Setting up a Blobstore on Azure requires a few key steps. To begin, you'll need to create a new Azure Storage account.
First, navigate to the Azure portal and click on the "Create a resource" button. From there, select "Storage account" and choose the desired subscription and resource group.
Next, choose the correct deployment model and subscription, and then click on the "Create" button to create a new storage account.
The Azure Blobstore is a highly scalable and durable object storage solution that's perfect for storing large amounts of unstructured data.
Blobstore Azure Setup
To set up Azure Blob Storage as a state store, you'll need to create an Azure Storage Account. Follow the instructions in the Azure documentation to do this.
You can create a container for Dapr to use beforehand, but the Blob Storage state provider will create one for you automatically if it doesn't exist. To set up Azure Blob Storage, you'll need the following properties: accountName, accountKey, and containerName.
Here are the properties you'll need to set up Azure Blob Storage:
- accountName: The storage account name. For example: mystorageaccount.
- accountKey: Primary or secondary storage account key.
- containerName: The name of the container to be used for Dapr state. The container will be created for you if it doesn’t exist.
You must also be authenticated with Azure in your Azure CLI.
Setup
To set up Azure Blob Storage, start by creating an Azure Storage Account, following the instructions from the Azure documentation.
You'll need to provide the storage account name, which can be something like "mystorageaccount".
To authenticate with Azure, you must be logged in to your Azure CLI.
The Blob Storage state provider will create a container for you automatically if it doesn't exist, but you can create one beforehand if you prefer.
To set up Azure Blob Storage as a state store, you'll need to provide the following properties:
- accountName: The storage account name.
- accountKey: Primary or secondary storage account key.
- containerName: The name of the container to be used for Dapr state.
Note that you can find these properties in the Azure portal or by using the Azure CLI.
Remove
You can remove blobs from your Azure Blobstore setup, but be aware that all blobs, regardless of type, come encrypted due to their cloud-based nature.
To delete a blob, you'll need to know its name, which can be up to 1,024 characters long. Users can set access permission levels for blobs and containers to restrict viewing abilities.
Removing a blob is a straightforward process, and you can do it by deleting the blob's name. Blobs also have URIs, which can be used to identify and access them.
Be cautious when deleting blobs, as the process is permanent and irreversible.
Page
Page blobs are ideal for storing large files like operating systems. They can handle read and write operations with ease.
A page blob is made up of 512-byte pages. This structure allows for efficient storage and retrieval of data.
Page blobs have a maximum size of 8 TiB, making them suitable for storing large amounts of data such as disaster recovery data. This is particularly useful for companies that require frequent backups.
Blobstore Azure Storage
The Virtual Client supports using Azure Storage Account blob stores for packages and content. You can specify the packages blob store on the command line using the '--packageStore' parameter.
The packages and content blob stores can be supplied with a full connection string to the Azure storage account blob resource. The blob container does not require authentication for anonymous read access.
Here are the supported blob stores:
- Packages Store: used for workload and dependency packages
- Content Store: used for uploading files and content captured by workloads or monitors
You can also use a Shared Access Signature (SAS) token for authentication, which is required for read and write access. The SAS token is specified in the connection string.
Supported Stores
The Virtual Client supports two types of stores: Packages Store and Content Store. Both stores must be Azure Storage Account blob stores.
The Packages Store contains workload and dependency packages that must be downloaded to a system during the execution of a workload profile. These are typically NuGet/zip files that contain binaries, scripts, etc... that are required by the scenario profile.
You can supply the Packages Store to the Virtual Client on the command line using the '--packageStore' parameter and supplying the full connection string to the Azure storage account blob resource. The blob container does not require authentication, but you can also use a SAS token for authentication.
The Content Store is used for uploading files and content captured by workloads or monitors that run as part of Virtual Client workload operations. For example, a monitor might be implemented to upload certain types of logs, bin files or cab files to the specified content blob store.
The Content Store also does not require authentication, but you can use a SAS token for authentication if needed.
Here are the supported blob stores:
Spec Fields
The Azure Storage blobstore uses a variety of spec metadata fields to store and manage data.
These fields are used to provide additional information about the data being stored.
The accountName field is required and specifies the storage account name.
The accountKey field is also required, unless using Microsoft Entra ID, and specifies the primary or secondary storage key.
The containerName field is required and specifies the name of the container to be used for Dapr state.
The azureEnvironment field is optional and specifies the Azure environment, with default value "AZUREPUBLICCLOUD".
The endpoint field is optional and specifies a custom endpoint URL, useful for using the Azurite emulator or custom domains for Azure Storage.
Here are the spec metadata fields in a concise table:
The ContentType field is optional and specifies the blob's content type.
The ContentMD5 field is optional and specifies the blob's MD5 hash.
The ContentEncoding field is optional and specifies the blob's content encoding.
The ContentLanguage field is optional and specifies the blob's content language.
The ContentDisposition field is optional and specifies the blob's content disposition.
The CacheControl field is optional and specifies the blob's cache control.
Blobstore Azure Security
Azure Blob Store security is a top priority for any organization using this service. The Virtual Client supports connection string-style as well as URI-style definitions for storage account access.
To access a blob store without authentication, you can use the anonymous read access feature. This allows the Virtual Client to download packages and content from a blob container without requiring a username and password.
The packages store and content store both support anonymous read access. You can specify the full connection string to the Azure storage account blob resource using the '--packageStore' or '--contentStore' parameter.
Here are the different ways to authenticate with a blob store:
- Anonymous read access: The blob container does not require authentication.
- Shared Access Signature (SAS) token: The blob container requires authentication using a SAS token.
To use a SAS token, you need to provide the full connection string to the Azure storage account blob resource, including the SAS token. This will allow the Virtual Client to access the blob container with the required permissions.
Frequently Asked Questions
What is blobstore?
The Blobstore is a service that enables serving and storing large files, such as videos, images, and user-uploaded data files, beyond the size limits of the Datastore service. It's ideal for applications that need to handle large data objects.
Sources
- https://docs.dapr.io/reference/components-reference/supported-state-stores/setup-azure-blobstorage/
- https://www.enterprisestorageforum.com/software/what-is-blob-storage/
- https://v1-12.docs.dapr.io/reference/components-reference/supported-state-stores/setup-azure-blobstorage/
- https://docs.h2o.ai/driverless-ai/latest-lts/docs/userguide/zh_CN/connectors/azure-blob.html
- https://microsoft.github.io/VirtualClient/docs/guides/0600-integration-blob-storage/
Featured Images: pexels.com