Migrate file server to Azure blob or file share

Lekha Joshi 1 Reputation point
2021-05-13T19:34:32.667+00:00

Hi

  1. I am new to Azure, What is the best way to migrate existing physical/ vmware File server to Azure?
  2. Should I opt for Azure blob or Azure File shares? Which is cost efficient?
  3. I will have to move data, what tool is better I need to bring the data and NTFS permissions.
  4. If we have requirement for provisioning a file server in any case, can I still use Azure file shares and map it via the server?
  5. how to backup/ restore data off of Azure file shares vs blob.
Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,159 questions
Windows Server Migration
Windows Server Migration
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Migration: The process of making existing applications and data work on a different computer or operating system.
408 questions
0 comments

6 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Lekha Joshi 1 Reputation point
    2021-05-15T21:08:26.53+00:00

    We have backup of these shares already in the backup service vault.
    There for I am thinking to stand a new server with the data drives. Restore the azure backup to the new Azure VM and set up the File shares for this backup

    Can anyone please advise how do I go about the NTFS (ACL) permissions. restores have the NTFS, or do I have to write some poershell or robocopy to mirror the permissions from existing shares? it is about 2 TB data.

    0 comments
  2. Lekha Joshi 1 Reputation point
    2021-05-15T21:11:06.523+00:00

    @Sumarigo-MSFT , any ideas? your help is much appreciated

    0 comments
  3. Sumarigo-MSFT 43,411 Reputation points Microsoft Employee
    2021-05-17T09:35:50.453+00:00

    @Lekha Joshi Thanks for raising this question! Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused

    • Azure has multiple available types of cloud storage. A fundamental aspect of file migrations to Azure is determining which Azure storage option is right for your data.

    Azure file shares are suitable for general-purpose file data. This data includes anything you use an on-premises SMB or NFS share for. With Azure File Sync, you can cache the contents of several Azure file shares on servers running Windows Server on-premises.

    For an app that currently runs on an on-premises server, storing files in an Azure file share might be a good choice. You can move the app to Azure and use Azure file shares as shared storage. You can also consider Azure Disks for this scenario.

    Some cloud apps don't depend on SMB or on machine-local data access or shared access. For those apps, object storage like Azure blobs is often the best choice.

    The key in any migration is to capture all the applicable file fidelity when moving your files from their current storage location to Azure. How much fidelity the Azure storage option supports and how much your scenario requires also helps you pick the right Azure storage. General-purpose file data traditionally depends on file metadata. App data might not.

    This article covers the basic aspects of a migration to Azure file shares( Tools, Migration Guides, NTFS permissions, authentication methods, and folder structure) . Migrate to Azure file shares

    • Please look at the Azure Files Pricing page for various cost components, which typically includes – Storage, Transactions (RW), Bandwidth (BW), any other related services like Azure File Sync/Azure Backup (optional).
      Standard and Premium tiers have different pricing model.
      Standard is Used storage + Transactions
      Premium is provisioned storage + no transactions.
      BW cost always apply.

    Transactions/BW cost varies based on the workload patterns. For example, for a low end general purpose file server with 5-10% churn, we have seen that transactions typically cost < 5-10% of bill. For a high transaction, low latency, consistent performance workload, performance tier might work better e.g. Databases. For a low transaction workload that need reliable performance, standard tier will be suffice e.g. general purpose file servers.

    Additional information: The best practice, as you point out, is to do a 1:1 deployment of file shares to storage accounts. This enables you to get billing by file share, and it also has other benefits as well. Many users do not realize that the storage account is the unit of provisioning for IO and throughput, not the file share. This means that two or more file shares deployed within the same storage account can contend for IO. Deploying file shares 1:1 with storage accounts ensures that each file share can use up to the storage account limits. As you pick whether to choose transaction optimized, hot, or cool for your file share, having a 1:1 mapping will also help you. The tier of the file share is already a file share-level property, but picking the tier that will optimize costs the most depends on being able to look at the billing data, which is obviously per-storage account not per-share.

    There are some limitations and process, please refer to FAQs: https://learn.microsoft.com/en-us/azure/storage/files/storage-files-faq

    Migrate machines as physical servers to Azure

    Hope this helps!

    Kindly let us know if the above helps or you need further assistance on this issue.

    ---------------------------------------------------------------------------------------------------------------------------------------

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments
  4. Lekha Joshi 1 Reputation point
    2021-05-19T11:30:21.203+00:00

    @Sumarigo-MSFT Thanks a bunch for info. These are high level steps I am planning

    1. So This is just a plain onsite File server say Fileserver1, which contains mostly user shares and some department shares. Req. is to migrate these to Azure. There is no App data, except there might be print services also served by this same File server.
    2. Fileserver1's shares are already being backed up in Azure service Vault in same region. I am thinking to Provision server 2019 Azure VM in that region with the Data drive for these shares, restore the data from the Azure backup Vault. set up the shares on this restored data. maybe run a Azure file sync between old physical and new Azure VM after that - does Azure file sync mirrors NTFS data for the shares?
    3. rename and cutover the server on a planned day to the same name as existing old file server.
    4. how drive mapping happens for Azure server? I am guessing there should be some login script which is mapping to physical server today.

    Thanks
    For your help

  5. Sumarigo-MSFT 43,411 Reputation points Microsoft Employee
    2021-05-27T13:32:59.117+00:00

    @Lekha Joshi - This article will help you, how to mount Azure file share : https://learn.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-windows

    1. Azure Files supports the full set of NTFS basic and advanced permissions. You can view and configure NTFS permissions on directories and files in an Azure file share by mounting the share and then using Windows File Explorer or running the Windows icacls or Set-ACL command:https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-domain-service-enable?tabs=azure-portal
    2. If you wish you can rename the File Share using Azure Storage explorer (Clone)
    3. Regarding mapping question, you may refer to this thread: https://learn.microsoft.com/en-us/answers/questions/43728/permanently-mapping-azure-file-share-from-azure-vm.html

    Additional information: If you are using Domain controller: You may refer to this article Mapping a Network Drive to an Azure File Share Using Domain Credentials

    1. Ensure port 445 is open: The SMB protocol requires TCP port 445 to be open; connections will fail if port 445 is blocked. You can check if your firewall is blocking port 445 with the Test-NetConnection cmdlet. To learn about ways to work around a blocked 445 port, see the Cause 1: Port 445 is blocked section of our Windows troubleshooting guide.

    https://learn.microsoft.com/en-us/azure/storage/files/storage-troubleshoot-windows-file-connection-pr...

    To use an Azure file share with Windows, you must either mount it, which means assigning it a drive letter or mount point path, or access it via its UNC path.

    This article uses the storage account key to access the file share. A storage account key is an administrator key for a storage account, including administrator permissions to all files and folders within the file share you're accessing, and for all file shares and other storage resources (blobs, queues, tables, etc.) contained within your storage account. If this is not sufficient for your workload, Azure File Sync may be used, or you may use identity-based authentication over SMB.

    If you still find any difficulties, please let me know I would like to work closer on this issue.

    Hope this helps!

    ----------------------------------------------------------------------------------------------------------------------------------------------------------------

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments