Azure: Transferring data to special administrative regions
Introduction
The main problems while sharing data in china from rest of world is “The Great Firewall of China”
I’m sure that all of us are aware of the word so called” The Great firewall of china”
Let me put this into more technical term. Chinese government has its own network security/firewall so called “The great Firewall of China” to filter all the data traffic coming over the internet.
Well it’s good for cyber security but it causes many problems such as high latency and slowness of network speed, less privacy, limited reliability and so on.
There are many solutions available in the market to share files in China location. But I want to share my experience on using Azure way to do that.
How it works: Azure has one of the Data center in East Asia Hong-Kong.
Why we mentioned Hong-Kong? Read the below write up from Wiki
The special administrative regions (SAR) are one type of provincial-level administrative divisions of China directly under Central People's Government, which enjoys the highest degree of autonomy, and no or less interference by either Central Government or the Chinese Communist Party.
So let’s take an advantage of international law.
High-level Requirement
We had requirement where approximately 1 TB data to be moved to the China location from EU Data center (it was Sweden in my case)
Below are the high level business requirement from the customer.
- Data should be moved to China DC location in a faster way
- Data should travel in secure manner and encrypted way.
- Solution should be cost effective.
My team tried to move the data from EU DC to China DC over the VPN/internet. But unfortunately it didn’t work due to the issues mentioned above. It took me about 25 hrs to move 200 gb of data and then I realized that data got corrupted. My team tried multiple times with the same results.
Solution
Azure has datacentres in west Europe ( Netherlands ) and East Asia (Hong-Kong) and I used them for data movement.
Tools We used:
- One Azure storage account in Azure DC in West Europe (Netherlands)
- One Azure storage account in Azure DC in East Asia (Hong-Kong)
Azure tool (Azcopy): AzCopy is a Windows command-line utility designed for high-performance copying of data to and from Azure Storage.
This activity was done in 3 phases mentioned below.
- Customer had good connectivity between their EU DC and Azure DC(Netherlands) so in the first phase all data files were moved to Azure west Europe (Netherlands) using existing Express Router/ VPN connection. I used Azure storage account to store all the data in a one place.
- Then data files were moved from Azure storage (Azure Europe) to one of the Azure storage account available in Hong-Kong region. (Microsoft has private tunnel for data to travel within Azure DC(s) worldwide so data which is being transferred from any datacentre to any datacentre will never pass-through the public internet. Hence data will be more secured and encrypted format while movement)
- In the final phase I download the data from Azure storage (Hong-Kong) to the destination.
Some performance matrix from my environment
Around 1 TB data is moved with 100% accuracy rate and it took about 14 hrs for entire activity
EU DC File server à Azure Europe FS: 3 hrs
Azure Europe storage à Azure HK storage FS: 7 hrs.
Azure HK FS àBranch site 4 hrs.
From 300 gb files
Hope the solution will be informative for you.