Azure Storage account is a placeholder for several storage types which can be accessed from the same location. This includes among the others, storage like blobs, files, tables and disks. A single namespace which applications can use as a target for storing their data. The number of applications that can leverage the Azure Storage account is massive and typically blob storage and file shares are the most common. Respectively for long term retention (ie. Backups with GrandFatherFatherSon scenarios) and flexible file shares that can be accessed from on-premises environments as well. Of course disks as well as the data stores for the virtual machines running in Azure Cloud.
At the time of writing Microsoft Azure offers different types of storage account types. This article covers the latest General-purpose v2 which supports Blob, File, Queue, Table and Disk. The idea is to create an Azure Storage account which could be used as a target for long retention Veeam Backups. As of the Veeam Backup 9.5 u4 it is possible to further extend the SOBR (Scale Out Backup Repository) to include object storage, for example in Azure Blob. For demo purposes it is possible to sign up and create a free Azure account which entitles to a number of Azure services for 12 months plus a number of other services free for unlimited time. Blob storage is included up to 5 GB for 12 months.
Detailed information on how the Azure Storage account works can be found here.
How to setup Azure Storage account
Once the Azure account is created it is possible to start creating the Azure resources and services. From the home page the link to create a new Azure Storage account.
It is possible to create more than one Azure Storage account per Azure tenant. Each one of them can have separate settings like the Security, data redundancy, the access tiers and more. For example creating separate storage accounts for Production and Development environments. Even assign them to different Azure resource groups or subscriptions. And other criteria based on requirements.
The process to create a storage account is wizard driven and includes the option to automate using several types of scripting from the Azure CLI shell. First option is to assign a subscription along with a resource group name. This can be created on the fly.
Next is to specify the Azure Storage account name which requires a unique name. In addition, the options to set the location (very important from a data sovereignty and cost perspective). In terms of performance the “Standard” option uses the magnetic disks suitable for applications which require big amount of storage. The “Premium” option instead uses the solid state drives which offer low-latency performance for I/O intense applications.
For the “Account kind” the best practice is to choose the General-purpose v2 which provides access to several storage types. Last but not least the option to select the Geo-replication types across the Azure Data Centers:
- LRS (Locally-redundant storage)
- ZRS (Zone-redundant storage)
- GRS (Geo-redundant storage)
- RA-GRS (Read-Access geo-redundant-storage)
The Advanced section covers more settings like “Security” (leverage HTTPS over HTTP for connections), “Virtual Networks” (restrict access only to specific virtual networks in Azure tenant), “Data Protection” (a soft delete option for blobs so these can be easily restored) and “Data Lake Storage Gen2” (which is used for ADLS namespace helping big data analytics workload).
It is also possible to add custom “Tags” which can be used to quickly identify and automate resources for orchestrated deployments and reporting. More on this in a separate article.
And a last section to review and validate the chosen settings before committing changes.
As soon as the Create button is hit a new notification shows the new deployment is underway and takes a few moments to create the new storage account resource.
The new Azure storage account is now created. From the same blade also sections with the main details.
The inputs shows the main settings.
Since this is a “simple” deployment no further information or activity is reported.
Should the same Azure Storage account deployment be replicated the Template section offers the necessary information helping with the automation process.
At this point from the main screen in the Storage account it shows all the created ones.
When selecting the Storage Account it is possible to create the storage types (blob, files, tables, queues) based on the Storage Account kind and configure them individually.
Among the many configuration options, certainly at a first glance the Geo-Replication catches the attention. Based on selection it shows the replication type along with the primary location.
In the Configuration section the ability to change some of the settings previously selected.
Another one really useful is the option to allow access to specific services, resource types and permissions. This provides a more granular access only for the intended resources.