Tag: Azure

Installing Azure File Sharing

Published on in Azure by Elvis

Azure File Sharing (AFS) is a new technology, currently in public preview, used for caching files or syncing file servers or cluster around the datacentres. If you want to know more about useful scenarios where to use AFS, I suggest you to read this blogpost or watch this video.
In this post, I will explain how to install AFS on a server to be synchronized with Azure. I will go thru installation of the first server, but installing agent on the second or any other server is just the same process as for the first one. Of course, you must have an active Azure subscription (you can open a trial, but this will be time limited – maybe just for testing) and a supported server OS – Windows server 2012R2 or Windows Server 2016.
First step is done in Azure. Here we have to prepare the Storage account:

  1. Login to Azure portal
  2. On the Left side menu select +New, in Marketplace select Storage and then Storage account and click Create.
  3. Write the Name of the account, the Account kind MUST BE »General purpose« and Replication »Locally-redundant storage (LRS)«. Set Storage Service encryption and Storage Transfer required to »True«.
  4. You can create a new Resource group or use the existing one.
  5. Use one of the supported Locations. (list)

Now we have to create an Azure File Share:

  1. Navigate to Storage account that we have created previously
  2. In Overview find section Files and click on + File Share
  3. Write the Name and click Create.

As last, we have to create Storage Sync Service:

  1. In Azure Portal, click on +New, in search box type » Azure File Sync«, select Azure File Sync (preview) and click Create.
  2. Fill all fields, use the same Resource group as in Storage account and click Create.

For now, we have finished to prepare the Azure part and we will move to our on premises server. We will install Agent here and test prerequisites.
First, we have to find if our server has all that we need to install the agent:

  1. We will need PowerShell version 5.1 or higher. You can check this from PowerShell with cmdlet $PSVersionTable. If PSVersion is lower than 5.1, then you must upgrade PowerShell by installing WMF 5.1 Package (install Win8.1AndW2K12R2-KB3191564-x64.msu)
  2. Install AzureRM cmdlets with installing PowerShell module: Install-Module AzureRM (Answer Yes to continue and to install from untrusted repository – it is a preview).
  3. Register AFS provider: Register-AzureRmResourceProvider -ProviderNamespace Microsoft.StorageSync. In case that you receive this error, run cmdlet Login-AzureRmAccount 
  4. Disable Internet Explorer Enhanced Security Configuration (you should do this because you have to login into Azure later).

Now we will install the agent on the server that we want to sync:

  1. Download agent installation from Azure portal
  2. Run the installation wizard
  3. On a welcome page click Next, accept the license agreement and click Next.
  4. On the Feature selection you can change the location for the files and click Next
  5. Consider using Windows Update services to update the AFS agent (it is already a part of MS Updates) and click Next
  6. Click Install
  7. After the installation is finished, the server registration will run. If this will not happen or you want to run it manually later, you can search for file ServerRegistration.exe and run it.
  8. In Server Registration, sign in to Azure with your Azure subscription (this step will open an Internet Explorer window to sign in process)
  9. Select the needed data (Subscription – if you have more than one, Resource group that you used in previous steps and Sorage sync service that you created before)
  10. Click Register.
  11. After successful registration, you completed a server agent installation, server registration to AFS service.

We have now created Storage Sync Service, installed agent on our server and registered our server to created Storage Sync Service, but we haven’t yet configured the synchronization between Azure and on premises servers – so synchronization is not working in this moment.
We have to add Azure server as an endpoint in Sync Service. The easiest way to do this is in the Azure portal:

  1. Login to Azure portal
  2. Navigate to Storage Sync Service we created and in Overview click on +Sync group.
  3. Type all data and click Create.
  4. Click on Sync group you created and add Server Endpoint
  5. When you are adding server Endpoint, you have to enter FULL LOCAL PATH on the server and the percent of free disk space on local server (can be different for any server).

Done! You have now created Azure File sync and you have just to wait for the first sync. Of course, it can take some time – depends on the amount of data, but after this you will have all your files safe in Cloud. For this reason, you can use this service as a DR scenario.
If you want to add an additional server to the same AFS service, just repeat all steps that were done on the local server and register it to existing AFS account. Different server scan host locally different files (depends on usage), can be member of different domains or workgroups – so you can use this technology for some collaboration projects as well.

Azure File Services – first overview

Published on in Azure, Windows Server by Elvis

Azure File Services (AFS) is new service in Azure, currently in public preview. From my perspective, it is a service with very strong fundamentals and a granted future.
What can we do? What are objectives? Well, we are producing more and more data every day, we are building every day new datacenters (on premise), open new corporate locations and this are all reasons why we have problems with disk space and syncing data around the world.
AFS is a technology dedicated to solve these problems and help us to have more control on our data and hardware usage. We can use AFS in various modes or combinations:

  • We can sync a server or cluster to Azure and duplicate all files from local storage to Azure – just because we want to have additional security or additional access point (Azure file share)
  • We can sync a server or cluster to reduce our hardware needs. We have locally stored only files that we use frequently; all other older files will be present only in Azure and we don’t need disk space for them. This is tiering space where we can write our rules how files will go to the cloud and they disappear from local storage. In this case, if we need a file that is present only in Azure, we can see it on local storage (grayed icon) and the file is transferred locally from Azure in a moment that we click on it – now it is located also on local storage and is under AFS rules.
  • We can sync more servers (clusters) in different datacenters across the world like DFS. Sync is done through Azure services and all files will exist on Azure (not necessary on premise), so Azure is in this case the new file store. Of course, because different locations work with different files, on premise content can (will) vary from server to server. We cannot expect that all server will have the same files stored on local storage and there will not be a point where you can find all your files together except on Azure storage.

Using this technology will change your environment, your way of thinking about some operations that are now clear and from this reason it is very important to know what and how will be impacted. For sure the most important thing that have to be changed is the backup. You have to know, that you have all files only in Azure, so backup has to be done there. If you want to do backup locally, there will be a problem because you will access to any file every time you will do a backup and those files will remain on premise – as frequently used files.
We have a nice short video for AFS. You can watch it here.

How to establish which files are good for AFS technology?
It depends from your usage, company infrastructure and of course file types. First, you have to identify files or shares. In some cases, maybe you will replace DFS technology with AFS (your users use different files in different locations and there is no need to have anywhere all files stored locally). Maybe you have a large number of old files (I am thinking about my client – advertising agency – they have really many old projects that they need to be stored in archive, but they practically never use). This are some cases where you can use ASF. You will have a good and long retention policy in Azure, you don’t need to care about backups, disk spaces … This is very important and is money value – also for an administrator.

It is difficult to establish the AFS?


No. I can say that is simpler than build some DFS infrastructures. In short, you just need to install AFS agent on server, create Storage account and AFS service in Azure and connect both ends. For few servers, you will be able to do it in few hours. But here you have to know, that synchronization will take some time and to have a complete infrastructure up to date and working, it will take longer; depend on data amount and internet bandwidth. If you will try to test it, just take your time, go slower, wait for steps to complete and you will be happy with the results.
I will write a post in few days with step by step instructions how to connect a server to AFS and make all working.

For me, this technology can be used in very small companies in one way and in large companies in another way. It is very flexible, with very large specter of usage and different solutions. I am sure that this approach is the best way to have a lot of implementations, successful stories and satisfied customers. This is what we want to do and I am sure that is done very well yet.

Create Virtual network in Azure

Published on in Azure, Management, Virtualization, Windows Server by Elvis

I decided to publish few articles where I will document how to create a hybrid network between your local network and Azure (using some chip routers) and finaly how to create a VM in Azure as a part of your network. This is the Part 1 of whole proces and here is covered how to create Virtual network in Microsoft Azure.

In this article I will explain the complete step-by-step guideline how to create a network in Azure, site to site VPN from your local network to Azure and finally how to create an Azure VM connected to your local domain.
There are few things that you have to know:

  • local subnet,
  • IP of local router,
  • IP of local DNS server (in your AD domain).

First we need to create virtual network in Azure. This will be a part of our network, but as we will connect to this network via VPN, it must be on a different subnet.
To create a Virtual network, you have to login into an Azure portal, select Networks and then Create a virtual network.

Screen1

This will launch a wizard for creating network and this are the steps that you have to perform. First just give a name to network and chose a location and subscription. Be careful with choosing a location. Later you will be able to use VPN only to virtual machines, in the same location where the network is.

Screen 2

On the second screen you have to enter some data about connectivity. As we said at the beginning, the VPN will be site to site, so you have to select this one. DNS servers will be used to resolve names in this network and as we want to add a virtual machine, which is a part of our Active directory, we should be able to resolve it in our AD. This is the reason why specified DNS servers have to be our local DNS servers from local AD (not public DNS!).

Screen 3Next step is to specify our local network. You have to specify the name of the network.
VPN device IP address is a public address of your router, from which you will establish the connection to Azure.
In address space you have to specify all of your private networks, from which you want to establish connections to Azure.
All of this data are needed by Azure for determination of routes and connectivity.

Screen 4

In the last step, you have to define the address space used in Azure. This is a private IP address space and has to be different from your local IP address space.

Screen 5

The rules to define are the same as those you have when you create VPN between two local sites, but there are some more settings:

  • Address space defines the whole address space that you can use as a part of Azure virtual network. Any subnet, which is a part of this network, must be created as a part of this space.
  • Gateway subnet: this subnet is responsible to have connectivity outside of Azure. In this subnet will be located a router, which will act as endpoint of VPN tunnel. Do not use this subnet to create virtual machines in it.
  • Subnet: you have to create at least one subnet. This will be the address space where you will create virtual machines. In many cases will be enough one subnet, but if you have to build a larger deployment, isolations of VM or similar things, maybe you will need more than one.

Screen 6

With this steps you created a set of network settings that include Azure virtual network, local network and DNS setting. When you finish this steps, your Azure network is ready to use, but don’t forget to create a gateway. This one is necessary to establish a VPN connection.

Screen 7

If you want to use this network in a combination with your local network, you have to create a gateway. This is an IP which will act as an end point of VPN Tunnel. For creating the gateway, you have another wizard; it is not complicated, but it could take time (30 minutes or more).

Screen 8

Click on create gateway on the bottom of the page, and use Static routing if you have a static IP address. After the creation of the gateway is complete, you will have an IP address of the gateway. This is the IP address that you will have to write into your local router as the endpoint of VPN. The only thing that is missing now, is a shared key. You can read it by clicking Manage Key button on the bottom of the page. Write down this key, because you will need it later in the router configuration.

If you have a router model (like Cisco…) that is supported by Azure, you can export data to configure it directly from the portal with clicking “Export” button. In all other cases, you will need to estabilish VPN manually – here you will need to press the Manage Key button.

AzN9

 For establishing the connection to Azure network successfully, you will need a preshared key and a gateway IP address (showed at previous and next picture). I recommend, to write them down into some file or on a paper.

AzN10.