What Is Azure File Sync
Have you ever struggled with file server capacity? Would you like the same file shares to be available in multiple offices? Would you like to centralized the backup of file shares? Would you like all of that, but make it transparent and without compromising performance for users? Read on!
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
A New Hybrid Service
Microsoft has managed to introduce Azure services into business without customers necessarily relocating or deploying applications in Azure. Services such as StorSimple (tiered storage appliance), Azure Backup, and Azure Site Recovery (disaster recovery) supplement existing investments in IT with cloud-based or cloud-first storage, backup, and DR solutions.
Azure File Sync is another of these kinds of services that solves problems with the good ole’ file server, which exists despite the best efforts of SharePoint, OneDrive for Business and other efforts from Microsoft, its partners, and competitors. Azure File Service is in preview now and Microsoft is keen for you to test it and give your feedback.
The first function of Azure File Sync is to synchronize file shares (data and ACLs) to a (general) storage account using the Azure Files service. One can create a sync group and then specify a path on a file server to synchronize to Azure. A non-disruptive agent is installed onto the file server, meaning that there is no need to relocate data onto different volumes to take advantage of this service. Non-system data volumes are supported. The results of this are:
- Azure File shares are created in the storage account.
- Azure becomes the master copy of the shares – more on this later.
- End users have no idea that this has happened.
- Changes to on-premises data are synchronized in real time to Azure.
Note that remote users can connect to file shares using a Net Use command to mount the share across the Internet; latency and bandwidth will have an impact on performance.
A company with more than one office might require file share content to exist in more than one office. It is possible to synchronize the master shares in Azure to multiple file servers in different offices.This means that many offices can have the same file share with synchronization via the master copy in Azure.
Unfortunately, Azure File Sync does not synchronize file locks. Microsoft is aware of this demand and will work on it after general availability. If users in two sites update the same file at the same time, the second save will result in a copy of the original file. No data is lost.
A larger corporation might have file servers in different continents and wish to deploy common file shares. Azure Files will be able to replicate across Azure regions. A file server can then be configured to connect to the closest replica of the file shares in Azure. Latency will be minimized and we get to take advantage of Azure’s high-speed backbone for inter-region synchronization.
Backing up branch office file servers is a pain in the you-know-where. If a branch office file server is synchronizing to Azure, then all of the data is in a nice central place that is perfect for backup. And Microsoft recognized that possibility.
Azure Backup will be used to backup shares in Azure Files. During the preview of Azure Files, backups will:
- Be done using a new snapshot feature in storage accounts. The snapshots remain in the storage account that contains the synchronized Azure Files.
- Offer up to 120 days of retention.
Microsoft acknowledged that the above backup would not be ideal. So, with general availability the solution changes:
- Backups will be stored outside of the storage account in the recovery services vault.
- Long-term retention will be possible for organizations that have regulatory requirements.
Imagine that you lose a file server in an office. Azure File Sync has a DR solution that is very similar to the DR solution in StoreSimple. You can deploy a new file server, connect it up to the shares in Azure, and the metadata of the shares will be downloaded. At that time, end users can see and use the shares and their data. Over time, files will be downloaded to the file server.
One could see how this DR solution could also be used to seed a file server in a new branch office with existing shares.
Now we get to one of the best features of Azure File Sync. I cannot remember the last time I saw a file server that was not struggling with disk capacity. Most of the data on that file server is old, never used, but cannot be deleted. No one has the time to figure out what’s not being used and no one wants to risk deleting something that will be required in the future.
You can enable a synchronization policy on a per-file server basis. Different servers connected to the same shares can have different policies. The tiering policy allows you to specify what percentage of the data should be synchronized to Azure. Cold files will be removed from the file server with the copies remaining in the master in the Azure storage account.
This tiering is seamless. The only clues that the end user will have that the cold files are in Azure are:
- The icons are greyed.
- An offline (O) file attribute.
When the user browses a share, on-premises copies and online (cold files tiered to Azure) files appear side by side. If a file format supports streaming, then that file will be streamed to the client via the file server.
Microsoft is using some interesting terminology in this scenario. The file server is being referred to as a caching device for performance. All of the data in the file shares are in Azure. With tiering enabled, we are keeping the hot files on-premises with a reduced storage requirement. This means that we have effectively relocated shares to Azure but are using file servers as caches to maintain LAN-speed performance.
Anti-Virus and On-Premises Backup
If you have enabled tiering, then you need to be very careful. A small number of well-known anti-virus solutions have been tested and verified as working. The worry is that a scan will cause online-only files to be downloaded by a scheduled scan.
Once you enable tiering, you must not do an on-premises backup. Think about it; the backup is going to cause those online-only files to be downloaded for backup. Instead, use Azure Backup to do your backups.
Microsoft has documented a lot of information about Azure File Sync. During this point of the preview, the service is only available in the following Azure regions:
- West US
- West Europe
- South East Asia
- Australia East
The preview supports file servers running:
- Windows Server 2012 R2 (Full with UI)
- Windows Server 2016 (Full with UI)
I have known about Azure File Sync for quite a while under NDA. I have been itching to start talking about it because I see it as a killer service that an incredible number of businesses could benefit from. I would have loved to have has Azure File Sync when I last ran infrastructure in branch offices. If you struggle with file server capacity, or file servers in branch office deployments wreck your head, then I would strongly encourage you to get on the preview. Get to know this service and give Microsoft your feedback.