Getting started with Cloud Volumes ONTAP in Azure Edit on GitHub

Getting started with Cloud Volumes ONTAP (formerly ONTAP Cloud) includes verifying your networking, deploying Cloud Manager, granting Azure permissions, and then launching Cloud Volumes ONTAP using Cloud Manager.

The steps to deploy Cloud Manager in an Azure US Gov region or in an Azure Germany region are different than the steps on this page. Refer to instructions for US Gov regions or for Azure Germany regions instead.

Verifying your networking

You must choose the Azure VNet and subnets in which you want to deploy Cloud Manager and Cloud Volumes ONTAP. At a minimum, your networking must meet the following requirements:

  • Outbound internet access

    The target VNet must have one or more subnets that have outbound internet access so Cloud Manager and Cloud Volumes ONTAP can contact several endpoints. To review the list of endpoints, see Azure networking requirements.

  • Connections between networks

For additional networking information, see Azure networking requirements.

Deploying Cloud Manager in Azure

You need to install and set up Cloud Manager so you can use it to launch Cloud Volumes ONTAP in Azure.

Steps
  1. Go to NetApp Cloud Central and sign up or log in.

  2. Under Cloud Volumes ONTAP, click Start Free Trial.

  3. Select Microsoft Azure to deploy Cloud Manager from the Azure Marketplace.

  4. Click Get it now and then click Continue.

  5. From the Azure portal, click Create and follow the steps to configure the virtual machine.

    Note the following as you configure the virtual machine:

    • Cloud Manager can perform optimally with either HDD or SSD disks.

    • You should choose one of the recommended virtual machine sizes: A2 or D2_v2.

    • For the network security group, it is best to choose Advanced. The Advanced option creates a new security group that includes the required inbound rules for Cloud Manager. If you choose Basic, refer to Security group rules for the list of required rules.

    • Under the settings, enable Managed Service Identity for Cloud Manager by selecting Yes.

      This setting is important because a Managed Service Identity allows a Cloud Manager virtual machine to identify itself to Azure Active Directory without providing any credentials. This method is simpler than manually setting up an Azure service principal and providing the credentials to Cloud Manager.

      For more information about Managed Service Identities, refer to Azure documentation.

      Managed Service Identities are not supported in the Azure US Gov regions and in the Germany regions. Refer to instructions for US Gov regions or for Azure Germany regions instead.
  6. On the summary page, review your selections and click Create to start the deployment.

    Azure deploys the virtual machine with the specified settings. The virtual machine and Cloud Manager software should be running in approximately five minutes.

  7. Open a web browser from a host that has a connection to the Cloud Manager virtual machine and enter the following URL:

    http://ipaddress:80

    When you log in, Cloud Manager automatically adds your user account as the administrator for this system.

  8. After you log in, enter a name for the Cloud Manager system.

Result

Cloud Manager is now installed and set up. You must grant Azure permissions before users can deploy Cloud Volumes ONTAP in Azure.

Granting Azure permissions to Cloud Manager

When you deployed Cloud Manager in Azure, you should have enabled a Managed Service Identity. You must now grant the required Azure permissions by creating a custom role and then by assigning the role to the Cloud Manager virtual machine for one or more subscriptions.

Steps
  1. Create a custom role using the Cloud Manager policy:

    1. Download the Cloud Manager Azure policy.

    2. Modify the JSON file by adding Azure subscription IDs to the assignable scope.

      You should add the ID for each Azure subscription from which users will create Cloud Volumes ONTAP systems.

      Example

      "AssignableScopes": [
      "/subscriptions/d333af45-0d07-4154-943d-c25fbzzzzzzz",
      "/subscriptions/54b91999-b3e6-4599-908e-416e0zzzzzzz",
      "/subscriptions/398e471c-3b42-4ae7-9b59-ce5bbzzzzzzz"

    3. Use the JSON file to create a custom role in Azure.

      The following example shows how to create a custom role using the Azure CLI 2.0:

      az role definition create --role-definition C:\Policy_for_Cloud_Manager_Azure_3_4_5.json

      You should now have a custom role called OnCommand Cloud Manager Operator that you can assign to the Cloud Manager virtual machine.

  2. Assign the role to the Cloud Manager virtual machine for one or more subscriptions:

    1. Open the Subscriptions service and then select the subscription in which you want to deploy Cloud Volumes ONTAP systems.

    2. Click Access control (IAM).

    3. Click Add and then add the permissions:

      • Select the OnCommand Cloud Manager Operator role.

        OnCommand Cloud Manager Operator is the default name provided in the Cloud Manager policy. If you chose a different name for the role, then select that name instead.
      • Assign access to a Virtual Machine.

      • Select the subscription in which the Cloud Manager virtual machine was created.

      • Select the resource group for the Cloud Manager virtual machine.

      • Select the Cloud Manager virtual machine.

      • Click Save.

    4. If you want to deploy Cloud Volumes ONTAP from additional subscriptions, switch to that subscription and then repeat these steps.

Result

Cloud Manager now has the permissions that it needs to deploy and manage Cloud Volumes ONTAP in Azure.

Deploying Cloud Volumes ONTAP in Azure

You can deploy Cloud Volumes ONTAP in Azure to provide enterprise-class features for your cloud storage.

Steps
  1. On the Working Environments page in Cloud Manager, click Create.

  2. Under Create, select ONTAP Cloud for Azure.

  3. Complete the steps in the wizard to launch the system.

    Note the following as you complete the wizard:

    • The predefined network security group includes the rules that Cloud Volumes ONTAP needs to operate successfully. If you need to use your own, refer to Security group rules.

    • The underlying Azure disk type is for the initial Cloud Volumes ONTAP volume. You can choose a different disk type for subsequent volumes.

    • The performance of Azure Premium Storage is tied to the disk size. Larger disks provide higher IOPS and throughput.

    • The disk size is the default size for all disks on the system.

      If you need a different size later, you can use the Advanced allocation option to create an aggregate that uses disks of a specific size.

      The following video shows how to deploy Cloud Volumes ONTAP in Azure.

Result

Cloud Manager deploys the Cloud Volumes ONTAP system. You can track the progress in the timeline.