Should I be using Azure Files?

Save to My DOJO

Should I be using Azure Files?

Welcome to my new article for Altaro Software. I want to give you an introduction into Azure Files and Azure File Sync, as well as scenarios where to use them.

What is Azure Files?

Before we can speak about Azure Files use cases, we need to learn a few more things about Azure Files in general.

Azure Files is a Microsoft Azure managed file share. It can be accessed by standard protocols like Server Message Block (SMB) or Network File System (NFS). Azure Files can be mounted either from on-premises and from the cloud directly.

You can access Azure Files from Windows, Linux and macOS. The following table gives an overview of the protocol and the possible operating systems.

Azure Files SMB Share Azure Files NFS Share
Windows Yes No
Linux Yes Yes
macOS Yes Yes

You also have the option to cache Azure Files SMB shares on a Windows Server using Azure File Sync. That enables your users to faster access regularly used files and store them near the user. The technology is comparable to Windows Server Distributed File System Replication (DFS-R) but much easier to set up, reliable, and more advanced in regards to features.

Azure Files SKUs and Limits

As you can imagine, Microsoft Azure Files has different limitations and costs which are reflected in the SKUs. The tables below show you the limitations and SKUs. The current SKUs are Standard and Premium File Shares.

Resource Standard file shares* Premium file shares
Minimum size of a file share No minimum; pay as you go 100 GiB; provisioned
Maximum size of a file share 100 TiB**, 5 TiB 100 TiB
Maximum size of a file in a file share 1 TiB 4 TiB
Maximum number of files in a file share No limit No limit
Maximum IOPS per share 10,000 IOPS**, 1,000 IOPS or 100 requests in 100ms 100,000 IOPS
Maximum number of stored access policies per file share 5 5
Target throughput for a single file share up to 300 MiB/sec**, Up to 60 MiB/sec , See premium file share ingress and egress values
Maximum egress for a single file share See standard file share target throughput Up to 6,204 MiB/s
Maximum ingress for a single file share See standard file share target throughput Up to 4,136 MiB/s
Maximum open handles per file or directory 2,000 open handles 2,000 open handles
Maximum number of share snapshots 200 share snapshots 200 share snapshots
Maximum object (directories and files) name length 2,048 characters 2,048 characters
Maximum pathname component (in the path ABCD, each letter is a component) 255 characters 255 characters
Hard link limit (NFS only) N/A 178
Maximum number of SMB Multichannel channels N/A 4

* The limits for standard file shares apply to all three of the tiers available for standard file shares: transaction optimized, hot, and cool.

** Default on standard file shares is 5 TiB, see Enable and create large file shares for the details on how to increase the standard file shares scale up to 100 TiB.

What is Azure File Sync?

With Azure File Sync, Azure customers get the opportunity to centrally organize their file shares with Azure Files. With Azure Files and the Azure Storage backend, you can gain a flexible, performant and overall very compatible environment for your file server backend. Using Azure File Sync, a Windows Server becomes a local data cache for your branch to provide SMB, NFS and FTPS file access.

With Azure Storage Synchronization and the Azure Edge network, you can set up many caches around the globe where ever it is necessary depending on your office footprint.

The picture below should show a simple example of how such a setup could look like.

Azure File Synch

Within the next part of the blog post, I want to give a brief intro on how an Azure File Share works.

I will not configure a fileshare within the blog post but if you need a detailed guide, please visit the full deployment guide.

As you can imagine, the current Azure File Sync has some limitations. You can see them below.

Resource Target Hard limit
Storage Sync Services per region 100 Storage Sync Services Yes
Sync groups per Storage Sync Service 200 sync groups Yes
Registered servers per Storage Sync Service 99 servers Yes
Cloud endpoints per sync group 1 cloud endpoint Yes
Server endpoints per sync group 100 server endpoints Yes
Server endpoints per server 30 server endpoints Yes
File system objects (directories and files) per sync group 100 million objects No
Maximum number of file system objects (directories and files) in a directory 5 million objects Yes
Maximum object (directories and files) security descriptor size 64 KiB Yes
File size 100 GiB No
Minimum file size for a file to be tiered V9 and newer: Based on the file system cluster size (double file system cluster size). For example, if the file system cluster size is 4kb, the minimum file size will be 8kb.
V8 and older: 64 KiB
Yes

If it is not a hard limit, it can be changed via Microsoft Support.

How to enable Azure Files?

Enabling Azure Files is simple. You just create an Azure Storage Account as a Storagev1 or Storagev2 Account. Afterwards, you just add a fileshare.

Azure Files

Azure Files fileshare

After you created the share, you can access it via Network Mount or Synchronize it via Azure File Sync Agent.

Azure File Synch Agent

Microsoft published a very detailed guide on how to connect a Windows File Server with the File Sync agent. Deploy Azure File Sync | Microsoft Docs

What is the difference between Azure and OneDrive?

Now you may wonder and think “Why should I use Azure Files? Microsoft already offers already Microsoft Office OneDrive. Can’t I use OneDrive also for Enterprise File Shares?”.

In the first place, OneDrive is an individual File Storage with certain limitations in Sharing and Storage Capacity. OneDrive has no centrally manageable access management and is based on SharePoint online while Azure Storage is based on SMB / NFS file sharing.

Let me give you a deeper comparison with the table below.

OneDrive Azure Storage
Target Targets individual Users Targets classic Fileserver Workloads
Maximum Storage 5 TB Storage per User 500TB for a single storage account
Backup Does not offer any backup Backup optional via Azure Backup Service
Offline work Yes Yes but needs Fileserver with Azure File Sync as cache
Redundancy Comes as a redundant SaaS service Storage Vault can be replicated locally in one Azure Region, between different Azure Regions in a Zone or globally with geo-replication to any Azure Region.

As already explained, OneDrive is built to give individual User a personal fileshare comparable to a classic “\homedriveuser.user” share. Azure Files is a classic fileserver offered by Azure as a cloud service. You can also use it for Homedrives or User Profiles but its normally build to replace classic file shares or offer file shares for applications which still rely on them.

Usage Scenarios

Within the next part of the post, I want to go through some usage scenarios which are pretty common with Azure Customers.

Fileserver for Azure Workloads

One of the most common scenarios for the usage of Azure Files is as File Server Backend for Azure Workloads, Virtual Machines and Services like Windows Virtual Desktop.

At the moment the most used architecture is for Virtual Machines. Virtual Machines are deployed in a Virtual Network, an Azure Storage with Files is connected into a separate Subnet using Azure Private Link. Azure Files then represents a file share to the Virtual Machines.

The architecture could look like below.

Fileserver for Azure Workloads

You can also access file shares via public Azure IP but most of the customers prefer private link for that scenario since it is available.

Fileserver for On Premises

When using Azure Files on premises, you should first test your latency and roundtrip to the service. If you have a larger roundtrip than 22ms, it makes no sense to use Azure Files. As you remember, we are still using the SMB and NFS protocol. Both of them are not WAN optimized and produce too many overheads to be performant. In those scenarios, you should choose the Azure File Sync scenario and put a cache on a File Server on premises.

There is an easy way to get an estimate using Azure Speed, a community tool which uses Azure Storage to estimate the Roundtrip between your client and Azure Regions.

The connection to an Azure Files can be performed through the Public Endpoint of Azure Storage “storageaccount.file.core.windows.net” using the Internet with native HTTPS encryption.

Fileserver for On Premises

Another way would be using Azure ExpressRoute with Microsoft Peering and also accessing the same Storage Account.

Azure ExpressRoute with Microsoft Peering

The latest method would be using VPN or Azure ExpressRoute to Access the file shares via Azure Private Link.

Azure Private Link

When you have an Azure Region in the proximity of less than 22ms, Azure Files is a great way to replace your current Fileservers.

Hybrid Filestorage for On Premises Fileserver

There is one issue we all know, that is storage space in a Fileserver, especially in a branch. Normally you have a bunch of disks and storage in a server. To reduce the amount of storage used, you must use expensive technology for deduplication and compression.

What would you say if you could you use Azure Files as a hybrid storage space and reduce the storage used on-prem?

There are currently two options which I will briefly introduce below.

Microsoft Azure Stack Edge

The first option is pretty much out of the box. You can order an Azure Stack Edge via the Azure Portal. Azure Stack Edge comes with a preconfigured solution to connect to an Azure Storage Vault and provide a Fileshare to the network.

The required agents are already on the Edge and can be managed via Azure Portal. Azure Stack Edge Pro – FPGA share management | Microsoft Docs

That makes this solution pretty easy to deploy and use but you now own the hardware. It’s a rental pay-as-you-go model where you pay around 560€ to 800€ per month per device depending on the device type. Pricing – Azure Stack Edge | Microsoft Azure

Microsoft Azure File Sync

Another more customizable option is the use of Azure File Sync. Here you take a standard file service like a Dell PowerEdge R640 with a bunch of disks and a simple SAS controller. You can also choose a virtual machine instead of a physical server.

You only need a supported Windows Server OS. Currently, the following Windows Server versions are supported.

Version Supported SKUs Supported deployment options
Windows Server 2019 Datacenter, Standard, and IoT Full and Core
Windows Server 2016 Datacenter, Standard, and Storage Server Full and Core
Windows Server 2012 R2 Datacenter, Standard, and Storage Server Full and Core

Now you can install the Azure File Sync Agent on a Windows Server and connect the Azure File Share to the server. Afterwards, you can configure the cache and sync options. You can find the guides to deploy below.

Deploy Azure File Sync | Microsoft Docs
Choose an Azure solution for data transfer | Microsoft Docs

You can also use that type of deployment to clean up fileservers but I will explain that in the “fun fact for admins” part at the end of the blog post.

Using DFS Namespaces

When you work with different fileshares in different locations e.g. on a synched file server and Azure, connecting to the right fileshare can be a problem. There is a pretty simple and classic tool you can use to solve the issue.

Maybe you know about Windows Server Distributed File System Namespaces? This little sneaky service is available for 20 years and was released with Windows Server 2003. So it is bulletproof. 🙂

One of my co-workers at Microsoft wrote a pretty good guide on how to deploy Azure File Sync with DFS-N. You can find the link below. Azure File Sync: Integration with DFS Namespaces – Microsoft Tech Community

That’s the end of the technical part of my blog post. I will leave you with some closing thoughts and some admin fun facts about Azure Files.

Fun fact for Admins

Do you know the situation? Your users store a bunch of files on your fileservers and never go through them again. I normally call that WORN, write once read never. How do you solve that normally? You normally buy a bunch of very costly storage appliances who do cool things like deduplication, compression and storage tiering. You also buy lots of tapes to backup your data.

That is pretty expensive over time and you still need to backup all that stuff your users are storing. As you may know, Azure Storage is pretty check in comparison with about 2 cents per Gigabyte.

With Azure File Sync you can do a pretty easy trick to migrate your files to Azure and clean up your storage. Azure File Sync can, much like OneDrive, present files that are located in the remote storage of Azure and download them when they are accessed. So what you can do is, upload all your files to Azure and set up a new file share. After you upload the files, you connect the Azure Fileshare with Azure File Sync to the file server on premises. Now only the files customers need will be downloaded. Files which are put on your fileserver with Filesync will, depending on your strategy, sometime disappear from the fileserver and only be stored on Azure. They will leave a link and will be downloaded on demand.

That helps you to keep the footprint on-premises pretty small and will enable centralized backup and recovery within Azure, which reduces administrative effort too.

If you want to learn about the implementation, please visit the documentation.

Closing

I hope after going through the above you gained more knowledge on Azure Files and why should be using them. If you have any additional questions, do not hesitate to leave a comment.

Altaro Hyper-V Backup
Share this post

Not a DOJO Member yet?

Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!

43 thoughts on "Should I be using Azure Files?"

Leave a comment or ask a question

Your email address will not be published. Required fields are marked *

Your email address will not be published.

Notify me of follow-up replies via email

Yes, I would like to receive new blog posts by email

What is the color of grass?

Please note: If you’re not already a member on the Dojo Forums you will create a new account and receive an activation email.