Sunday, November 14, 2021

Azure : Mount Azure Storage Blob in Linux Folder : BlobFuse

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-how-to-mount-container-linux

 Warning

Blobfuse doesn't guarantee 100% POSIX compliance as it simply translates requests into Blob REST APIs.

Install blobfuse

sudo apt-get install blobfuse

Configure your storage account credentials 

touch ~/fuse_connection.cfg

accountName myaccount
accountKey storageaccesskey
containerName mycontainer

Mount


sudo blobfuse ~/mycontainer --tmp-path=/mnt/resource/blobfusetmp  --config-file=/path/to/fuse_connection.cfg -o attr_timeout=240 -o entry_timeout=240 -o negative_timeout=120



Valid authentication setups:

  • Account Name & Key (authType Key)
    • Requires the accountName, accountKey and containerName specified in the config file or command line.
    • Alternatively accountName and accountKey can be specified by the following environment values instead: AZURE_STORAGE_ACCOUNT, AZURE_STORAGE_ACCESS_KEY.
  • Account Name & SAS (authType SAS)
    • Requires the accountName, containerName and sasToken specified in the config file or command line.
    • Alternatively accountName can be specified by the environment values AZURE_STORAGE_ACCOUNT
  • Managed Identity (authType MSI)
    • Single assigned identity:
      • No extra parameters needed.
    • Multiple assigned identities:
      • At least one of the following for the intended identity:
        • Client ID (Use this if you are using a custom Managed Identity endpoint)
        • Object ID
        • Resource ID
    • Add Storage Blob Data Contributor roles to this identity in the Storage account.
  • Service Principal Name (authType SPN)
    • Requires servicePrincipalClientId, servicePrincipalTenantId, servicePrincipalClientSecret specified in the config file.
    • Alternatively servicePrincipalClientSecret can be specified by the environment value AZURE_STORAGE_SPN_CLIENT_SECRET
    • AZURE_STORAGE_AAD_ENDPOINT`environment value can be used to specify a custom AAD endpoint to authenticate against
    • Add Storage Blob Data Contributor roles to this identity in the Storage account.

No comments:

Post a Comment

Azure - Pipeline - Add Approver for Stage

https://learn.microsoft.com/en-us/azure/devops/pipelines/process/approvals?view=azure-devops&tabs=check-pass