Five services are part of Azure Storage. Azure Storage facilitates unique namespace for each of these services with the help of a unique endpoint, namely, blobs, files, queues, tables, and disks. Let’s take a close look at each of these.
Azure Blob Storage
In some documentation, you will see that Azure Blob Storage is referred to as Azure Containers or Azure Container Storage. The name containers is quite confusing in the Azure realm; you have containers in Azure Container Instances, Azure Container Registry, Azure App Services, and Azure Kubernetes Services, which all deal with the container images and containerization of applications. Then you have containers in Cosmos DB for storing data. Nevertheless, if you see the term containers, it refers to Azure Blob Storage. To avoid this confusion, let’s stick to Azure Blob Storage.
Azure Blob Storage is the object storage service offered by Microsoft. This service is similar to the Amazon S3 service. You can leverage Azure Blob Storage to store unstructured data, such as videos, images, text, or binary data. The following are some of the scenarios where you can use Azure Blob Storage:
- Serving images or documents for a website
- Storing binaries or executables for download
- Streaming video and audio
- Data backup and restore
- Disaster recovery
- Data archiving
- Data store for on-premises data that can be used by analytics solutions in Azure
You will learn more about Azure Blob Storage later in this chapter. As the service is available via HTTP or HTTPS, you can access the data from anywhere in the world.
Azure Files
Network file shares can be created using the Azure Files service, which can be accessed via the SMB protocol. At the time of writing this book, Microsoft has launched NFS shares as well; however, this feature is still in preview. This file share can be mounted to multiple VMs or on-premises machines, which is ideal for sharing files across machines. The key difference between Azure Files and an on-premises file share is that you can access the Azure Files share over HTTP or HTPS, and it can be mounted to any server that is connected to the Internet or VPN. The access is enabled via the URL that is pointing to the file share via the shared access signature (SAS). Using the SAS, you can control access to the file share.
The following are some of the common scenarios where Azure Files can be utilized:
- In on-premises, you already have file shares; however, you need VPN or complex networking for the Azure VMs to access it. Using Azure Files, you can mount a common file share to both on-premises and Azure VMs.
- Migration from on-premises to Azure Files is easy. If you replace the existing on-premises file share, you can easily unmount the share and mount Azure file share with the same drive letter to minimize the downtime.
- Azure Files is ideal for storing common files and installation packages that can be accessed from both VMs and on-premises servers.
- Crash dumps, application logs, metrics, and diagnostic logs can be written to file share. If the application collapses, you can always mount the share to another server and analyze the logs to perform the root-cause analysis.
At the time of writing this book, Azure AD–based authentication and ACLs are not supported by Azure Files. However, you can use Azure Active Directory Domain Services and on-premises Active Directory Domain Services (AD DS) to provide identity-based authentication over SMB.
