question

MattRiches-7473 avatar image
0 Votes"
MattRiches-7473 asked MattRiches-7473 answered

I cannot see data on my shared disk on my second Azure VPS

Hi. I have just added a managed Shared Disk to my 2 Azure VM's via powershell.
I have rebooted both boxes, and have copied data to this shared shared drive.
I can see the data on the machine I copied to.
If I then log into my second VPS, it can see the same disk, but the Data I have recently copied is not there.
I assumed (Rightly or wrongly) That a shared Data Disk would allow me to have a common area for items such as common website assets (the 2 VPS are set up as a load balanced pair)
If this is the wrong way of doing this please let me know, or help me understand why I cannot access these resources on my second server.
Ideally I want a shared config and set of shared resources on this shared disk. Both of my VPS and the shared disk are in the same region.
Viewing the disk in the console shows that both the VMs are managing it.

Thanks

azure-virtual-machinesazure-managed-disks
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Bizzarely I logged into the second server this morning and there was a popup about the recycle bin being corrupt. Oking that and the shared data appeared. However since then I have Tried to add more and it does not appear. IT seems that both my web servers are using the same disk but in isolation not as a share. Any thoughts as my random button mashing and internet searching is getting me nowhere!

0 Votes 0 ·
deherman-MSFT avatar image
0 Votes"
deherman-MSFT answered deherman-MSFT commented

@MattRiches-7473

Azure Shared Disks is designed primarily for clustered applications and very specific workloads. Shared managed disks do not natively offer a fully managed file system that can be accessed using SMB/NFS. You need to use a cluster manager, like Windows Server Failover Cluster (WSFC) or Pacemaker, that handles cluster node communication and write locking. See here for some example workloads.

It sounds like you should consider Azure Files. Azure Files offers fully managed file shares in the cloud that are accessible via the industry standard Server Message Block (SMB) protocol. Azure file shares can be mounted concurrently by cloud or on-premises deployments of Windows, Linux, and macOS. Additionally, Azure file shares can be cached on Windows Servers with Azure File Sync for fast access near where the data is being used. I recommend reading through Planning for an Azure Files deployment for more details.

I hope this helps. Let us know if you have any further questions and we will be happy to help.



Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks, I think this is the right solution, however;
Log onto the VM I can see the File share and copy files.
Map the FileShare as a virtual drive and browse to a pdf in the share and I get a 500 error. I suspect the issue is a security one, but when I browse to the share, right click and look at security options I get ""The Program cannot open the required dialog box because it cannot determine whether the computer named <> is joined to a domain."

I suspect I need to add my App Pool user or IIS Users to the file share, but I cannot see how to resolve the above issue.

Any thoughts or comments appreciated to get this over the line!

0 Votes 0 ·

@MattRiches-7473
To clarify you setup Azure Files and are getting the error correct? Could you share a screenshot of the error you are receiving? You might need to add RBAC permissions, such as Storage File Data SMB Share Contributor, so the users can access the share.


0 Votes 0 ·
MattRiches-7473 avatar image
0 Votes"
MattRiches-7473 answered deherman-MSFT commented

If I log to the VM as the local admin I can click on the share and read the files.

If I map a folder on the shared drive to a virtual directory in IIS then browse to a folder I get a 500 error

RIght clicking on the share to look at permissions shows System, Share Administrators, System, Share users, Authenticated users and Creator Owner. I then tried to add IIS_USRS to the share in case it was an IIS account issue, and got the below popup.

108554-image.png
So this is most likely down to the way I set up the FileShare. Question is, do I drop it / delete it and make a new one with no security at all, or is there something I can do to fix the issues and keep the secure FileShare



image.png (9.0 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MattRiches-7473 avatar image
0 Votes"
MattRiches-7473 answered

To be honest I haven't been through that step. I was following a guide (not a MS one) on setting up the Fileshare. It got a little vague around network and security blades, but I didn't want to leave my File Share as public.
Am I correct in that you are saying I need to add a site specific IIS user for each webserver / site, then enable and activate Azure AD, and give those permissions to get this to work?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.