Everything You Need to Know About Azure File Storage

AFS is a storage service that you can use to host cloud-native Server Message Block (SMB) file shares in Azure. SMB is a network file sharing protocol that enables applications to request services from server programs and to perform read/write operations on files. You can use AFS with on-premises machines and applications or with applications hosted on Azure. In this article, you will learn about the core concepts, use cases, advantages, and disadvantages of AFS.

Azure File Storage (AFS) Use Cases

Common use cases for Azure File Storage include:

• Lift and shift migration of file shares—eliminates the need to restructure or reformat data. It also enables you to keep legacy applications on-premises while benefiting from cloud storage.
• Creating shared resources for sysadmins or development teams—enables distributed teams to easily share and collaborate in near real-time.
• Centralizing configuration and log files—increases visibility by aggregating data and facilitates easier archiving.

Azure Files Management Concepts

When using AFS, there are a few concepts that are helpful to know.

• Storage account—storage accounts define the configuration of resources and determine the number of resources available.
• Share—an SMB file share where directories and files are stored. Accounts can contain an unlimited number of shares and each share can contain an unlimited number of files.
• URL format—requests to file shares use the REST protocol with the following format:
  https://<storage account>.file.core.windows.net/<share>/<directory>/<file>

Azure Files Data Access Methods

When you wish to access files in AFS, you can use one of two methods—direct cloud access or Azure File Sync.

Direct Cloud Access
You can mount Azure file shares on Windows, macOS or Linux machines. For communications, all mounting options support both SMB and RestAPI. However, if you use SMB, read/write operations are performed directly on the file share in Azure.

To mount file shares on Azure-hosted VMs, the OS needs to support at least SMB 2.1 to work correctly. To mount shares on on-premises machines, the SMB client must support at least SMB 3.0 and include encryption. With either mounting option, you can also link applications and services directly via the API.

Azure File Sync
Azure File Sync is an additional service you can use to keep data synchronized between File Storage data stored on on-premises and Azure-hosted machines. When using File Sync, data is accessed through your Windows Server via SMB or NFS file share.

File Sync is most useful when you need data to be accessible in locations remote from Azure data centers. This enables you to replicate data across multiple endpoints for lower latency. Additionally, you can tier data in File Storage to optimize costs. Tiered data is still retrievable but takes slightly longer since it is not stored entirely on every endpoint.

Azure File Storage Pros and Cons

Azure File Storage’s primary benefit is its similarity to traditional file stores. This makes it easy to use and integrate with minimal upfront effort. When considering AFS, however, there are a few other aspects to consider. Some of the most important pros and cons of this service are covered below.

Pros of Azure File Storage:

• Fully managed service—Azure handles all of the infrastructure, operating systems, maintenance, and updates. You are only responsible for managing data, storage configurations, and permissions.
• Shared access—uses the SMB protocol for greater accessibility with on-premises applications. This enables you to easily share files between machines regardless of where machines are located.
• Redundancy—you can choose between locally redundant or geo-redundant duplication of data. Locally redundant enables you to create multiple versions within a region. Geo-redundant enables you to duplicate data across multiple regions for near perfect durability.
• Easy automation—you can automate processes with scripts through Azure CLI or PowerShell. Alternatively, you can use the Azure Portal or Azure Storage Explorer to create automation policies.
• Easy APIs—you can connect services easily with the Azure Storage RestAPI or Storage Client Libraries. Client libraries are available for a variety of languages, including .NET, Python, Java, Ruby, Node.js, PHP, and Go.

Cons of Azure Files include:

• Security and access—providing access to files requires sharing your storage account key. Additionally, users can access files externally via the universal naming convention (UNC) path and key. Unfortunately, this access route cannot be blocked.
• Backup—there are no built-in snapshot or automated backup features as there are with other Azure services. Your data is protected against hardware failures by duplication but this doesn’t protect data from accidental deletion or modification.
• File system limitations—files in AFS can only be up to 1TB in size. Additionally, you can only store 200k files and each has to have a name of 255 characters or less. This can create problems for legacy applications or database archives. To address this, however, you can use third-party, integrated hybrid solutions.
• Performance—throughput is limited to 60MB/s and IOPS are limited to 10k. To get greater performance, you must upgrade to the premium tier which offers 4,136MiB/s for ingress, 6,204 MiB/s for egress, and 100k IOPS. Keep in mind, upgrading to premium increases your service costs.
• Size limitations—file shares are limited to 5TB per account. You can expand up to 20 accounts to expand this limit to 100TB but need to manage the logistics of distributing data. Alternatively, you can upgrade to the premium tier for 100TB per share.

Conclusion

Azure File Storage is a cloud-based file sharing service that works great for hybrid environments. You can use AFS for lift and shift migration and centralized management of log files and resources. This is a fully-managed service with easy APIs and automation. AFS works with the SMB protocol and also provides geo-redundant duplication.

Unfortunately, there are no built-in features for backup and no granular access control. To ensure data and security standards are fully met, you will need to either manually configure these processes or integrate with a third-party solution.