We have a picture server with lots of files serving the files over http. They are currently accessed through urls with the format
http://pictures.example.com/Pictures/xx/yyyyyy/zzzzzzzzzzzzzzzzzzzzzzzzzzzzz.jpg
We have a plan to move them to Azure blob storage and since the urls to the current pictures are used in several external systems we would like to keep the urls identical.
In Azure Blob storage the first part of the blob url is the name of the container. Our existing urls are named Pictures/xxx. Container names can, however, only have lowercase letters.
Do I have to create an Azure App Service just for url redirection or is there some way around this?
Blob containers must be lower-case. Blob names can be mixed case.
There is no workaround to this, as it's part of the service.
You mentioned creating an app service for url redirection. Note that, if you choose to access your blobs directly, vs through your app service, you will not be able to perform any redirection.
More info on naming rules here.
Related
I am a total newbie to Azure WebApps and storage, I need some clarification/confirmation. The main thing to take note of, my application (described below) requires a folder hierarchy. Blob is out of the question and file share doesn't allow anonymous access unless I use Shared Access Signature (SAS).
Am I understanding Azure storage correctly, it's either you fit into the Azure storage model or you don't?
Can anyone advise how I can achieve what's required by the CMS application as described below by using Blobs?
The only option I see is to find a way to change the CMS application so that it always has the SAS in the URL to every file it requests from storage in order to serve content on my Web App? If so, is it a problem if I set my SAS to expire sometime in the distant future?
https://<appname>.file.core.windows.net/instance1/site1/file1.jpg?<SAS>
Problem with using Blob
So far my understanding is that Blob storage doesn't allow "sub folders" as it's a container that holds unstructured data, therefore I'm unable to use this based on my application (described below) as it requires folder structure.
The problem with using File Share
File share seemed perfect as it allows for folder hierarchy, naturally that's what I've used.
However, no anonymous access is allowed for files stored in file storage, the access needs to be authorised. One way of authorising the access is to create a SAS on a file/share level with Read permission and then using that SAS URL to access the file.
Cannot access Windows azure file storage document
My application
I've created a Linux Web App running open source CMS application. This application allows creation of multiple websites, for each website's content such as images, docs, multimedia to be stored on a file server. These files are then served to the website via a defined URL.
The CMS application allows for a settings of the location where it should save its files, this would be a folder on the file server. It then creates a new sub folder for every site it hosts in that location.
Example folder hierarchy
/instance1
/site1
/file1
/file2
/site2
/file1
/file2
Am I understanding Azure storage correctly, it's either you fit into
the Azure storage model or you don't?
You can use Azure Storage Model for your CMS Application. You can use either Blob Storage or File Share
Can anyone advise how I can achieve what's required by the CMS
application as described below by using Blobs?
You can use Data Lake Gen 2 storage account if you want to use Azure Blob Storage.
Data Lake Gen 2 storage enables hierarchical namespace so that you can use subfolders in the Blob Storage as per your requirements
Problem with using Blob
Blob Storage allows subfolders if we use Data Lake Gen 2 storage account. You can enable Blob Public Anonymous access
The problem with using File Share
Azure File Share supports but does not allow public anonymous access. You can use Azure Managed Identity (System-Assigned) for your web app to access the Azure File Share.
Then your application would be able to access the Azure File Share without SAS token
The issue of not having real folders in a blob storage shouldn't be any issue for your use case. Just because it doesn't have your traditional folders doesn't mean it can't serve content on e.g. instance1/site1/file1. That's still possible but the instance1/site1/ will just be part of the name of the blob.
Tools like the Azure Portal or Storage Explorer will actually show folders by using the delimiter / and querying data that appears to be inside a folder by using the path as prefix.
I want to upload some static images that I will later access via some mobile apps. I have an Azure Account that I rarely use so I thought that was the best place and therefore I uploaded them to a "File Share" within Azure Storage.
I naievely thought I could them just access those files via a simple web request url
https://myplace.file.core.windows.net/app/images/bnb/shop/bugle_200_2.jpg
All this gets me is a BadRequest error. I realize that I could create a Shared Access Signature (SAS) for every file but that seems total overkill.
Is there a better Azure feature to use? I do not want to have to use the Azure APIs to get at these files
Adding a few more points to #CtrlDot's excellent answer.
I completely agree that you should use Blob Storage for storing static content.
On the container permissions, I would actually recommend setting the permission (ACL) to Blob so that user can only view the blob they have the URL for and not enumerate all blobs in a container (setting container ACL to Container will enable the users to list blobs in a container which may not be a desired behaviour for you).
Other than these, there are two distinct advantage of using Blob Storage:
Custom domain: You can map blob storage to a custom domain (e.g. static content.mywebsite.com) and use that to serve the content instead of using Azure Blob Storage standard endpoint (your account.blob.core.windows.net).
CDN: You can also CDN enable your blob storage endpoint. The content will then be replicated across many CDN nodes spread throughout the globe and will be served from a node near to your user thus improving the user experience.
I think the service you should be looking to use is blob storage, not file storage. File storage, as per the documentation, is meant more for SMB shares.
When you setup Azure blob storage, you have a couple of different options. If there is nothing sensitive/secure about these static images, you could consider making a public container and simply accessing the files like that.
If you require authentication, then you need to either use azure storage access keys, or azure storage access tokens. Of the two, the storage access tokens are by far the most secure.
You wouldn't need to create a SAS token for each file, rather, grant it read permission to the container. Once again, you will have to tailor this to the security/sensitivity needs of your application.
So, I can do this in AWS and I'm curious if it's possible in Azure blob storage.
Currently I've mapped a domain like so:
www.contoso.com -> http://asdf.blob.core.windows.net/
asdf has a container called 'main'. which contains my index.html, js, and .css files
Currently to hit the site I need to go to a url like this:
www.contoso.com/main/index.html
But what I really want is for people to be able to reach the files with just the .com address
Does anyone know if this is possible in azure?
While you can store all of your static assets in Azure blobs, Azure doesn't have the notion of a default file in blob storage. That is, you cannot map your domain name to index.html for example. You can, however, reference all other static content directly e.g. mysite.com/foo.html (since foo.html would effectively be a blob).
You'd need a way to host your root file though. Where you place that is really up to you (e.g. web app, VM, cloud service). Since it's static content, web app might provide the best starting point (given there's a free tier, vs consuming an entire VM to host just a single file).
If google took you here, since June 2018, Azure blob storage introduced a new feature static website
And this article should get you started.
PS. The performance data in the article above looks strange around Azure functions.
I think the root container would solve your problem:
https://learn.microsoft.com/en-us/rest/api/storageservices/fileservices/working-with-the-root-container
Simply create a container called '$root', and then you can address blobs without referring to the container; e.g, www.contoso.com/index.html
I am working on a website where I need to dynamically host images. My intention is to host the images with full URL.
I tried CDN but come to know it has a limitation of that image will only be available 15 mins after upload.
Other options is Blob storage, when I read the document it says "Block blobs" are most ideal for image and media content. Therefore, I am trying to use that.
So, I've following questions:
What is the best way to host images on Azure for such requirements?
If I use Blob storage then how can I get the full URL so that I can that URL to load images in my product?
There really isn't a best way to store images. Some people store them in blob storage (as you referenced), some go with database engines... But, since you asked specifically about how to interact with blob storage and URI's:
All blobs are referenced by uri: http(s)://storagename.blob.core.windows.net/containername/blobname
You can set every blob to private or public (whether at blob or container level), and then either return URI's to your user/webpage (if public) or generate a Shared Access Policy or Shared Access Signature to temporariliy grant access to a private blob (I'll leave that as an exercise for you to look up).
It's completely up to you to create containers and blobs as needed. How you find a blob later is also up to you, so you'll need to think about how you store their names or their URIs (e.g. in a database table somewhere). You can always iterate through containers to search for a given blob, but that is time-consuming, vs direct-retrieval (again, assuming you've stored the URI as metadata somewhere in a database).
What I need is to rewrite URL for the requested blob, i.e. instead of
http://myaccount.blob.core.windows.net/clients/{client-name}/images/imagefile.jpg
should be served
http://myaccount.blob.core.windows.net/clients/images/imagefile.jpg
The client name in the URL is a request to have SEO URL, as file names are unique and I'd like to have blob name as
images/imagefile.jpg instead of
{client-name}/images/imagefile.jpg and use something like URL rewrite in IIS.
It becomes a pain if the client changes it's name as I can't rename a blob I have to create copy and delete the old blob. It may take more than a minute which we can't afford.
You can't use anything like URL Rewrite for the storage accounts. You can only have custom domain mapped to your storage account. For example instead of referencing blobs with: http://myaccount.blob.core.windows.net/... you could map them to http://img.yourdomain.com/... And you could also use the Azure CDN for better performance and user experience!
Moreover, if you do care about SEO, you have to also think on not just "rename" the blob but also use HTTP 301 redirect from the old blob to the new one. Which also is impossible with Azure storage service. I suggest that you use client-id instead of client-name
UPDATE
You "can" reanme the blobs, simialry to the way you would rename files. Given your requirement - if you want to "quickly" rename a lot of images, you have to write simple "service" anyway, because I can't figure out another way to rename 1000s of files on the file system either. With the blobs, although beeing remote it will be almost the same. And you are wrong that you have to save the blob on the machine. There is new feature (method on the CloudBlob instance) since November'2011 release (I think), named CopyFromBlob. Here is an example of how to rename blobs.. This way you can easily move blobs even around different account without the need to first download the content. Yes, it may take a bit longer than with a local file system. But still this is a fair-enough solution.
Think about what the Azure Storage is. A massively scalable, reliable storage as a service. You have 100TB (subject to increase if required), with 3 copies locally + one copy in another geo region. A CDN support for this massive storage with more than 24 nodes worldwide. I don't think renaming is something of top need.