share storage account on different subscription and location - azure

I successfully mounted a Azure File Storage to a VM which is inside the same subscription and location. Now I cloned this VM to a new subscription and another location - so my new machine is exactly the same except of subscription and location. When I run the same command for mounting the same file storage:
sudo mount -t cifs //MYACCOUNT.file.core.windows.net/MY/FOLDER /MY/LOCAL/FOLDER/ -o vers=3.0,username=USER,password=ACCESSKEY,file_mode=0777,dir_mode=0777
then I get
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
I think it has something to do with the different subscription and location, because in the portal when I click on connect in my file storage it is said:
To connect to this file share, run this command from any Windows virtual machine on the same subscription and location:
So is there any possibility to connect to my file storage from within another subscription and location?

You need to use the SMB 3.0 protocol to connect outside of that Azure region. This page says it's not supported on Linux:
https://azure.microsoft.com/en-us/documentation/articles/storage-how-to-use-files-linux/
Note that since the Linux SMB client doesn’t yet support encryption, mounting a file share from Linux still requires the client to be in the same Azure region as the file share. However, encryption support for Linux is on the roadmap of Linux developers responsible for SMB functionality.
Edit: There is an update on Ubuntu here.

Related

Unable to mount file on windows from Azure

I made a file on Azure using "File Service" and then tried to mount it using "connect". It has given me the username: localhost\xyz.
Two questions:
why username starting from "localhost" and not with "Azure"?
why I am unable to mount as windows security not giving any error, instead keep on turning back to credentials page?
p.s. TCP port 445 working properly..
Here are a few workarounds that worked for us.
WAY-1
You can directly go to your PowerShell of your machine and paste the script that you have provided in your storage account
WAY-2
You can click on More options and select for different account and then use the storage account name prepended with AZURE\ as the username and a storage account key as the password.
WAY-3
You can create a file share directly by unchecking the connect using different credentials.
OUTPUT:
For all the above ways here is the screenshot of fileshares that got mounted.
REFERENCES:
Mount SMB Azure file share on Windows

Anyway to configure a health check in Azure to ensure a file share is mounted or not?

Basically for an application, we're planning to mount a Azure fileshare to directly write the logs to. However we want to create a health check to notify the team if the fileshare mount fails. Can someone help me how I can implement this functionality? Its a RHEL VM in Azure
• Yes, there is a way through which you can check whether the Azure file share has been mounted successfully or not in the Linux VM or not. You can run a script in your Linux VM through custom script extension and check its output whether the azure file share has mounted successfully or not.
Run the script in the below github link named ‘AzFileDiagnostics.sh’ in your RHEL Linux VM through the commands as below: -
Github link : - https://github.com/Azure-Samples/azure-files-samples/tree/master/AzFileDiagnostics/Linux
Commands for the script to run: - ‘sudo bash AzFileDiagnostics.sh’ or ‘sudo bash AzFileDiagnostics.sh -u //storageaccountname.file.core.windows.net/sharename’
Output: -
• This script when run will check all the prerequisites for connecting to Azure File share like checking port 445 TCP, SMB 3.3 for encryption purposes, cifs-utils package is installed or not, etc., and when all these requirements are met, it will mount the azure file share through the commands as stated above. Also, you can check the diagnostics logs through monitoring section by enabling them and collecting logs regarding this script for connection details.
Please find the below link for more reference: -
https://learn.microsoft.com/en-us/azure/storage/files/storage-troubleshoot-linux-file-connection-problems#solution

Unable to mount file share on Linux VM

I have two Linux Azure VMs (Redhat 7.4) that need share a common location for processing files. The VMs are located in Australia East.
I also have a Storage Account that's in Australia East and have created a file share in the Storage Account. I generated the commands to connect the VMs to the file share (by clicking on the file share, then choosing "Connect"), but I get this error when I run the final generated command in the VM:
sudo mount -t cifs //<storageaccount>/<fileshare> /mnt/<storageaccount>/<fileshare> -o vers=3.0,credentials=/etc/smbcredentials/<storageaccount>.cred,dir_mode=0777,file_mode=0777,serverino
... I get this message:
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
I've run the file diagnostic tool script (https://gallery.technet.microsoft.com/Troubleshooting-tool-for-02184089) in the VM and got this error:
Error: Client is not Azure VM in the region as Storage account, mount will fail
I'm confused as it seems to be saying that the VMs and Storage Account are in different locations, when they aren't.
Thanks in advance for any assistance.
I can reproduce this same issue with Redhat 7.4. To fix this, you can make sure that Secure transfer required setting is disabled on the storage account. View more info. Or verify that you input the correct value in each of the parameters in the commands. You could refer to these steps to mount the Azure file share.
sudo mount -t cifs $smbPath $mntPath -o vers=3.0,username=$storageAccountName,password=$storageAccountKey,serverino

Connect to Azure File Share from Azure Cloud Shell

I don't know how to connect to an existing Azure File Share from Azure Cloud Shell.
The command clouddrive seems to move my default cloud shell storage account. But I don't want to do that. I just want to access my existing Azure File Share storage. This can exist in any Azurea region (not just what's available for Cloud Shell, which is currently very limited)
When I tried to use clouddrive to mount my existing Azure Files account, I get the following error message:
ERROR: The storage account is not in the valid location. Expect: eastus Actual: canadacentral
I'd prefer not to move my existing Azure File Shares from canadacentral to eastus. Is there a workaround for this?
I'd like to just connect to my existing Azure File Shares through Cloud Shell and run commands in those directories.
Thank you!
Same question asked here:
https://github.com/MicrosoftDocs/azure-docs/issues/42001
https://serverfault.com/questions/992834/connect-to-azure-file-share-from-azure-cloud-shell
Azure cloud shell is an interactive, authenticated, browser-accessible shell which backend is running on cloud shell hosts. The cloud shell machines are temporary but your files are persisted through a mounted file share named clouddrive.
By using the advanced option, you can associate existing resources. Also, the associated Azure storage accounts must reside in the same region as the Cloud Shell machine that you're mounting them to. To find your current region you may run env in Bash and locate the variable ACC_LOCATION.
As the document stated, the canadacentral is not an available region for Cloud Shell, you should mount file storage in the available region. If so, you can run clouddrive unmount to unmount the current file share then select the existing file storage in the available region via clicking advanced settings in the initial login.

MarkLogic - Forest data folder & Azure Blob

Technical Stack
MarkLogic 9.0
Cenos Linux
Azure Blob
Blobfuse
To make sure we do not have to worry about data disk size for MarkLogic Forest, we have configured Azure Blob to one of folder in Linux machine, so we do not have to worry about disk size.
There are few things i noticed
Need to create folder in Linux
Create folder and point it to above folder
Then configure Blobfuse else we are getting permission denied while creating forest
Use below command to give permission to all
chmod 777 -R
Now when we started importing using MarkLogic Content Pump (MLCP)
19/03/15 17:01:19 ERROR mapreduce.ContentWriter: SVC-FILSTAT: File status error: stat64 '/mnt/mycontainer/Forests/forest-01/000043e5': Permission denied
So if you look at below image
1st we tried with mycontainer but as soon as we map it to Azure Blob, it does not looks green as azureblob which is. We still need to map azureblob to "azureblob" folder.
It seems i am missing something here, anything to do with Azure Blob security settings?
With the test, when you mount the Azure Blob to Linux, for example, Ubuntu 18.04 (which I'm using), if you want to allow other users to use the mount directory, you can add the parameter -o allow_other when you execute the command blobfuse.
To allow access to all users, you can mount via the option -o
allow_other.
Also, I think you should give others permission through the command chown. For more details, see How to mount Blob storage as a file system with blobfuse.
First i would like to thanks Charles for his efforts and extended help on this issue, Thanks Charls :). I am sure this will help me sometime, somewhere.
I got link on how to setup MarkLogic on Aure
On Page No. 27, steps to Configuring MarkLogic for Azure Blob Storage
In summary it is
Create Storage account in Azure
Create Blob container
Go to MarkLogic server (http://localhost:8001)
Go to Security -> Credentials
Provide Storage account and Azure storage key
While creating MarkLogic Forest, mentioned container path in data directory
azure://mycontainer/mydirectory/myfile
And you are done. No Blobfuse, no drive mount, just a configuration in MarkLogic
Awesome!!
Its working like dream :)

Resources