.

如果使用的是本地备份解决方案,则应在已禁用云分层的同步组中的服务器上执行备份。If you are using an on-premises backup solution, backups should be performed on a server in the sync group which has cloud tiering disabled. 执行还原时,使用卷级别或文件级还原选项。When performing a restore, use the volume-level or file-level restore options. 使用文件级别还原选项还原的文件将同步到同步组中的所有终结点,现有文件将被替换为从备份还原的版本。Files restored using the file-level restore option will be synced to all endpoints in the sync group and existing files will be replaced with the version restored from backup. 卷级别的还原不会替换 Azure 文件共享或其他服务器终结点中较新的文件版本。Volume-level restores will not replace newer file versions in the Azure file share or other server endpoints.

备注

祼机 (BMR) 还原可能会导致意外的结果且当前不受支持。Bare-metal (BMR) restore can cause unexpected results and is not currently supported.

备注

启用了云分层的卷当前不支持 VSS 快照(包括“以前的版本”选项卡)。VSS snapshots (including Previous Versions tab) are not currently supported on volumes which have cloud tiering enabled. 如果启用了云分层,请使用 Azure 文件共享快照从备份还原文件。If cloud tiering is enabled, use the Azure file share snapshots to restore a file from backup.

加密解决方案Encryption solutions

是否支持加密解决方案取决于其实现方式。Support for encryption solutions depends on how they are implemented. Azure 文件同步现支持:Azure File Sync is known to work with:

  • BitLocker 加密BitLocker encryption
  • Azure 信息保护、Azure Rights Management Services (Azure RMS) 以及 Active Directory RMSAzure Information Protection, Azure Rights Management Services (Azure RMS), and Active Directory RMS

Azure 文件同步现不支持:Azure File Sync is known not to work with:

  • NTFS 加密文件系统 (EFS)NTFS Encrypted File System (EFS)

一般情况下,Azure 文件同步应该支持与文件系统下的加密解决方案(如 BitLocker)以及在文件格式中实现的解决方案(如 Azure 信息保护)进行互操作。In general, Azure File Sync should support interoperability with encryption solutions that sit below the file system, such as BitLocker, and with solutions that are implemented in the file format, such as Azure Information Protection. 不与文件系统上的解决方案(如 NTFS EFS)进行特殊的互操作。No special interoperability has been made for solutions that sit above the file system (like NTFS EFS).

其他分层存储管理 (HSM) 解决方案Other Hierarchical Storage Management (HSM) solutions

其他 HSM 解决方案均无法使用 Azure 文件同步。No other HSM solutions should be used with Azure File Sync.

适用地区Region availability

Azure 文件同步仅在以下区域中可用:Azure File Sync is available only in the following regions:

地区Region 数据中心位置Datacenter location
澳大利亚东部Australia East New South WalesNew South Wales
澳大利亚东南部Australia Southeast VictoriaVictoria
巴西南部Brazil South 圣保罗州Sao Paulo State
加拿大中部Canada Central 多伦多Toronto
加拿大东部Canada East 魁北克市Quebec City
印度中部Central India 浦那Pune
美国中部Central US IowaIowa
东亚East Asia 香港特别行政区Hong Kong SAR
East USEast US VirginiaVirginia
美国东部 2East US2 VirginiaVirginia
法国中部France Central 巴黎Paris
法国南部 *France South* 马赛Marseille
韩国中部Korea Central SeoulSeoul
韩国Korea South BusanBusan
日本东部Japan East 东京都埼玉县Tokyo, Saitama
日本西部Japan West 大阪Osaka
美国中北部North Central US IllinoisIllinois
北欧North Europe 爱尔兰Ireland
南非北部South Africa North 约翰内斯堡Johannesburg
南非西部 *South Africa West* 开普敦Cape Town
美国中南部South Central US TexasTexas
印度南部South India 金奈Chennai
东南亚Southeast Asia 新加坡Singapore
英国南部UK South 伦敦London
英国西部UK West 加的夫Cardiff
US Gov 亚利桑那州US Gov Arizona 亚利桑那Arizona
US Gov 德克萨斯州US Gov Texas TexasTexas
US Gov 弗吉尼亚州US Gov Virginia VirginiaVirginia
西欧West Europe 荷兰Netherlands
美国中西部West Central US WyomingWyoming
美国西部West US CaliforniaCalifornia
美国西部 2West US 2 WashingtonWashington

Azure 文件同步仅支持与存储同步服务所在区域中的 Azure 文件共享进行同步。Azure File Sync supports syncing only with an Azure file share that's in the same region as the Storage Sync Service.

对于用星号标记的区域, 必须与 Azure 支持部门联系, 请求访问这些区域中的 Azure 存储。For the regions marked with asterisks, you must contact Azure Support to request access to Azure Storage in those regions. 本文档概述了此过程。The process is outlined in this document.

Azure 灾难恢复Azure disaster recovery

为了防止 Azure 区域丢失,Azure 文件同步集成了异地冗余存储冗余 (GRS) 选项。To protect against the loss of an Azure region, Azure File Sync integrates with the geo-redundant storage redundancy (GRS) option. GRS 存储的工作原理是在主要区域中的存储(你通常与之交互)和配对次要区域中的存储之间使用异步块复制。GRS storage works by using asynchronous block replication between storage in the primary region, with which you normally interact, and storage in the paired secondary region. 发生导致 Azure 区域暂时或永久脱机的灾难时,Microsoft 会将存储故障转移到配对区域。In the event of a disaster which causes an Azure region to go temporarily or permanently offline, Microsoft will failover storage to the paired region.

警告

如果在 GRS 存储帐户中使用 Azure 文件共享作为云终结点,则不应启动存储帐户故障转移。If you are using your Azure file share as a cloud endpoint in a GRS storage account, you shouldn't initiate storage account failover. 执行此操作将导致同步停止工作,并且还可能导致新分层的文件出现意外数据丢失。Doing so will cause sync to stop working and may also cause unexpected data loss in the case of newly tiered files. 对于 Azure 区域丢失,Microsoft 会以与 Azure 文件同步兼容的方式触发存储帐户故障转移。In the case of loss of an Azure region, Microsoft will trigger the storage account failover in a way that is compatible with Azure File Sync.

为了支持异地冗余存储和 Azure 文件同步之间的故障转移集成,所有 Azure 文件同步区域都与一个与存储使用的次要区域匹配的次要区域配对。To support the failover integration between geo-redundant storage and Azure File Sync, all Azure File Sync regions are paired with a secondary region that matches the secondary region used by storage. 这些配对如下所示:These pairs are as follows:

主要区域Primary region 配对区域Paired region
澳大利亚东部Australia East 澳大利亚东南部Australia Southeast
澳大利亚东南部Australia Southeast 澳大利亚东部Australia East
巴西南部Brazil South 美国中南部South Central US
加拿大中部Canada Central 加拿大东部Canada East
加拿大东部Canada East 加拿大中部Canada Central
印度中部Central India 印度南部South India
美国中部Central US 美国东部 2East US 2
东亚East Asia 东南亚Southeast Asia
East USEast US 美国西部West US
美国东部 2East US 2 美国中部Central US
法国中部France Central 法国南部France South
法国南部France South 法国中部France Central
日本东部Japan East 日本西部Japan West
日本西部Japan West 日本东部Japan East
韩国中部Korea Central 韩国Korea South
韩国Korea South 韩国中部Korea Central
北欧North Europe 西欧West Europe
美国中北部North Central US 美国中南部South Central US
南非北部South Africa North 南非西部South Africa West
南非西部South Africa West 南非北部South Africa North
美国中南部South Central US 美国中北部North Central US
印度南部South India 印度中部Central India
东南亚Southeast Asia 东亚East Asia
英国南部UK South 英国西部UK West
英国西部UK West 英国南部UK South
US Gov 亚利桑那州US Gov Arizona US Gov 德克萨斯州US Gov Texas
US Gov 爱荷华州US Gov Iowa US Gov 弗吉尼亚州US Gov Virginia
US Gov 弗吉尼亚州US Gov Virginia US Gov 德克萨斯州US Gov Texas
西欧West Europe 北欧North Europe
美国中西部West Central US 美国西部 2West US 2
美国西部West US East USEast US
美国西部 2West US 2 美国中西部West Central US

Azure 文件同步代理更新策略Azure File Sync agent update policy

Azure 文件同步代理将定期更新,以便添加新功能和解决问题。The Azure File Sync agent is updated on a regular basis to add new functionality and to address issues. 建议配置 Microsoft 更新,以便在 Azure 文件同步代理更新发布时获得这些更新。We recommend you configure Microsoft Update to get updates for the Azure File Sync agent as they're available.

主要与次要代理版本Major vs. minor agent versions

  • 主要代理版本通常包含新的功能,并且版本号的第一个组成部分会递增。Major agent versions often contain new features and have an increasing number as the first part of the version number. 例如:2.*.***For example: *2.*.**
  • 次要代理版本也称为“修补”,其发布频率高于主要版本。Minor agent versions are also called "patches" and are released more frequently than major versions. 它们通常包含 bug 修复和小幅的改进,但不包含新功能。They often contain bug fixes and smaller improvements but no new features. 例如:**.3.**For example: **.3.**

升级路径Upgrade paths

可以通过四种经过批准和测试的方法来安装 Azure 文件同步代理更新。There are four approved and tested ways to install the Azure File Sync agent updates.

  1. (首选)将 Microsoft 更新配置为自动下载并安装代理更新。(Preferred) Configure Microsoft Update to automatically download and install agent updates.
    我们始终建议安装每项 Azure 文件同步更新,确保能够访问服务器代理的最新修补程序。We always recommend taking every Azure File Sync update to ensure you have access to the latest fixes for the server agent. Microsoft 更新会自动下载并安装这些更新,以无缝完成此过程。Microsoft Update makes this process seamless, by automatically downloading and installing updates for you.
  2. 使用 AfsUpdater.exe 下载并安装代理更新。Use AfsUpdater.exe to download and install agent updates.
    AfsUpdater.exe 位于代理安装目录中。The AfsUpdater.exe is located in the agent installation directory. 双击可执行文件可下载并安装代理更新。Double-click the executable to download and install agent updates.
  3. 使用 Microsoft 更新修补文件或 .msp 可执行文件修补现有的 Azure 文件同步代理。可以从 Microsoft 更新目录下载最新的 Azure 文件同步更新包。Patch an existing Azure File Sync agent by using a Microsoft Update patch file, or a .msp executable. The latest Azure File Sync update package can be downloaded from the Microsoft Update Catalog.
    运行 .msp 可执行文件将会升级 Azure 文件同步安装,所用的方法与上述升级路径中 Microsoft 更新使用的自动方法相同。Running a .msp executable will upgrade your Azure File Sync installation with the same method used automatically by Microsoft Update in the previous upgrade path. 应用 Microsoft 更新修补程序会就地升级 Azure 文件同步安装。Applying a Microsoft Update patch will perform an in-place upgrade of an Azure File Sync installation.
  4. Microsoft 下载中心下载最新的 Azure 文件同步 agent 安装程序。Download the newest Azure File Sync agent installer from the Microsoft Download Center.
    若要升级现有的 Azure 文件同步代理安装,请卸载旧版本,然后使用下载的安装程序安装最新版本。To upgrade an existing Azure File Sync agent installation, uninstall the older version and then install the latest version from the downloaded installer. 服务器注册、同步组和其他任何设置由 Azure 文件同步安装程序维护。The server registration, sync groups, and any other settings are maintained by the Azure File Sync installer.

自动代理生命周期管理Automatic agent lifecycle management

使用代理版本 6, 文件同步团队引入了一个代理自动升级功能。With agent version 6, the file sync team has introduced an agent auto-upgrade feature. 你可以选择两种模式之一, 并指定要在其上尝试在服务器上进行升级的维护时段。You can select either of two modes and specify a maintenance window in which the upgrade shall be attempted on the server. 此功能旨在帮助你实现代理生命周期管理, 方法是提供一个 guardrail, 以防止代理过期或允许无障碍, 并保持最新的设置。This feature is designed to help you with the agent lifecycle management by either providing a guardrail preventing your agent from expiration or allowing for a no-hassle, stay current setting.

  1. 默认设置将尝试防止代理过期。The default setting will attempt to prevent the agent from expiration. 在代理的发布到期日期21天内, 代理将尝试自行升级。Within 21 days of the posted expiration date of an agent, the agent will attempt to self-upgrade. 它将在过期之前的21天内, 一周内开始升级一次, 并在选定的维护时段内升级一次。It will start an attempt to upgrade once a week within 21 days prior to expiration and in the selected maintenance window. 此选项不会消除定期 Microsoft 更新修补程序的需求。This option does not eliminate the need for taking regular Microsoft Update patches.
  2. 或者, 你可以选择在新代理版本可用时 (当前不适用于群集服务器), 代理将自动自动升级。Optionally, you can select that the agent will automatically upgrade itself as soon as a new agent version becomes available (currently not applicable to clustered servers). 此更新将在选定的维护时段内发生, 并使你的服务器能够在公开发布后立即受益于新功能和改进。This update will occur during the selected maintenance window and allow your server to benefit from new features and improvements as soon as they become generally available. 这是建议的无需担心的设置, 它将为你的服务器提供主要代理版本以及定期更新修补程序。This is the recommended, worry-free setting that will provide major agent versions as well as regular update patches to your server. 每个发布的代理都处于 GA 质量。Every agent released is at GA quality. 如果选择此选项, Microsoft 将向你飞行最新的代理版本。If you select this option, Microsoft will flight the newest agent version to you. 排除群集服务器。Clustered servers are excluded. 试验完成后, 代理也将在Microsoft 下载中心aka.ms/AFS/agent 上变为可用。Once flighting is complete, the agent will also become available on Microsoft Download Center aka.ms/AFS/agent.
更改自动升级设置Changing the auto-upgrade setting

以下说明介绍了在完成安装程序后如何更改设置 (如果需要进行更改)。The following instructions describe how to change the settings after you've completed the installer, if you need to make changes.

打开 shell 并导航到安装了同步代理的目录, 然后导入服务器 cmdlet, 默认情况下如下所示:Open a shell and navigate to the directory where you installed the sync agent then import the server cmdlets, by default this would look something like this:

cd C:\Program Files\Azure\StorageSyncAgent

ipmo .\StorageSync.Management.ServerCmdlets.dll

您可以运行Get-StorageSyncAgentAutoUpdatePolicy来检查当前策略设置并确定是否要对其进行更改。You can run Get-StorageSyncAgentAutoUpdatePolicy to check the current policy setting and determine if you want to change it.

若要将当前策略设置更改为延迟更新跟踪, 你可以使用:Set-StorageSyncAgentAutoUpdatePolicy -PolicyMode UpdateBeforeExpirationTo change the current policy setting to the delayed update track, you can use: Set-StorageSyncAgentAutoUpdatePolicy -PolicyMode UpdateBeforeExpiration

若要将当前策略设置更改为立即更新跟踪, 你可以使用:Set-StorageSyncAgentAutoUpdatePolicy -PolicyMode InstallLatestTo change the current policy setting to the immediate update track, you can use: Set-StorageSyncAgentAutoUpdatePolicy -PolicyMode InstallLatest

代理生命周期和变更管理保证Agent lifecycle and change management guarantees

Azure 文件同步是一种云服务, 它持续引入新功能和改进。Azure File Sync is a cloud service, which continuously introduces new features and improvements. 这意味着,特定的 Azure 文件同步代理版本只在有限的时间内受到支持。This means that a specific Azure File Sync agent version can only be supported for a limited time. 为了便于部署, 以下规则确保你有足够的时间和通知, 以便在你的更改管理过程中适应代理更新/升级:To facilitate your deployment, the following rules guarantee you have enough time and notification to accommodate agent updates/upgrades in your change management process:

  • 至少支持主要代理版本六个月(从初始版本发布日期算起)。Major agent versions are supported for at least six months from the date of initial release.
  • 我们保证至少提供三个月的缓冲期来支持不同的主要代理版本。We guarantee there is an overlap of at least three months between the support of major agent versions.
  • 在代理过期之前的至少三个月,我们会在已注册的服务器中使用代理即将过期消息来发出警告。Warnings are issued for registered servers using a soon-to-be expired agent at least three months prior to expiration. 可以在存储同步服务的“已注册服务器”部分下检查已注册的服务器是否在使用旧版代理。You can check if a registered server is using an older version of the agent under the registered servers section of a Storage Sync Service.
  • 次要代理版本的生存期受限于相关的主要版本。The lifetime of a minor agent version is bound to the associated major version. 例如,发布代理版本 3.0 后,代理版本 2.* 将设置为一起过期。For example, when agent version 3.0 is released, agent versions 2.* will all be set to expire together.

备注

安装附带过期警告的代理版本时会显示警告,但安装会成功。Installing an agent version with an expiration warning will display a warning but succeed. 不支持且会阻止安装或连接已过期的代理版本。Attempting to install or connect with an expired agent version is not supported and will be blocked.

后续步骤Next steps