Written by Benjamin Crill, Solutions Architect, at Choice Solutions. 

Companies are increasingly moving their user workloads to public cloud storage. For many organizations, this gives them the flexibility to leverage services they otherwise might not have to provide via traditional infrastructure. Additionally, the ability to leverage resources on a consumption basis is appealing to many that may have dynamic workflows or an inability to predict growth. 

Operations can be an advantage as well when moving to cloud storage. The ability to have resources and infrastructure grow at the click of a button offers simplicity administrators want and access end users need. An even better situation is when administrators do not even need to click the button. The environment grows as it is used and as there is a need. Otherwise, cloud storage just becomes another hosting model rather than an operational model. 

Challenges Monitoring Cloud Storage Usage

Recently we had a customer ask for help because of a problem they were running into in their Azure hosted Citrix environment. As users would use the system, the amount of profile storage used would grow as one would expect. If it was not checked periodically, then the storage quota could become full which would result in an outage. It, in fact, did cause an outage. Users logged on and their profiles mounted, but there was no capacity for new data so multiple errors were displayed to users. Initially, the process involved an administrator periodically checking the usage and manually growing as needed. This process is dependent on a person taking action. Ideally, the solution should grow and maintain itself without administrative action making it fully independent. 

The challenge was finding a way to check the cloud storage usage on a consistent basis, and if over a threshold, grow it without interaction. By setting up an automated process, the system can maintain itself regardless of organizational changes, competing priorities, or any number of other reasons.

Azure Automation Services

The first approach was looking at Azure Automation services. This had the advantage of being a fully managed service, so it did not require any new resources or tools from the customer. By leveraging metric-based alerts, a runbook would be triggered that would increase the quota and alert the IT team. 

A couple of challenges became apparent early on with this approach. The first is that the metric-based alerts that are native to Azure are limited. A simple raw usage number does not provide great insight as it needs to be understood in the context of what percentage is that raw usage number.

Access and Security

The second challenge was around access and security. The Azure storage accounts are firewalled so that they are only available from certain networks, as they should be. In doing this, however, it makes it so that Azure Automation cannot communicate with the storage account unless we open the storage to the internet. There are plans to allow for this private communication to happen natively, but currently, they are not available. 

Solving the Cloud Storage Usage Challenge 

Given these constraints, it was decided to run a script as a scheduled task from a utility server in the customer network. By leveraging a server within the customer network, we maintain our security on our cloud storage. It can access the storage account from inside the firewall, calculate its usage, and if it was over a certain usage percentage threshold, then increase the quota. 

The next challenge was the ability to have the script run without interaction so there was no human dependency. To accomplish this, an Azure App registration was used along with certificate-based authentication. The app registration only has access to the storage account and the certificate is only valid for that app registration. Using this method allowed for a secured method of access that is limited to the resources being manipulated.

Automated Notifications

The final requirement to make this fully hands-off is a way of being notified that everything was functioning as expected. If an admin has to log on every day to see if the script ran and if it did something, that is no better than just manually checking. In this case, Microsoft Teams was used as a way of alerting to actions taken or not taken. A new team was created, and channels defined for storage alerts. Eventually, other channels could be created for alerts in different service areas. Then by adding webhook capability, we can programmatically send alerts to the resource-specific channel.

The script was configured to send a message to the Teams channel that showed if the storage quota was updated or not. By doing this, the IT team knows to expect a message regardless of the status. If there is no message after the expected time, then we know something has happened that the monitoring has failed. From here, administrative action can be taken to resolve this. Adding this small item gives the peace of mind that the script is running, and resources are maintained even if no change is required.

Recapping what the solution looks like:

• Azure storage account with file shares for user data/profiles 
• Azure app registration for access to the Azure storage accounts 
• SSL certificate for authentication to Azure 
• Microsoft Teams setup 
• Azure monitoring team 
• Azure resource-specific channels 
• Webhook
• PowerShell script running as a scheduled task on a utility server with access to Azure networks 

Benefits of Choice Solutions Cloud Storage

Setting up monitoring and automated actions is not difficult, but it provides tremendous value to the organization. In this case, a customer had a documented challenge that had previously impacted users. Choice Solutions worked with the customer to identify the challenge, looked for tools and processes to address it, and implemented them quickly. Looking for ways to let systems work for you automatically is the goal of cloud computing. Letting systems be dynamic and self-correct allows administrators to sleep at night and end-users to continue to be productive. 

Choice Solutions is always looking to help customers realize the full potential of their investments. If you are running FSLogix in your environment or leveraging Azure Files, we would love to help ensure you maintain your availability along with helping you scale. Reach out to the team at Choice Solutions today. Our team of experts has years of experience to leverage in helping your company realize its full potential. We look forward to partnering with your organization to solve your IT challenges!