Azure storage is one of the very important service. It is completely managed by Microsoft.
In this article let’s have a look at what is storage service and some basic terminology around it.
What is Azure Storage Service ?
Azure storage service is a cloud service that is provided by Microsoft. It provides object store for very big objects, it provides a file system service in cloud, and it also provides No SQL store.
Azure storage service is
- durable, meaning your data is safe even if there is transient hardware failure
- highly available, meaning you can opt to choose appropriate redundancy level to avoid its loss in the event of localized natural disaster.
- secure, meaning the service provides granular control over who can access your data. The data written is encrypted by the service.
- scalable, meaning the service has ability to scale in order to serve performance / storage needs of modern applications
- managed, meaning the service is completely managed by Microsoft. Any hardware replacement or upgrades are done by Microsoft.
- accessible, meaning the data stored in Azure storage can be access from anywhere in the world by using HTTP or HTTPs. There are client side SDKs available in various languages, which provide APIs to interact with Azure storage.
Services Offered by Azure Storage
Below are some of the important services which are offered by Azure storage service:
The Blob storage are optimized for storing the massive amount of unstructured objects. The virtual machine disks are also stored in this type of storage.
This is ideal storage for binary files e.g. images, vidoes, audio etc.
The objects in blob storage are available on HTTP or HTTPS from across the globe. There are client SDKs available for multiple languages including .NET, Java, NodeJS, Python, PHP, etc.
There are below blob types supported:
- Block Blobs, each blob is broken down in blocks of 100MB, allowing to upload multiple blocks in parallel.
- Append Blobs, supports only appending blocks only to the end of blob.
- Page Blobs, is used for storing VHD files, (Azure Disks).
There are 3 different access tiers for blobs:
- Hot, to store data that is accessed very frequently
- Cool, to store data which is not accessed very frequently and stored for at least 30 days
- Archive, to store which is not accessed frequently, and stored for at least 180 days. Restoring this data may take hours.
You can access the files using a file URL and a token called as shared access token. This can be thought of a file share which can be accessed from anywhere in the world as long as you are connected to internet.
The Queue storage is used to store store and retrieve list of messages. This enables reliable messaging among different applications or application components.
Azure Table Storage is used to store No SQL data. It provides a key /value store with schemaless design.
There is now a premiere offering for table storage, CosmosDB.
Azure managed disk is a virtual hard disk (VHD). It is called as managed because it is abstraction over page blobs, blob container and Azure storage accounts.
What are type of Storage Accounts ?
A storage account is required to use the Azure storage service. You can create the storage account using Azure Portal. You can also choose to use PowerShell or Azure CLI or ARM template to create the storage account
While creating storage account, we need to provide which kind of storage account is required to be created. There are 5 different kinds, which are mentioned below.
Please note that some of the services offered by one kind of service account may not be available in the other kind. Hence selecting appropriate kind during creation is very critical.
General Purpose v2
Basic storage account type. It supports blob, files, tables and queues. This is recommended by Azure for most of scenarios using Azure storage.
This is supported in both premium and standard performance tiers. All three blob access tiers (hot, cool, archive) are supported by this type.
General Purpose v1
Legacy account type. Azure recommends to use General Purpose v2 whenever possible.
Block Blob Storage
This type supports only block blobs and append blobs. It does not support page blobs, or any other storage service. Also, this is available only on premium tier.
This type supports only files storage. It does not support any other storage service. This is also available only in premium tier.
This type is available only on standard tier and it supports all 3 blob access tiers (hot, cool and archive).
This supports only blobs and does not support any other service. This is legacy account type and Azure recommends to use General Purpose v2 whenever possible.
There are two types of encryption supported by Azure storage:
Encryption at Rest
When data is being written, Azure storage service automatically encrypts the data. Also while reading, it automatically decrypts it, keeping this level of encryption transparent to the consumer.
Client Side Encryption
There are client SDKs provided by Azure which can be used with various platforms and languages. These SDKs provide methods to encrypt the data before sending the actual data to Azure storage.
Redundancy is what makes azure storage durable and highly available.
In order to better understand the redundancy levels, you may want to first understand how Azure infrastructure is organized. This previous article from my blog may help you to understand what is rack, availability zone, azure region, etc.
Below are the options available:
LRS – Locally Redundant Storage
Low cost replication strategy, data is replicated in the primary region synchronously.
ZRS – Zone Redundant Storage
Data is replicated across availability zones, synchronously. This will make sure the data is available even if an availability zone from a region is down. But this may not protect if the whole Azure region is down.
GRS – Geo Redundante Storage
This level is to keep data available even if the primary azure region is down. The data is copied three times to primary region synchronously and then it is copied to secondary region asynchronously.
You can also opt for RA-GRS level, meaning your application will have a read access to secondary region if the primary region is not reachable. However as the name suggests, it is only read access, and your application will not be able to write any new data.
GZRS – Geo-Zone Redundante Storage
Data is copied to three availability zones in primary region synchronously and then it is copied to the secondary level.
You can also opt for RA-GZRS, meaning your application will have read access to replicas.
As stated earlier, many of the interactions with Azure storage account can be done using Azure Portal, Azure CLI or PowerShell.
There is also a free, open source GUI tool, Azure Storage Explorer, which can enable you to work visually with Azure storage. You can connect to specific storage account.
The Microsoft Azure storage emulator is a tool that emulates the Azure Blob, Queue, and Table services for local development purposes.
I hope this article provides you high level overview of Azure storage. Let me know your thoughts.