Oh, the chicken
before the egg… or the horse before the cart!
I have this laundry list of things I want to do in the lab, but realized
that I would likely need to store some files for my Azure VMs to access. I will admit that the enhancements with RDP,
particularly being about to copy and paste files from a local Explorer window
to a remote one are super handy, but I wanted to avoid relying on connecting to
the GUI as much as possible. Plus I
wanted to create a centralized location for these files, so I wouldn't need to
ensure that file services was always accessible from a particular VM.
Enter Azure Files.
Azure Files allows
you to create a SMB share in Azure Storage that is then accessible from
machines in the same region. For the Imperfect Lab, my first goal with this is
create a location where I can put some files for use later when connect to my
Imperfect Lab domain controllers. You
can find a basic, step-by-step for getting Azure Files going in the Azure
documentation, but this is what I did for my lab.
Also for those of you want a neater way to copy my lines of code, you can find the code from this post here. (It's not embedded because the Blogger platform is a PITA, but I digress.)
Created a new storage account: New-AzureStorageAccount -StorageAccountName <storageaccountname> -Location ‘West US’
Captured the Access Key as a variable:
$storageAccessKey =
(Get-AzureStorageKey –StorageAccountName <storageaccountname>).Primary
You can also get the
full key from the Azure Portal. Just click "Manage Access Keys" from
the black tool bar at the bottom of the page for the storage account.
Created a security
context with the access key:
$storageContext =
New-AzureStorageContext <storageaccountname> $storageAccessKey
Created a new share:
$share =
New-AzureStorageShare <sharename> -Context $storageContext
Created a directory
in the share. I called mine "powershell" in this example:
New-AzureStorageDirectory
-Share $share -Path powershell
I wanted to upload a
file to my new directory, so I used:
Set-AzureStorageFileContent
-Share $share -Source "localfilepath" -Path powershell
To check that it
made it, I used: Get-AzureStorageFile -Share $share -Path powershell
Okay, now that I
have my Azure Files going, I need to be able to access it from my VM in
Azure. You can do this simply by RDPing
to your client, passing it your storage credentials and then mounting the
share. You'll need that key from the
portal to do this since your VM likely won't be connect to your Azure
subscription to capture it as a variable like I did in the previous code.
If you don't want to
RDP to the machine, you can do this from the command line of your remote
machine by opening a PS-Session, just note that the credentials won't be
persistent that way and your mapping won't be retained after a reboot.
cmdkey
/add:<storageaccount>.file.core.windows.net /user:<sharename>
/pass:<accesskey>
Alternatively, if
you don't have persistent credentials, you can just pass them along right with
the net use command:
net use z: \\imperfectfiles.file.core.windows.net\imperfectshare
/p:no /u:imperfectfiles $storageAccessKey
Once I have that
drive mapped, I can use PS-Session commands remotely, yet access files that are
stored locally on the VM, like CSV files or to write logs. And if you want to delete files, use REMOVE
instead of SET, or GET if you want to download them. For example:
Remove-AzureStorageFile
–Share $share –Path [foldername]/[filename]
As an added note, Azure Files differ from Blob storage because they are accessible via SMB and allows you to build a traditional folder hierarchy if you need one. However only VMs in the same region can access it. Regular blob storage has the ability to be accessed globally and by the "public" without an access key. Azure Files are accessible via both REST and SMB, where Blob storage is only accessible via REST.
As an added note, Azure Files differ from Blob storage because they are accessible via SMB and allows you to build a traditional folder hierarchy if you need one. However only VMs in the same region can access it. Regular blob storage has the ability to be accessed globally and by the "public" without an access key. Azure Files are accessible via both REST and SMB, where Blob storage is only accessible via REST.