Azure Storage Documentation

Azure Files: File Storage with SMB Protocols

Azure Files offers fully managed cloud file shares that are accessible via the industry-standard Server Message Block (SMB) protocol. This allows you to lift and shift on-premises applications that rely on file shares to Azure without significant code changes.

Key Advantage: SMB protocol support makes Azure Files a direct replacement for on-premises file servers, enabling seamless migration and hybrid cloud scenarios.

Understanding SMB Protocols in Azure Files

Azure Files supports SMB 3.0 and later versions. This ensures compatibility with a wide range of Windows, macOS, and Linux clients.

SMB 3.0 Features Leveraged

  • SMB Encryption: Provides end-to-end encryption for data in transit, ensuring security for sensitive workloads.
  • Multichannel: Enhances performance by allowing multiple TCP connections between the client and the storage service.
  • Durable Handles: Improves resilience by allowing clients to reconnect to a share after transient network interruptions without losing their session.
  • Directory Leasing: Enhances performance for applications that access many files concurrently within a single directory.

Creating and Mounting Azure File Shares

You can create Azure File shares using the Azure portal, Azure CLI, PowerShell, or REST APIs. Once created, you can mount them to your clients.

Mounting on Windows

Use the net use command. You'll need your storage account name and access key.


net use Z: \\yourstorageaccountname.file.core.windows.net\yoursharename /u:Azure\

Mounting on Linux

Install the necessary CIFS utilities and use the mount command.


sudo apt-get update
sudo apt-get install cifs-utils
sudo mount -t cifs //.file.core.windows.net/yoursharename /mnt/yourmountpoint -o vers=3.0,username=,password=,dir_mode=0777,file_mode=0777,serverino

Mounting on macOS

Use Finder's "Connect to Server" option or the `mount` command.

In Finder, go to Go > Connect to Server... and enter:


smb://yourstorageaccountname.file.core.windows.net/yoursharename

You will be prompted for your storage account name and access key.

Access Control and Security

Azure Files supports several methods for securing access:

  • Storage Account Keys: Provide full access to the storage account. Use with caution and ideally generate shared access signatures (SAS) for more granular control.
  • Azure Active Directory (Azure AD) Domain Services: Enables Kerberos authentication for file shares, allowing Windows ACLs to be used for fine-grained permissions.
  • Network Security: Configure firewalls and virtual network rules to restrict access to your storage account.

Use Cases for Azure Files with SMB

Azure Files with SMB is ideal for:

  • Application Lift and Shift: Migrating existing Windows file shares to the cloud.
  • Shared Configuration Files: Centralizing configuration settings for applications running on multiple VMs.
  • Development and Test Environments: Providing shared storage for development tools and projects.
  • On-premises Data Sync: Using Azure File Sync to cache on-premises file shares in Azure Files for hybrid scenarios.
Performance Tip: For demanding workloads, consider using Premium tier file shares which offer higher IOPS and throughput.

Pricing Tiers

Azure Files offers different pricing tiers to meet varying performance and cost requirements:

Tier Description Performance
Standard Cost-effective for general-purpose file sharing workloads. HDD-based, lower IOPS and throughput.
Premium For performance-sensitive workloads requiring low latency and high throughput. SSD-based, higher IOPS and throughput.

Conclusion

Azure Files, with its robust SMB protocol support, provides a powerful and flexible solution for cloud-based file storage. It simplifies migration, enhances collaboration, and offers robust security features for a variety of modern application needs.