Lab 04: Storage Replication and Failover¶
Create a geo-redundant storage account, record the baseline replication configuration, and practice the operational checklist that precedes a failover decision.
Prerequisites¶
- Azure subscription with permission to create storage, networking, and monitoring resources.
- Azure CLI logged in with the correct tenant and subscription.
- Variables defined for
$RG,$LOCATION,$STORAGE_NAME, and any lab-specific names. - A workstation or Cloud Shell session with access to the resource group.
- Optional Log Analytics workspace if you want to capture diagnostics during the lab.
Architecture Diagram¶
mermaid flowchart LR A[Operator workstation] --> B[Azure CLI] B --> C[Resource group] C --> D[Storage account] D --> E[Data path under test] D --> F[Lifecycle, networking, or replication control] D --> G[Validation and cleanup]
Step-by-Step Instructions¶
Step 1: Create a geo-redundant account¶
az storage account create \
--resource-group $RG \
--name $STORAGE_NAME \
--location $LOCATION \
--sku Standard_GRS \
--kind StorageV2 \
--allow-blob-public-access false \
--output json
- Record the output and any IDs you will reuse in later steps.
- If the command creates security-sensitive settings, confirm they match policy before moving on.
- Capture screenshots or JSON output for your lab notes if you are building internal training material.
Step 2: Inspect replication status¶
az storage account show \
--resource-group $RG \
--name $STORAGE_NAME \
--query "{sku:sku.name,primaryLocation:primaryLocation,secondaryLocation:secondaryLocation,statusOfPrimary:statusOfPrimary,statusOfSecondary:statusOfSecondary}" \
--output json
- Record the output and any IDs you will reuse in later steps.
- If the command creates security-sensitive settings, confirm they match policy before moving on.
- Capture screenshots or JSON output for your lab notes if you are building internal training material.
Step 3: Upload sample content and validate the primary path¶
az storage container create \
--account-name $STORAGE_NAME \
--name $CONTAINER_NAME \
--auth-mode login \
--output json
az storage blob upload \
--account-name $STORAGE_NAME \
--container-name $CONTAINER_NAME \
--name dr-test.txt \
--file ./lab-data/dr/dr-test.txt \
--auth-mode login \
--output json
- Record the output and any IDs you will reuse in later steps.
- If the command creates security-sensitive settings, confirm they match policy before moving on.
- Capture screenshots or JSON output for your lab notes if you are building internal training material.
Step 4: Review the failover command without executing it until approved¶
- Record the output and any IDs you will reuse in later steps.
- If the command creates security-sensitive settings, confirm they match policy before moving on.
- Capture screenshots or JSON output for your lab notes if you are building internal training material.
Validation Steps¶
- Confirm the storage account properties match the intended SKU, kind, and access posture.
- Validate the lab-specific feature from the consumer point of view rather than trusting only control-plane success.
- Capture one or more JSON outputs that prove the configuration is active.
- Record any timing behavior that matters, especially for lifecycle or replication scenarios.
- Note the operational follow-up required before using the same pattern in production.
Example validation commands¶
az monitor diagnostic-settings list \
--resource $(az storage account show --resource-group $RG --name $STORAGE_NAME --query id --output tsv) \
--output json
Cleanup Instructions¶
- Delete lab resources when validation is complete to prevent ongoing cost.
- Preserve any JSON output or screenshots you need before deletion.
- If you created role assignments or network links used elsewhere, confirm scope before removing them.