An Azure service that offers file shares in the cloud.
Hi ,
Thanks for reaching out to Microsoft Q&A.
For me it looks like you are hitting a platform limitation, not a configuration mistake. Your azure Files share looks fine, the issue is that the native mount -t nfs client does not fully support azure files NFS, while the aznfs helper does.
The aznfs mount helper that microsoft provides is not just a wrapper for the mount command. It handles Azure-specific logic like session negotiation and correct mount options that the standard NFS client does not. That is why aznfs works and nfs fails with “access denied”, even though DNS and private endpoint connectivity are working.
Also, azure NFS shares only use networkbased access. There is no user authentication, so the server just rejects requests that do not match what it expects from the client. The native NFS client does not align properly with those requirements in private endpoint mode.
If your goal is to mount in Kubernetes (which defaults to -t nfs), you have two options:
- Use or build a CSI driver that wraps
aznfsso it mounts correctly in AKS - Mount the share on the node with
aznfsfirst (through a DaemonSet or node bootstrap script?), and then mount the local path into your pods.
There is no fix to make the plain mount -t nfs command work with azure Files NFS in a private endpoint scenario. If you switch back to service endpoints (not recommended for security), you might get it to work, but it is still not officially supported.
Please 'Upvote'(Thumbs-up) and 'Accept' as answer if the reply was helpful. This will be benefitting other community members who face the same issue.