Coach Beard Jr. Boring Notes
  • CONTRIBUTING
  • Multi Threading
  • Processes
  • README
  • Security Policy
  • Stack vs Heap Memory Allocation
  • What is it?
  • Mind Map
  • Azure
    • Table of contents
  • Azure
    • Resources
  • BATCH-Scripting
    • Gettng-Started
  • Cloudflare
    • Digital Certificates - What are Those
  • Cloudflare
    • Introduction to HTTPS and TLS
  • Cloudflare
    • Resources
  • DENO LAND
    • DENO - CLI
  • DENO LAND
    • Deno_index.docx
  • DENO LAND
    • Examples
  • DENO LAND
    • Starting Examples
  • DENO LAND
    • Working with Deno
  • DENO LAND
    • http_server.ts
  • Docker Notes
    • Commands
  • Docker Notes
    • Communication
  • Docker Notes
    • Containers
  • Docker Notes
    • Data in Docker
  • Docker Notes
    • Docker Compose
  • Docker Notes
    • Dockerfile
  • Docker Notes
    • Images and containers
  • Docker Notes
    • Practice Images
  • What and Why
  • Docker Notes
    • Table of contents
  • Docker Notes
    • Virtual Machines
  • Docker Notes
    • Volumes
  • Docker Notes
    • dockerignore
  • Garbage Collection
    • Introduction
  • Git and Github
    • GIT
  • Git and Github
    • Github
  • HackingHub.io
    • Mindmap
  • HackingHub.io
    • Start Here
  • JENKINS
    • JENKINS (Getting Started)
  • Java - A Headache
    • A Headache
  • Java - A Headache
    • Checked Exceptions
  • Java - A Headache
    • Concurrency In Java
  • Java - A Headache
    • ENUM
  • Java - A Headache
    • ThreadExceptions
  • Java - A Headache
    • Exception Handling
  • Java - A Headache
    • Java Memory Management
  • Java - A Headache
    • Lambda Expressions
  • Java - A Headache
    • LifeCycle and States of a Thread in Java
  • Java - A Headache
    • Memory Allocation by JVM
  • Java - A Headache
    • Multi-Threading in JAVA
  • Java - A Headache
    • Transient
  • JavaScript
    • Arrays
  • JavaScript
    • Behind the Scenes of JavaScript
  • JavaScript
    • Falsy-Truthy Values
  • JavaScript
    • Garbage Collection
  • JavaScript
    • Getters_Setters
  • JavaScript
    • Hoisting
  • JavaScript
    • How Code is Parsed and Compiled
  • JavaScript
    • Index.docs
  • JavaScript
    • Inside JS Engine
  • JavaScript
    • MindMap
  • JavaScript
    • Objects
  • JavaScript
    • this in javascript
  • Kubernetes
    • Kubernetes Architecture Overview
  • Linux & Unix
    • GRUB - Grand Unified Bootloader
  • Linux & Unix
    • Resources
  • Miscellaneous
    • CDN Architecture
  • Miscellaneous
    • JavaScript exec returns Undefined
  • NodeJS
    • Index.docs
  • Obsidian - Help
    • Resources
  • Pentester Notes
    • IP Address
  • Pentester Notes
    • LAN - Local Area Network
  • Pentester Notes
    • MAC Address
  • Pentester Notes
    • MindMap
  • Pentester Notes
    • Networking
  • Pentester Notes
    • Offensive Security
  • Pentester Notes
    • Ping
  • Pentester Notes
    • Subnetting
  • Spring-Security
    • Servlets & Filters
  • Spring-Security
    • default-configuration
  • TypeScript
    • Index.docs
  • TypeScript
    • TypeScript
  • Webpack
    • Concepts
  • .github
    • ISSUE_TEMPLATE
      • feature_request
  • Automation
    • Cucumber-Framework
      • Getting Started
  • Automation
    • Playwright
      • Introduction
  • Azure
    • AZ-104
      • Control Azure services with the CLI
  • Azure
    • AZ-104
      • Deploy Azure infrastructure by using JSON ARM templates
  • Azure
    • AZ-204
  • Azure
    • AZ-204
      • mindMap
  • Azure
    • Azure Policy
      • Azure-policies
  • Azure
    • Azure Policy
  • Azure
    • Azure-Fundamentals
  • Azure
    • Azure-Fundamentals
      • mindmap
  • Cloudflare
    • Docs
      • Cloudflare IPs
  • Cloudflare
    • Docs
      • Getting Started
  • Cloudflare
    • Docs
      • MindMap
  • DENO LAND
    • Basics
      • Basics
  • DENO LAND
    • Basics
      • Connecting to Database
  • DENO LAND
    • Basics
      • Environment Variables
  • DENO LAND
    • Basics
      • Imports
  • DENO LAND
    • Basics
      • Modules
  • DENO LAND
    • Basics
      • Permissions
  • DENO LAND
    • Basics
      • Standard Library
  • DENO LAND
    • Basics
      • Testing
  • Eager
    • Primes
      • Finding prime number - formula
  • Git and Github
    • Github-Actions
      • Auto Publish(Release) - GitHub Actions
  • Git and Github
    • Github-Actions
      • Continuous Integration (CI) - GitHub Actions
  • Git and Github
    • Github-Actions
      • Github-Actions Introduction
  • Java - A Headache
    • Garbage Collection
      • Garbage Collection
  • Java - A Headache
    • Garbage Collection
      • Types of Garbage Collection
  • Java - A Headache
    • Spring - Framework
      • annotation
  • Java - A Headache
    • Threads
      • Threads in JAVA
  • JavaScript
    • Basics
      • DataTypes_Variables
  • JavaScript
    • Basics
      • Null-Undefined-NaN
  • JavaScript
    • DOM
      • Fundamental data types
  • JavaScript
    • DOM
      • Learn to search Methods and attributes
  • JavaScript
    • DOM
      • What is DOM
  • JavaScript
    • DOM
      • Working With DOM
  • JavaScript
    • Functions
      • Functions in JavaScript
  • JavaScript
    • OOP
      • OOP in JS
  • Pentester Notes
    • DNS
      • DNS Records
  • Pentester Notes
    • DNS
      • Securing DNS
  • Pentester Notes
    • DNS
      • What is 1.1.1.1
  • Pentester Notes
    • DNS
      • What is DNS
  • Pentester Notes
    • OSI Model
      • Intro
  • Pentester Notes
    • Protocols
      • ARP Protocol
  • Pentester Notes
    • Protocols
      • DHCP Protocol
  • Azure
    • AZ-104
      • Azure-Administrators
        • automate-azure-tasks-using-scripts
  • Azure
    • AZ-104
      • Azure-Administrators
        • azure-resource-manager
  • Azure
    • AZ-104
      • Azure-Administrators
        • configure-azure-resources
  • Azure
    • AZ-104
      • Azure-Administrators
        • configure-resources-with-arm
  • Azure
    • AZ-104
      • Azure-Administrators
        • control-azure-services-cli
  • Azure
    • AZ-104
      • Azure-Administrators
        • deploy-azure-infra-using-arm-templates
  • Azure
    • AZ-104
      • Azure-Administrators
  • Azure
    • AZ-104
      • Configure and Manage VNet for Azure
        • Configure Azure DNS
  • Azure
    • AZ-104
      • Configure and Manage VNet for Azure
        • Configure Azure Virtual Network Peering
  • Azure
    • AZ-104
      • Configure and Manage VNet for Azure
        • Configure Network Security Groups
  • Azure
    • AZ-104
      • Configure and Manage VNet for Azure
        • Configure Network routing and endpoints
  • Azure
    • AZ-104
      • Configure and Manage VNet for Azure
        • Configure Virtual Networks
  • Azure
    • AZ-104
      • Deploy and Manage Azure compute resources
        • Configure Azure Container Instances
  • Azure
    • AZ-104
      • Deploy and Manage Azure compute resources
        • Configure Virtual Machines
  • Azure
    • AZ-104
      • Deploy and Manage Azure compute resources
        • Manage VM with Azure CLI
  • Azure
    • AZ-104
      • Deploy and Manage Azure compute resources
        • configure-azure-app-service-plans
  • Azure
    • AZ-104
      • Deploy and Manage Azure compute resources
        • configure-azure-app-service
  • Azure
    • AZ-104
      • Deploy and Manage Azure compute resources
        • configure-vm-availability
  • Azure
    • AZ-104
      • Implement and Manage Storage in Azure
        • Configure Azure Blob Storage
  • Azure
    • AZ-104
      • Implement and Manage Storage in Azure
        • Configure Azure Files and Azure File Sync
  • Azure
    • AZ-104
      • Implement and Manage Storage in Azure
        • Configure Azure Storage Security
  • Azure
    • AZ-104
      • Implement and Manage Storage in Azure
        • Configure Azure Storage with tools
  • Azure
    • AZ-104
      • Implement and Manage Storage in Azure
        • Configure Storage Accounts
  • Azure
    • AZ-104
      • Implement and Manage Storage in Azure
        • Control Access to Azure Storage with SAS
  • Azure
    • AZ-104
      • Implement and Manage Storage in Azure
        • Create Azure Storage Account
  • Azure
    • AZ-104
      • Implement and Manage Storage in Azure
        • Upload, download, manage data with Azure Storage Explorer
  • Azure
    • AZ-104
      • Manage identities and governance in Azure
        • Allow users to reset their password with Entra SSPR
  • Azure
    • AZ-104
      • Manage identities and governance in Azure
        • Configure Azure Policy
  • Azure
    • AZ-104
      • Manage identities and governance in Azure
        • Configure Microsoft Entra ID
  • Azure
    • AZ-104
      • Manage identities and governance in Azure
        • Configure RBAC
  • Azure
    • AZ-104
      • Manage identities and governance in Azure
        • Configure Subscriptions
  • Azure
    • AZ-104
      • Manage identities and governance in Azure
        • Configure user and group accounts
  • Azure
    • AZ-104
      • Manage identities and governance in Azure
        • Create Azure Users and Groups in Entra ID
  • Azure
    • AZ-104
      • Manage identities and governance in Azure
        • Secure Azure resources with Azure RBAC
  • Azure
    • AZ-104
      • Monitor and back up Azure resources
        • Configure Azure Alerts
  • Azure
    • AZ-104
      • Monitor and back up Azure resources
        • Configure Azure Monitor
  • Azure
    • AZ-104
      • Monitor and back up Azure resources
        • Configure Log Analytics
  • Azure
    • AZ-104
      • Monitor and back up Azure resources
        • Configure Network Watcher
  • Azure
    • AZ-104
      • Monitor and back up Azure resources
        • Configure Virtual Machine Backups
  • Azure
    • AZ-104
      • Monitor and back up Azure resources
        • Configure file and folder backups
  • Azure
    • AZ-104
      • Monitor and back up Azure resources
        • Improve incident response with alerting on Azure
  • Azure
    • AZ-204
      • Azure-AppService-WebApps
        • AppService-DeploymentSlots
  • Azure
    • AZ-204
      • Azure-AppService-WebApps
        • Azure-App-Services
  • Azure
    • AZ-204
      • Azure-AppService-WebApps
        • Configure-web-app-settings
  • Azure
    • AZ-204
      • Azure-AppService-WebApps
        • Scale-apps-Azure-AppService
  • Azure
    • AZ-204
      • Azure-AppService-WebApps
  • Azure
    • AZ-204
      • Azure-Cosmos-DB
        • cosmosDB-part1
  • Azure
    • AZ-204
      • Azure-Cosmos-DB
        • cosmosDB-part2
  • Azure
    • AZ-204
      • Azure-Cosmos-DB
  • Azure
    • AZ-204
      • Azure-Functions
        • Azure-Functions-2
  • Azure
    • AZ-204
      • Azure-Functions
        • Azure-Functions
  • Azure
    • AZ-204
      • Azure-Functions
  • Azure
    • AZ-204
      • Containerized-Solutions
        • implement-azure-container-apps
  • Azure
    • AZ-204
      • Containerized-Solutions
        • manage-container-images-in-container-registry
  • Azure
    • AZ-204
      • Containerized-Solutions
  • Azure
    • AZ-204
      • Containerized-Solutions
        • run-container-images-container-instances
  • Azure
    • AZ-204
      • Sols-using-blob-Storage
        • Azure-Blob-Storage-demo
  • Azure
    • AZ-204
      • Sols-using-blob-Storage
        • Azure-Blob-Storage-intro
  • Azure
    • AZ-204
      • Sols-using-blob-Storage
        • Azure-Blob-Storage-lifecycle
  • Azure
    • AZ-204
      • Sols-using-blob-Storage
        • mindmap
  • Azure
    • AZ-204
      • course-notes-udemy
        • Azure App Service
  • Azure
    • AZ-204
      • course-notes-udemy
        • Containers Service
  • Azure
    • AZ-204
      • course-notes-udemy
        • Create VM via Powershell
  • Azure
    • AZ-204
      • Course Notes - Udemy
  • Azure
    • Azure-Fundamentals
      • Architecture-Services
        • Azure Infrastructure
  • Azure
    • Azure-Fundamentals
      • Architecture-Services
        • Azure-identity-access-security
  • Azure
    • Azure-Fundamentals
      • Architecture-Services
        • Azure-storage-services
  • Azure
    • Azure-Fundamentals
      • Architecture-Services
  • Azure
    • Azure-Fundamentals
      • Architecture-Services
        • compute-and-network-services
  • Azure
    • Azure-Fundamentals
      • Architecture-Services
        • mindMap
  • Azure
    • Azure-Fundamentals
      • Cloud-Concepts
  • Azure
    • Azure-Fundamentals
      • Cloud-Concepts
        • cloud-concepts
  • Azure
    • Azure-Fundamentals
      • Management-Governance
        • Cost-management-Azure
  • Azure
    • Azure-Fundamentals
      • Management-Governance
        • Monitor-tools-in-auzre
  • Azure
    • Azure-Fundamentals
      • Management-Governance
  • Azure
    • Azure-Fundamentals
      • Management-Governance
        • azure-for-governance-and-compliance
  • Azure
    • Azure-Fundamentals
      • Management-Governance
        • features-tools-for-managing-and-deploying-resources
  • Azure
    • Azure-Fundamentals
      • Management-Governance
        • mindmap
Powered by GitBook
On this page
  • Azure Storage Accounts
  • Azure Storage Redundancy
  • Azure Storage Services
  • Identity Azure data migration options
  • Identify Azure file movement options
Edit on GitHub
  1. Azure
  2. Azure-Fundamentals
  3. Architecture-Services

Azure-storage-services

Contents covered

  1. Compare Azure storage services

  2. Azure Storage tiers

  3. Azure Storage redundancy options

  4. Storage account options and storage types

  5. Identity options for moving files, including AzCopu, Azure Storage Explorer and Azure File Sync

  6. Migration options, including Azure Migrate and Azure Data Box

Azure Storage Accounts

Storage account provides a unique namespace for your azure storage data thats accessible from anywhere in the world over HTTP or HTTPS. Data in this account is secure, highly available, durable and massievly scalable.

When you create your storage account, you will start by picking the storage acccount type. The type of account determines the storage services and redundancy options and has an impact on the use cases.

  • Locally Redundant Storage (LRS)

  • Geo-Redundant Storage (GRS)

  • Read-access geo-redundant storage (RA-GRS)

  • Zone-redundant storage (ZRS)

  • Geo-Sone-redundant storage (GZRS)

  • Read-access geo-sone-redundant access (RA-GZRS)

Storage account endpoints

One of the benefits of using a Azure storage account is having a unique namespace in Azure for your data. In order to do this, every storaeg account in azure must have a unique-in-azure account name. The combination of the account named in the Azure storage service endpoint forms the endpoints for your storage account

Azure Storage account naming rules

  1. must be 3 to 24 characters length

  2. can contain numbers, lowercase letters only

  3. your storage account name must be unique within Azure.

This uniqueness supports the ability to have a unique, accessible namespace in Azure

The endpoint format for different azure storage services

  1. Blob Storage -> https://.blob.core.windows.net

  2. Data Lake Storage Gen2 -> https://.dfa.core.windows.net

  3. Azure Files -> https://.file.core.windows.net

  4. Queue Storage -> https://.queue.core.windows.net

  5. Table Storage -> https://.table.core.windows.net

Azure Storage Redundancy

Azure storage always stores multiple copies of your data so that its protected from planned and unplanned events such as transient hardware failures, network or power outages and natual disasters. Redundancy ensures that you storage account meets its availability and durability targets even in the face of failures

Redundancy in the primary region

Data in an Azure Storage account is always replicated three times in the primary region. Azure Storage offers two options for how your data is replicated int he primary region, Locally Redundant Storage (LRS) and Zone Redundant Storage (ZRS)

Locally Redundant Storage

This replicates your data three times within a single data center in the primary region LRS provides at least of 11 nines of durability of objects over a given year.

Zone redundant Storage

For availability zone enabled regions, zone redundant storage replicates your azure storage data synchronously across three azure availability zones in the primary region. ARS offers durability for azure storage data objects of at least 12 nines over a given year

With ZRS, your data is still accessible for both read and write operations even if a zone becomes unavailable. No remounting of Azure files shares from the connected clients is required. If a zone becomes unavailable, Azure undertakes networking updates, such as DNS repointing. These updates may affect your application if you access data before the updates have completed.

Redundancy in a secondary region

For applications requiring high durability, you can choose to additionally copy the data in your storage to a secondary region that is hundreds of miles away from the primary region.

When you create a storage account, you select the primary region for the account. The paried secondary region is based on Azure region pairs and cant be changed.

Azure Storage offers two options for copying your data to a secondary region:

  1. Geo-redundant storage (GRS)

  2. Geo-Zone-redundant storage (GZRS)

GRS is similar to running LRS in two regions and GZRS is similar to running ZRS in the primary region and LRS in the secondary region

By default, the data in the secondary region isnt available for read and write access unless there is a failover to the secondary region. If the primary region becomes unavailable, you can choose to fail over to the secondary region. After the failover has completed, the secondary region becomes the primary region and you can again read and write data.

Data is replicated in secondary region asynchronously, hence a failure that affects the priimary region may result in data loss if the primary region cant be recovered. The interval between the most recent writes to the primary region and the last write to the secondary region is known as the recovery point objective. The recovery point objective indicates the point in time to which data can be recovered. Azure storage typically has RPO of less than 15 minutes.

Get redundant storage

GRS copies your data synchronoulsy three times within a single physical location in the primary region using LRS. It then copies your data asynchronously to a single physical location in the secondary region using LRS

Geo-Zone-redundant storage

GZRS combines the high availability provided by redundancy across availability zones with protection from region outages provided by geo-replication. Data in a GZRS storage account is copied across three Azure availability zones in the primary region which is similar to ZRS and is also replicated to a secondary geographic region, using LRS for protection from regional disasters.

Read access to data in the secondary region

Geo-redundant storage replicates your data to another physical location in the secondary region to protect aganist regional outages. However, that data is available to be read only if hte customer or Microsoft initiates a failover from the primary to secondary region. However, if you enable read access to the secondary region, you data is always available, even when the primary region is running optimally. For read access to the secondary region, enable read-access geo-redundant storage or RA-GZRS

Azure Storage Services

The Azure Storage platform includes the following data services

  1. Azure Blobs: A massively scalable object store for text and binary data. Also includes support for big data analytics through Data Lake Sroage Gen2

  2. Azure Files: Managed file shares for cloud or on-premise deployments

  3. Azure Queues: A messaging store for reliable messaging between application components

  4. Azure Disks: Block-level storage volume for Azure VMs

  5. Azure Tables: NoSQL table option for structured, non-relational data

Benefits include Durable and highly available, secure, scalable, managed, accessible

Azure Blobs

Azure Blob storage is unstructured, meaning that there are no restrictions on the kinds of data it can hold. Blob storage can manage thousands of simultenous uploads, massive amounts of video data, constantly growing log files and can be reached from anywhere with an internet connection

Blobs arent limited to common file formats.

One advantage of blob storage over disk storage is that it doesnt require developers to think abou or manage disks. Data is uploaded as blobs and Azure takes care of the physical storage needs

Blob storage is ideal for

  • Serving images or documents directly to a browser

  • Storing files for distributed access

  • Streaming video and audio

  • Storing data for backup and restore

  • Storing data for analysis by an on-premises or Azure-hosted service

Acccessing blob storage

Users can access blobs via URLs, the Azure Storage REST API, Azure PowerShell, Azure CLI, or Azure Storage client library

Azure Files

Azure Fule storage offers fully manages file shares in the cloud that are accessible via the industry standard Server Message Block(SMB) or Network File System(NFS) protocols. Azure Files file shares can be mounted concurrently by cloud or on-premise deployments.

SMB Azure files shares can be cached on Windows servers with Azure File Sync for fast access near where the data is being used.

Benefits include

  • Shared Access

  • Fully managed

  • Scripting and tooling

  • Resiliency

  • Familiar programmability

Azure Queues

Is a service for storing large number of messages. Once stored, you can access the messages from anywhere in the world via authenticated calls using HTTp or HTTPS. A queue can contians as many messages as your storage account has room for. Queues are commonly used to create a backlog of work to process asynchronously

Queue storage can be combined with compute functions like Azure Functions to take an action when a message is received.

Azure Disks

Conceptually they are same as physical disk, but they are virtualized offering greater resiliency and availability than a physical disk.

Azure Tables

stores large amounts of unstructured data.These are a NoSQL datastore that accepts authenticated calls from inside and outside the Azure cloud. This enables you to use Azure tables to build your hybrid or multi-cloud solution and have your data always available.

Identity Azure data migration options

Azure Migrate

Azure Migrate is a service that helps you migrate from an on-premise environment to the cloud. Azure Migrate functions as a hub to help you manage the assessment and migration of your on-premises datacenter to Azure.

It provides

  1. Unified migration platform

    • a single portal to start, run, and track your migration to Azure

  2. Range to tools

    • azure migrate tools include Azure Migrate:Discovery and assessment and Azure Migrate: Server Migration also integrates with other Azure services.

  3. Assessment and migration

    • in the azure migrate hub you can assess and migrate you on-premise infrastructure to Azure.

Integrate Tools

The Azure Migrate hub includes the following tools to help with migration

  1. Azure Migrate: Discovery and assessment

    • Discover and assess on-premise servers running on VMware, Hyper-V and physically servers in preperation for migration to Azure

  2. azure Migrate: Server Migration

    • Migrate VMware VMs, Hyper-V VMs, physical servers and other virtualized servers and public cloud VMs to Azure

  3. Data Migration Assistant

    • is a standalone tool to assess SQL servers. It helps pinpoint potential problem blocking migration.

    • It identifies unsupported features, new features that can benefit you after migration and the right path for database migration

  4. Azure Database Migration Service

    • Migrate on-premise databases to Azure VMs running SQL Server, Azure SQL Database, or SQL Managed Instances

  5. Azure App Service migration assistane

    • is a standalone tool to assess on-premise websites for migration to Azure App Service.

  6. Azure Data box

    • use this tool to move large amounts to offline data to Azure

Azure Data box

Azure data box is a physical migration service that helps transfer large amounts of offline data in a quick, inexpensive and reliable way.\

Once the data from your import order is uploaded to Azure, the disks on the device are wiped clean in accordance with NIST 800-88r1 standards. For an export order, the disks are earsed once the device reaches the Azure datacenter

Identify Azure file movement options

In addition to large scale migration using services like Azure Migrate, Azure also tools designed to help you move or interact with individual files or small file groups.

AzCopy

AzCopy is a command0line utility that you can use to copy blobs or files to or from your storage account. With AzCopy, you can upload, download, copy file in between storage accounts and even synchronize files. AzCopy can even be configured to work with other cloud providers to help move files back and forth between clouds.

Synchronizing blobs or files with AzCopy is one-direction synchronization. When you synchronize, you designated the source and destination and AzCopy will copy files or blobs in that direction. It doesnt synchronize bi-directionally based on timestamps or other metadata.

Azure Storage Explorer

It is a standalone application that provides GUI to manage files and blobs in you Azure Storage Account. BTS it uses AzCopy to perform actions

Azure File Sync

Azure file sync is a tool that lets you centralize your file shares in Azure Files and keep the flexibility, performance and compatability of a Windows file server. Once you install Azure File sync on your local windows server, it will automatically stay bi-directionally synced with your files in Azure.

With Azure File Sync you can

  1. Use any protocol thats available on windows server to access your data locally, including SMB, NFS, FTPS

  2. Have as many caches as you need across the world

  3. Replace a failed local server by installing Azure File Sync on a new server in the same datacenter

  4. Configure cloud tiering so that most frequently accessed files are replicated locally, while infrequently access files are key in the cloud until requested.

PreviousArchitecture-ServicesNextAzure

Last updated 1 year ago

LRS
ZRS
GRS
GZRS