Skip to main content
Astra Control Service
All cloud providers
  • Amazon Web Services
  • Google Cloud
  • Microsoft Azure
  • All cloud providers

Add a public provider-managed cluster to Astra Control Service

Contributors netapp-mwallis netapp-dbagwell
PDFs

After you set up your cloud environment, you're ready to create a Kubernetes cluster and then add it to Astra Control Service.

Create a Kubernetes cluster

If you don't have a cluster yet, you can create one that meets the requirements of one of the following providers:

Note Astra Control Service supports AKS clusters that use Azure Active Directory (Azure AD) for authentication and identity management. When you create the cluster, follow the instructions in the official documentation to configure the cluster to use Azure AD. You'll need to make sure your clusters meet the requirements for AKS-managed Azure AD integration.

Add the cluster to Astra Control Service

After you log in to Astra Control Service, your first step is to start managing your clusters. Before you add a cluster to Astra Control Service, you'll need to perform specific tasks and make sure the cluster meets certain requirements.

When you manage Azure Kubernetes Service and Google Kubernetes Engine clusters, note that you have two options for Astra Control Provisioner installation and lifecycle management:

  • You can use Astra Control Service to automatically manage the lifecycle of Astra Control Provisioner. To do this, make sure that Astra Trident is not installed and Astra Control Provisioner is not enabled on the cluster that you want to manage with Astra Control Service. In this case, Astra Control Service automatically enables Astra Control Provisioner when you begin managing the cluster, and Astra Control Provisioner upgrades are handled automatically.

  • You can manage the lifecycle of Astra Control Provisioner yourself. To do this, enable Astra Control Provisioner on the cluster before managing the cluster with Astra Control Service. In this case, Astra Control Service detects that Astra Control Provisioner is already enabled and does not reinstall it or manage Astra Control Provisioner upgrades. Refer to Enable Astra Control Provisioner for steps enable Astra Control Provisioner.

When you manage Amazon Web Services clusters with Astra Control Service, if you need storage backends that can only be used with Astra Control Provisioner, you need to enable Astra Control Provisioner manually on the cluster before you manage it with Astra Control Service. Refer to Enable Astra Control Provisioner for steps to enable Astra Control Provisioner.

Before you begin
Amazon Web Services

  • You should have the JSON file containing the credentials of the IAM user that created the cluster. Learn how to create an IAM user.

  • Astra Control Provisioner is required for Amazon FSx for NetApp ONTAP. If you plan to use Amazon FSx for NetApp ONTAP as a storage backend for your EKS cluster, refer to the Astra Control Provisioner information in the EKS cluster requirements.

  • (Optional) If you need to provide provide kubectl command access for a cluster to other IAM users that are not the cluster's creator, refer to the instructions in How do I provide access to other IAM users and roles after cluster creation in Amazon EKS?.

  • If you plan to use NetApp Cloud Volumes ONTAP as a storage backend, you need to configure Cloud Volumes ONTAP to work with Amazon Web Services. Refer to the Cloud Volumes ONTAP setup documentation.

Microsoft Azure

  • You should have the JSON file that contains the output from the Azure CLI when you created the service principal. Learn how to set up a service principal.

    You'll also need your Azure subscription ID, if you didn't add it to the JSON file.

  • If you plan to use NetApp Cloud Volumes ONTAP as a storage backend, you need to configure Cloud Volumes ONTAP to work with Microsoft Azure. Refer to the Cloud Volumes ONTAP setup documentation.

Google Cloud

  • You should have the service account key file for a service account that has the required permissions. Learn how to set up a service account.

  • If you plan to use NetApp Cloud Volumes ONTAP as a storage backend, you need to configure Cloud Volumes ONTAP to work with Google Cloud. Refer to the Cloud Volumes ONTAP setup documentation.

Steps

  1. (Optional) If you are adding an Amazon EKS cluster or want to manage the installation and upgrades of Astra Control Provisioner yourself, enable Astra Control Provisioner on the cluster. Refer to Enable Astra Control Provisioner for enablement steps.

  2. Open the Astra Control Service web UI in a browser.

  3. On the Dashboard, select Manage Kubernetes cluster.

    Follow the prompts to add the cluster.

  4. Provider: Select your cloud provider and then either provide the required credentials to create a new cloud instance, or select an existing cloud instance to use.

    1. Amazon Web Services: Provide details about your Amazon Web Services IAM user account by uploading a JSON file or by pasting the contents of that JSON file from your clipboard.

      The JSON file should contain the credentials of the IAM user that created the cluster.

    2. Microsoft Azure: Provide details about your Azure service principal by uploading a JSON file or by pasting the contents of that JSON file from your clipboard.

      The JSON file should contain the output from the Azure CLI when you created the service principal. It can also include your subscription ID so it's automatically added to Astra. Otherwise, you need to manually enter the ID after providing the JSON.

    3. Google Cloud Platform: Provide the service account key file either by uploading the file or by pasting the contents from your clipboard.

      Astra Control Service uses the service account to discover clusters running in Google Kubernetes Engine.

    4. Other: This tab is for use with self-managed clusters only.

  5. Cloud instance name: Provide a name for the new cloud instance that will be created when you add this cluster. Learn more about cloud instances.

  6. Select Next.

    Astra Control Service displays a list of clusters that you can choose from.

  7. Cluster: Select a cluster from the list to add to Astra Control Service.

    Note When you are selecting from the list of clusters, pay careful attention to the Eligiblity column. If a cluster is "Ineligible" or "Partially eligible", hover over the status to determine if there's an issue with the cluster. For example, it might identify that the cluster doesn't have a worker node.

  8. Select Next.

  9. (Optional) Storage: Optionally, select the storage class that you'd like Kubernetes applications deployed to this cluster to use by default.

    1. To select a new default storage class for the cluster, enable the Assign a new default storage class check box.

    2. Select a new default storage class from the list.

      Note

      Each cloud provider storage service displays the following price, performance, and resilience information:

      • Cloud Volumes Service for Google Cloud: Price, performance, and resilience information

      • Google Persistent Disk: No price, performance, or resilience information available

      • Azure NetApp Files: Performance and resilience information

      • Azure Managed disks: No price, performance, or resilience information available

      • Amazon Elastic Block Store: No price, performance, or resilience information available

      • Amazon FSx for NetApp ONTAP: No price, performance, or resilience information available

      • NetApp Cloud Volumes ONTAP: No price, performance, or resilience information available

      Each storage class can utilize one of the following services:

  10. Select Next.

  11. Review & Approve: Review the configuration details.

  12. Select Add to add the cluster to Astra Control Service.

Result

If this is the first cluster that you have added for this cloud provider, Astra Control Service creates an object store for the cloud provider for backups of applications running on eligible clusters. (When you add subsequent clusters for this cloud provider, no further object stores are created.) If you specified a default storage class, Astra Control Service sets the default storage class that you specified. For clusters managed in Amazon Web Services or Google Cloud Platform, Astra Control Service also creates an admin account on the cluster. These actions can take several minutes.

Change the default storage class

You can change the default storage class for a cluster.

Change the default storage class using Astra Control

You can change the default storage class for a cluster from within Astra Control. If your cluster uses a previously installed storage backend service, you might not be able to use this method to change the default storage class (the Set as default action is not selectable). In this case, you can Change the default storage class using the command line.

Steps

  1. In the Astra Control Service UI, select Clusters.

  2. On the Clusters page, select the cluster that you want to change.

  3. Select the Storage tab.

  4. Select the Storage classes category.

  5. Select the Actions menu for the storage class that you want to set as default.

  6. Select Set as default.

Change the default storage class using the command line

You can change the default storage class for a cluster using Kubernetes commands. This method works regardless of your cluster's configuration.

Steps

  1. Log in to your Kubernetes cluster.

  2. List the storage classes in your cluster:

    kubectl get storageclass

  3. Remove the default designation from the default storage class. Replace <SC_NAME> with the name of the storage class:

    kubectl patch storageclass <SC_NAME> -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"false"}}}'

  4. Mark a different storage class as default. Replace <SC_NAME> with the name of the storage class:

    kubectl patch storageclass <SC_NAME> -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

  5. Confirm the new default storage class:

    kubectl get storageclass