Post

How to Mount an Azure File Share to Azure Container Instances

Posted Updated
By Jarrod Lilkendey
6 min read

One option to persist data from your Azure Container Instance is to mount a volume which will allow your to container to write data to external file storage.

Azure offers a service called Azure Files within an Azure Storage Account which is a fully managed file share solution hosted in Azure that uses the Service Message Block (SMB) protocol.

In this tutorial, we will cover two methods on how to create a Azure Container Instance and mount an Azure File Share within a Storage Account.

  1. Using the Azure CLI
  2. Using Terraform

For this tutorial, we will use a container image provided by Microsoft called aci-hellofiles.

This is a web application that runs in the browser that has a form that allows to user to capture text. On the submission of the web form it writes the text to a new file in the mounted volume, in this case the mounted volume will be the Azure File Share that we will create.

This content is available in video form on the Cloud Engineer Skills YouTube channel.

Mount an Azure File Share in your Azure Container Instance via CLI

Mounting an Azure file share as a volume in your Azure Container instance via the Azue CLI involves a few steps.

  1. Creating a Resource Group
  2. Creating a Storage Account
  3. Creating a File Share within the Storage Account
  4. Generating the access key to the Storage Account
  5. Creating the Azure Container Instance within an Azure Container Group and with the parameters required to connect an Azure File Share

I will use the following values for the Azure resources I will create, feel free to override them with your own values and update them in the commands within the post.

1
2
3
4

resourceGroupName = ces-rg
storageAccountName = sa7879837e3e3e
location = eastus
fileShareName =acishare

Creating the Resource Group

Make sure to login first and select the correct Azure subscription.

1

az login

az group create --name resourceGroupName --location location

1

az group create --name ces-rg --location eastus

Creating the Storage Account

az storage account create --resource-group resourceGroupName --name storageAccountName --location location --sku Standard_LRS

1

az storage account create --resource-group ces-rg --name sa7879837e3e3e --location eastus --sku Standard_LRS

Creating the Azure File Share

az storage share create --name fileShareName --account-name storageAccountName

1

az storage share create --name acishare --account-name sa7879837e3e3e

Generating the Storage Access Key

az storage account keys list --resource-group resourceGroupName --account-name storageAccountName --query "[0].value" --output tsv

1

az storage account keys list --resource-group ces-rg --account-name sa7879837e3e3e --query "[0].value" --output tsv

Hold on this Storage Access Key to use in the next command when creating the Azure Container Instance.

Creating the Azure Container Instance with a Mounted File Share

We will need to make use of the following parameters in the az container create command to mount an Azure File Share to the Azure Container Instance.

  • --azure-file-volume-account-name: the name of the storage account that contains the Azure File share
  • --azure-file-volume-account-key: the storage account access key used to access the Azure File share
  • --azure-file-volume-share-name: the name of the Azure File share to be mounted as a volume
  • --azure-file-volume-mount-path: the path within the container where the azure file volume should be mounted. Must not contain colon ‘:’

az container create --resource-group resourceGroupName --name hellofiles --image mcr.microsoft.com/azuredocs/aci-hellofiles --dns-name-label aci-demo-7y972ybh3 --ports 80 --azure-file-volume-account-name storageAccountName --azure-file-volume-account-key storageAccessKey --azure-file-volume-share-name fileShareName --azure-file-volume-mount-path /aci/logs/

1

az container create --resource-group ces-rg --name hellofiles --image mcr.microsoft.com/azuredocs/aci-hellofiles --dns-name-label aci-demo-7y972ybh3 --ports 80 --azure-file-volume-account-name sa7879837e3e3e --azure-file-volume-account-key storageAccessKey --azure-file-volume-share-name acishare --azure-file-volume-mount-path /aci/logs/

Verify you can write files to Azure File Shares

Get the fully qualified domain name for the Azure Container Instance with the following command.

az container show --resource-group resourceGroupName --name hellofiles --query ipAddress.fqdn --output tsv

1

az container show --resource-group ces-rg --name hellofiles --query ipAddress.fqdn --output tsv

Once the Azure Container Instance is running, copy the FQDN into a browser to visit the web app. Put some text into the text field and submit the web form.

Check in the Azure Portal under your Storage Account, within File Shares, select Browser in the left side bar and you see a text file.

Download the text file and verify the text in the file matches what you typed in the browser.

Clean up the resources by deleting the resource group

az group delete --name resourceGroupName

1

az group delete --name ces-rg

Mount an Azure File Share in your Azure Container Instance via Terraform

Next we will use Terraform to implement the same solution using infrastructure as code.

Reviewing the main.tf Terraform Configuration File

Here is the main.tf file we will be using to provision the infrastructure within the Azure.

The resources that will be provisioned using Terraform are as follows:

  1. Resource Group
  2. Storage Account
  3. File Share
  4. Azure Container Group with an Azure Container Instance with a mounted File Share
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "=3.110.0"
    }
  }
}

# Configure the Microsoft Azure Provider
provider "azurerm" {
#   skip_provider_registration = true # This is only required when the User, Service Principal, or Identity running Terraform lacks the permissions to register Azure Resource Providers.
  features {}
}

resource "azurerm_resource_group" "rg" {
  name     = "cloudengineerskills-aci-tf-rg"
  location = "West US 2"
  tags = {
    environment = "dev"
    source = "terraform"
    owner = "cloudengineerskills"
  }
}

resource "azurerm_storage_account" "storage_account" {
  name                        = "cloudengskillsstorage"
  resource_group_name         = azurerm_resource_group.rg.name
  location                    = azurerm_resource_group.rg.location
  account_kind                = "StorageV2"
  account_tier                = "Standard"
  account_replication_type    = "LRS"

  tags = {
    environment = "dev"
    source = "terraform"
    owner = "cloudengineerskills"
  }
}

resource "azurerm_storage_share" "file_share" {
  name                  = "cloudengskillsfileshare"
  storage_account_name  = azurerm_storage_account.storage_account.name
  access_tier           = "TransactionOptimized"
  quota                 = 1024
}

resource "azurerm_container_group" "container_group" {
  name                = "cloudengineerskills-aci-tf-cg"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  sku                 = "Standard"
  ip_address_type     = "Public"
  os_type             = "Linux"
  dns_name_label      = "cloudengineerskills-hellofiles-aci-tf"

  container {
    name   = "aci-helloworld"
    image  = "mcr.microsoft.com/azuredocs/aci-hellofiles:latest"
    cpu    = "1"
    memory = "1"

    ports {
      port     = 80
      protocol = "TCP"
    }

    volume {
        name = "myvolume"
        mount_path = "/aci/logs/"
        storage_account_name = azurerm_storage_account.storage_account.name
        storage_account_key = azurerm_storage_account.storage_account.primary_access_key
        share_name = azurerm_storage_share.file_share.name
    }
  }

  tags = {
    environment = "dev"
    source = "terraform"
    owner = "cloudengineerskills"
  }
}

Provisioning the Azure Resources using Terraform

Run the following commands to provision the Azure resources we require using Terraform.

1
2
3

az login
terraform init
terraform apply

Verify you can write files to Azure File Shares

Get the fully qualified domain name for the Azure Container Instance with the following command.

az container show --resource-group resourceGroupName --name containerGroupName --query ipAddress.fqdn --output tsv

1

az container show --resource-group cloudengineerskills-aci-tf-rg --name cloudengineerskills-aci-tf-cg --query ipAddress.fqdn --output tsv

Once the Azure Container Instance is running, copy the FQDN into a browser to visit the web app. Put some text into the text field and submit the web form.

Check in the Azure Portal under your Storage Account, within File Shares, select Browser in the left side bar and you see a text file.

Download the text file and verify the text in the file matches what you typed in the browser.

Clean up the resources provisioned by Terraform

1

terraform destroy

Further Reading

Azure, Azure Container Instances
azure cloud containerization AZ-204 azure-container-instances azure-storage-account cloud-storage cloud-compute terraform
This post is licensed under CC BY 4.0 by the author.