Azure file shares have come a long way from an Azure-only storage resource to a full-featured file server in the...
cloud for multiple operating systems.
Azure Files creates server message block (SMB) shares on the Azure platform. This frees administrators from managing the underlying infrastructure providing those Azure file shares -- updating Windows Server versions, patching the operating system, purchasing and maintaining the hardware, and handling most of the disk storage needs.
Admins who have heard of Azure Files might not consider it because its original purpose was to provide platform-as-a-service file sharing for other Azure resources or line of business applications within Azure virtual machines. In the latest release, however, Microsoft expanded Azure Files to support connections from outside Azure data centers.
To use Azure Files, administrators need only configure the SMB shares in the Azure portal and then access a Universal Naming Convention (UNC) path over the internet. Microsoft handles the rest of the file server administration.
Organizations pay a monthly storage fee for the service, which is currently 6 to 10 cents per gigabyte, and a small charge for various operations, such as file reads and directory listings.
Azure Files works on Windows 8.1, Windows 10, Windows Server 2012 R2, Windows Server 2016, macOS and Linux systems. Older versions of the Windows desktop client and Windows Server cannot connect to the SMB 3.0 file shares.
Creating the Azure file shares
Making a share in Azure is as easy as making an SMB share in Windows Server.
- Sign into the Azure portal.
- Use an existing storage account or create a new one, then access it.
- Click on the + File Share button.
- Give the file share a name and a quota -- the maximum space available is 5 TB or 5,120 GB.
Mount the Azure file shares
Administrators can mount the Azure file shares, which are stored as blobs in Azure, on Windows, Linux or Mac systems and on virtual machines in the cloud or on premises.
The first step is to give Windows your Azure account credentials. This is most easily done using the cmdkey command-line utility. You'll need your Azure storage account name, your domain name and the storage account key that the Azure portal generates when you first create a file share. The key will end in two equal signs (==). Run the following command with that information:
cmdkey /add:<yourazureaccount>.file.core.windows.net /user:AZURE\<yourazureaccount> /pass:<StorageAccountKey>
This will store your Azure credentials so that connections to the Azure file share can persist between machine reboots and user sessions. Next, mount the share in one of two ways:
- Using File Explorer or Windows Explorer, select Map Network Drive and copy the UNC path shown in the Azure portal. Select a local drive letter to associate with the UNC path similar to how you map a network drive on your local file server.
- Using the command prompt and the net use command, execute the following:
net use <driveletter>: \\<yourazureaccount>.file.core.windows.net\<nameoffileshare> <StorageAccountKey> /user:Azure\<yourazureaccount>
How to set up a Linux machine
For Linux machines, make sure the cifs-utils package is installed. Then, create a directory under your mount point.
Then, mount the service.
sudo mount -t cifs //<yourazureaccount>.file.core.windows.net/<nameoffileshare> <mount-point> -o vers=3.0,username=<yourazureaccount>,password=<storageaccountkey>,dir_mode=0777,file_mode=0777,serverino
Or create a permanent mount.
sudo bash -c 'echo "//<yourazureaccount>.file.core.windows.net/<nameoffileshare> <mount-point> cifs nofail,vers=3.0,username=<yourazureaccount>,password=<storageaccountkey>,dir_mode=0777,file_mode=0777,serverino" >> /etc/fstab'
Adding Azure file shares to a Mac system
For macOS machines, disable SMB packet signing because Azure encrypts the connection end to end. Packet signing also hurts performance.
echo "[default]" >> /etc/nsmb.conf
echo "signing_required=no" >> /etc/nsmb.conf
While you're in the terminal, mount the share with this command:
mount_smbfs //<yourazureaccount>@<yourazureaccount>.file.core.windows.net/<nameoffileshare> <localmountpoint>
Then, enter your storage account key as your password and you're finished.
Azure File Sync keeps shared data in order
To ensure Azure Files runs smoothly, Microsoft developed Azure File Sync to turn local file servers into caches of the master data repository in the Azure file share service. The file sync service handles changes to Azure that happen on your local files and vice versa.
Any applications that might have compatibility or performance issues can use the local file server, while the main repository is centralized in the Azure service. Based on the needs of your organization, you might have a cache/local file server in each branch office or one per country or continent.