AZ-900 자격증 준비 6 - Describe Azure storage services

6.1 Describe Azure storage accounts

A storage account provides a unique namespace for your Azure Storage data that's accessible.

Data in this account is secure, highly available, durable, and massively scalable.

 

When you create your storage accuont, you start by picking the storage account type. 

The type of account determines the storage services and redundancy options and has impact on the use cases.

Redundancy options:

- Locally redundant storage (LRS)

- Geo-redundant storage (GRS)

- Read-access geo-redundant storage (RA-GRS)

- Zone-redundant storage (ZRS)

- Geo-zone-redundant storage (GZRS)

- Read-access geo-zone-redundant storage (RA-GZRS)

 

Standard general-purpose v2

Supported services: Blob storage (including Data Lake Storage), Queue Storage, Table Storage, and Azure Files

Redundancy options: LRS, GRS, RA-GRS, ZRS, GZRS, RA-GZRS

Usage: standard storage account type for blobs, file shares, queues, and tables. Recommended for most cases

 

Premium block blobs

Supported services: Blob storage (including Data Lake Storage)

Redundancy options: LRS, ZRS

Usage: Premum storage account type for block blobs and append blobs. Recommended for scenarios with high transaction rates or that use smaller objects or require consistently low storage latency.

 

Premium file shares

Supported services: Azure Files

Redundancy options: LRS, ZRS

Usage: Premium storage account type for file shares only. Recommended for enterprise or high-performance scale applications.

 

Premium page blobs

Supported services: Page blobs only

Redundancy options: LRS

 

 

 

6.2 Describe Azure storage redundancy

Azure Storage always stores multiple copies of your data so that it's protected from planned and unplanned events.

Redundancy ensures that your storage account meets its availability and durability targets even in case of failures.

 

Factors to determine which redundancy option to choose:

- How your data is replicated in the primary region

- Whether your data is replicated to a second region that is geographically distant to the primary region, to protect against regional disasters.

- Whether your application requires read access to the replicated data in the secondary region if the primary region becomes unavailable.

 

Redundancy in the primary region

Data in an Azure Storage account is always replicated three times in the primary region.

Azure Storage offers two options for how your data is replicated in the primary region: LRS and ZRS.

 

Locally redundant storage (LRS)

LRS replicates your data three times within a single data center in the primary region and provides 11 nines of durability.

LRS is the lowest-cost redundancy option and offers the least durability compared to other options.

LRS protects your data against server rack and drive failures, but if a disaster occurs within the datacenter, all replicas of a storage account using LRS may be lost or unrecoverable.

To mitigate the risk, use zone-redundant storage (ZRS), geo-redundant storage (GRS), or geo-zone redundant storage (GZRS).

 

Zone-redundant storage (ZRS)

For Availability Zone-enabled regions, ZRS replicates your Azure Storage data synchronously across three Azure availability zones in the primary region and provides at least 12 nines of durability.

With ZRS, your data is still accessible for both read and write operations even if a zone becomes unavailable.

If a zone becomes unavailable, Azure undertakes networking updates, such as DNS repointing.

 

 

Redundancy in a secondary region

For applications requiring high durability, you can choose to additionally copy the data in your storage account to a secondary region.

If the data in your storage account is copied to a secondary region, then your data is durable even in the event of a catastrophic failure that prevents the data in the primary region from being recovered.

When you create a storage account, you select the primary region for the account and the paired secondary region is based on Azure Region Pairs and can't be changed.

Azure Storage offers two options for copying your data to a secondary region: geo-redundant storage (GRS), which is similar to running LRS in two regions, and geo-zone redundant storage (GZRS), which is similar to running ZRS in the primary region and LRS in the secondary region.

Data in the secondary region is not available for read and write unless there's a failover to the secondary region.

If the primary region becomes unavailable, you cacn choose to fail over to the secondary region, and you can read and write data.

Because data is replicated to the secondary region asynchronously, a failure that affects the primary region may result in data loss if the primary region can't be recovered.

The interval between the most recent writes to the primary region and the last write to the secondary region is Recovery Point Objective (RPO).

 

Geo-redundant storage (GRS)

GRS copies your data synchronously three times within a single physical location in the primary region using LRS.

It then copies your data asynchronously to a single physical location in the secondary region (region pair) using LRS.

GRS offers durability of at least 16 nines.

 

Geo-zone-redundant storage (GZRS)

 

 

Data in a GZRS storage account is copied across three Azure availability zones in the primary region (ZRS) and is also replicated to a secondary region using LRS.

Recommended to use GZRS for applications requiring maximum consistency, durability, and availability, performance and resilience for disaster recovery.

Also provides at least 16 nines of durability.

 

Read access to data in the secondary region

Geo-redundant storage (with GRS or GZRS) replicates your data to another physical location in the secondary region to protect against regional outages.

But data is only available to be read if the failover is initated from the primary to secondary region.

If you enable read access to the secondary region, your data is always available, even when the primary region is running optimally.

For read access to the secondary region, enable read-access geo-redundant storage (RA-GRS) or read-access geo-zone-redundant storage (RA-GZRS).

The data in the secondary region may not be up-to-date due to RPO.

 

 

 

 

6.3 Describe Azure storage services

The Azure Storage platform includes the following data services:

- Azure Blobs: Massively scalable object store for text and binary data. Also supports data analytics through Data Lake Storage Gen2.

- Azure Files: Managed file shares for cloud or on-premises deployments.

- Azure Queues: A messaging store for reliable messaging between application components

- Azure Disks: Block-level storage volumes for Azure VMs.

- Azure Tables: NoSQL table option for structured, non-relational data.

 

 

Benefits of Azure Storage

- Durable and highly available: Redundany ensures that data is safe even in hardware failures. Also possible to replicate data across data centers or geographical regions for additional protection. Data replicated in this way remains highly available if an unexpected outage occurs.

- Secure: All data written to Azure storage account is encrypted by the service.

- Scalable: Azure storage is scalable to meet the data storage and performance needs.

- Managed: Azure handles hardware maintenance, updates and critical issues.

- Accessible: Data is Azure storage is accessible from anywhere in the world through HTTP or HTTPS.

 

Azure Blobs

Azure Blob storage is an object storage solution for the cloud.

It can store massive amounts of data, such as text or binary data. 

Azure Blob storage is unstructured, meaning that there are no restrictions on the kinds of data it can hold.

Blob storage can manage thousands of simultaneous uploads, massive amounts of video data, constantly growing log files, and can be reached from anywhere through internet connection.

 

Blob storage is ideal for:

- Serving images or documents directly to a browser

- Storing files for distributed access

- Streaming video and audio

- Storing data for backup and restore, disaster recovery, and archiving.

- Storing data for analysis

 

 

Blob storage tiers

To manage costs for your expanding storage needs, organize your data based on attributes like frequency of access and planned retention period.

Data stored in the cloud can be handled differently based on how it's generated, processed and accessed over its lifetime.

Some data is actively accessed and modified throughout its lifetime. 

Some data is accessed frequently early in its lifetime, with access dropping drastically as the data ages.

Some data remains idle in the cloud and is rarely accessed after it's stored. 

Azure storage offers different access tiers for the blob storage based on this:

- Hot access tier: For storing data that is accessed frequently (e.g. images for your website)

- Cool access tier: For data that is infrequently accessed and stored for at least 30 days (e.g invoices for customer)

- Cold access tier: For storing data that is infrequently accessed and stored for at least 90 days

- Archive access tier: For data that is rarely accessed and stored for at least 180 days, with flexible latency rquirements (e.g. long-term backups)

 

 

Azure Files

Azure File storage offers fully managed file shares in the cloud that are accessible via the industry standard Server Message Block (SMB) or Network File System (NFS) protocols. Azure Files file shares can be mounted concurrently by cloud or on-premises deployments. 

 

Azure Files Key Benefits:

- Shared access: Azure file shares supports the industry standard SMB and NFS protocols, meaning you can seamlessly replace your on-premises file shares with Azure Files without worrying aboud application compatibility.

- Fully managed: Azure file shares can be created without the need to manage hardware or an OS.

- Scripting and tooling: Powershell and Azure CLI can be used to create, mount, and manage Azure file shares, also on Azure portal and Azure Storage Explorer.

- Resiliency: Always available.

- Familiar programmability: Applications running in Azure can access data in the share via file system I/O APIs (familiar).

 

 

Azure Queues

Azure Queue storage is a service for large numbers of messages.

Once stored, you can access the messages from anywhere via authenticated calls using HTTP or HTTPS.

Queues are commonly used to create a backlog of work to process asynchronously.

Queue storage can be combined with compute functions like Azure Functions to take an action when a message is received.

E.g. Want to perform an action after a customer uploads a form to your website. You can have the submit button to trigger a message to the Queue storage and then you could use Azure Functions to trigger an action once the message was received.

 

Azure Disks

Azure Disk storage is a block-level storage volumes managed by Azure for use with Azure VMs. 

Same as the physical disk, but virtualized, so offers greater resiliency and availability than a physical disk.

 

Azure Tables

Azure Table storage stores large amounts of structured data, and is a NoSQL datastore.

It accepts authenticated calls from inside and outside the Azure cloud, which enables you to use Azure tables to build your hybrid or multicloud solution and have data always available. 

Azure tables are ideal for storing structured, non-relational data.

 

 

 

6.4 Identify Azure data migration options

Azure supports both real-time migration of infrastructure, applications, and data using Azure Migrate as well as asynchronous migration of data using Azure Data Box.

 

Azure Migrate

Azure Migrate is a service that helps you migrate from an on-premises environment to the cloud.

Azure Migrate functions as a hub to help you manage the assessment and migration of your on-premises datacenter to Azure.

It provides the following:

- Unified migraiton platform: A single portal to start, run, and track your migration to Azure.

- Range of tools: Tools for assessment and migration: Discovery and assessment, Servere migration.

- Assessment and migration: In the Azure Migrate hub, you can assess and migrate your on-premises infrastructure to Azure.

 

Integrated tools:

Tools to help with migration:

- Azure Migrate: Discovery and assesment: Discover and assess on-premises server

- Azure Migrate: Server Migration: Migrate VMs, physical servers, virtualized servers to Azure.

- Data Migration Assistant: Stand-alone tool to assess SQL Servers. It helps pinpoint potential problems blocking migration, identifies unsupported features, new features that can benefit you after migration.

- Azure Database Migration Service: Migrate on-premises DB to Azure VMs running on SQL server.

- Azure Data Box: Use Azure Data Box products to move large amounts of offline data to Azure.

 

 

Azure Data Box

Azure Data Box is a physical migration service that helps transfer large amounts of data in a quick, inexpensive and reliable way.

The secure data transfer done by shipping Data Box storage device that has maximum storage capacity of 80 TB and is transported to and from your datacenter via a regional carrier.

A rugged case protects and secures the Data Box from damage during transit.

 

Use cases:

Data Box is ideal for transferring data sizes larger than 40 TBs and data movement can be one-time, periodic, or an initial bulk data transfer followed by periodic transfers.

Examples:

- Onetime migration - when a large amount of on-premises data is moved to Azure.

- Moving a media library from offline tapes into Azure to create an online media library.

- Migrating your VM farm, SQL server, and applications to Azure.

- Moving historical data to Azure for in-depth analysis

- Initial bulk transfer - when an initial bulk transfer is done using Data Box followed by incremental transfers over the network

- Periodic uploads - when large amount of data is generated periodically and needs to be moved to Azure.

 

 

6.5 Identify Azure file movement options

In addition to large scale migration using services like Azure Migrate and Azure Data Box, Azure also has tools designed to help you move or interact with individual files or small file groups. 

Among those tools are AzCopy, Azure Storage Explorer, and Azure File Sync.

 

AzCopy

AzCopy is a command-line utility that you can use to copy blobs or files to or from your storage account.

With AzCopy, you can upload, download and copy files between storage accounts, and even synchronize files.

AzCopy can even be configured to work with other cloud providers to help move files back and forth between clouds.

Synchronizing blobs or files with AzCopy is one-direction synchronization: you designate the source and destination, and AzCopy will copy files or blobs in that direction.

It doesn't synchronize bi-directionally based on timestamps, or other metadata.

 

Azure Storage Explorer

Azure Storage Explorer is a standalone app that provides a graphical interface to manage files and blobs in your Azure Storage Account and uses AzCopy on the backend.

With Storage Explorer, you can upload to Azure, download from Azure, or move betwen storage accounts.

 

Azure File Sync

Azure File Sync is a tool that lets you centralize your file shares in Azure Files and keep the flexibility, performance, and compatibility of a Window file server. 

Once you install Azure File Sync on your local Windows server, it will automatically stay bi-directionally synced with your files in Azure.

 

 

6.6 Module Assignment

1. Which tool automatically keeps files between an on-premises Windows server and an Azure cloud environment updated?

Azure File Sync

 

2. Which storage redundancy option provides the highest degree of durability, with 16 nines of durability?

Geo-zone-redundant storage

 

3. Which Azure storage service supports the big data analytics, as well as handling text and binary data types?

Azure Blobs