Azure Storage Docs

Azure Files Concepts

Understand the foundational concepts of Azure Files to effectively manage your cloud file shares.

Core Concepts of Azure Files

Azure Files offers fully managed cloud file shares that are accessible via the industry-standard Server Message Block (SMB) protocol and Network File System (NFS) protocol. This allows you to "lift and shift" traditional file servers to Azure without extensive code changes.

Storage Accounts

All Azure Files shares are created within an Azure storage account. A storage account is a container for all your Azure Storage data objects, including blobs, files, queues, and tables. When you create a storage account, you specify a region, performance tier (Standard or Premium), and replication strategy.

File Shares

A file share is the fundamental building block of Azure Files. It's a scalable, managed file share in the cloud. You can create file shares of different types:

  • Standard file shares: Store your files on Hard Disk Drive (HDD) based storage, suitable for general-purpose file sharing.
  • Premium file shares: Store your files on Solid State Drive (SSD) based storage, offering higher performance and lower latency for demanding workloads.

Protocols

Azure Files supports two primary protocols for accessing file shares:

  • Server Message Block (SMB): The standard protocol for Windows file sharing. Azure Files supports SMB 3.0 with encryption.
  • Network File System (NFS): The standard protocol for Linux/Unix file sharing. Azure Files supports NFSv4.1.

Access Tiers

For Standard file shares, you can choose between Transaction Optimized and Hot tiers. This helps optimize costs based on access patterns:

  • Transaction Optimized: For workloads that access data frequently and require low latency.
  • Hot: For workloads that access data less frequently.

Premium file shares do not have access tiers; they are always provisioned with SSD performance.

Mounting File Shares

You can mount Azure file shares to on-premises machines or Azure virtual machines using the appropriate protocol:

  • Windows: Use the `net use` command or File Explorer.
  • Linux: Use the `mount` command with SMB or NFS options.
  • macOS: Use the `mount` command with SMB options.
# Example: Mounting an SMB share on Linux sudo mount -t cifs //myaccount.file.core.windows.net/myshare /mnt/myshare -o vers=3.0,username=myaccount,password=mykey,dir_mode=0777,file_mode=0777,serverino

File Share Snapshots

File share snapshots provide a point-in-time copy of your file share. They are read-only and can be used for backup and disaster recovery purposes. Snapshots are efficient as they only store the blocks that have changed since the previous snapshot.

Networking

Azure Files can be accessed over the public internet or through private endpoints within your Azure Virtual Network for enhanced security and reduced latency.

Security

Security is paramount. Azure Files offers multiple layers of security, including:

  • Authentication via Storage Account Key or Azure Active Directory (Azure AD) Domain Services for SMB.
  • Authorization through access control lists (ACLs) or share-level permissions.
  • Encryption in transit (SMB 3.0) and at rest.

Integration with Azure Services

Azure Files integrates seamlessly with other Azure services, such as Azure Backup for automated backups and Azure File Sync for hybrid cloud scenarios.