Go to the docs for the latest release.
Getting started with ONTAP Cloud in Azure
Getting started with ONTAP Cloud includes preparing your Azure environment, launching the OnCommand Cloud Manager software from NetApp Cloud Central, and then launching ONTAP Cloud systems using Cloud Manager.
Verifying your networking
You must choose the Azure VNet and subnets in which you want to deploy Cloud Manager and ONTAP Cloud. At a minimum, your networking must meet the following requirements:
-
Outbound internet access
The target VNet must have one or more subnets that have outbound internet access so Cloud Manager and ONTAP Cloud can contact several endpoints. To review the list of endpoints, see Azure networking requirements.
-
Connections between networks
-
To deploy ONTAP Cloud systems in subnets or networks separate from Cloud Manager, connections between those networks must be in place.
-
To replicate data across a hybrid cloud or multi-cloud environment, VPN connections between networks must be in place. For details, refer to Microsoft Azure Documentation: Create a Site-to-Site connection in the Azure portal.
-
For additional networking information, see Azure networking requirements.
Granting Azure permissions to Cloud Manager
Cloud Manager needs permissions to perform actions in Azure. You must grant the required permissions by creating and setting up a service principal in Azure Active Directory and by obtaining the Azure credentials that Cloud Manager needs.
The following image depicts how Cloud Manager obtains permissions to perform operations in Azure. A service principal object, which is tied to one or more Azure subscriptions, represents Cloud Manager in Azure Active Directory and is assigned to a custom role that allows the required permissions.
|
The following steps use the new Azure portal. If you experience any issues, you should use the Azure classic portal. |
Creating a custom role with the required Cloud Manager permissions
A custom role is required to provide Cloud Manager with the permissions that it needs to launch and manage ONTAP Cloud in Azure.
-
Download the Cloud Manager Azure policy.
-
Modify the JSON file by adding Azure subscription IDs to the assignable scope.
You should add the ID for each Azure subscription from which users will create ONTAP Cloud systems.
Example
"AssignableScopes": [
"/subscriptions/d333af45-0d07-4154-943d-c25fbzzzzzzz",
"/subscriptions/54b91999-b3e6-4599-908e-416e0zzzzzzz",
"/subscriptions/398e471c-3b42-4ae7-9b59-ce5bbzzzzzzz" -
Use the JSON file to create a custom role in Azure.
The following example shows how to create a custom role using the Azure CLI 2.0:
az role definition create --role-definition C:\Policy_for_Cloud_Manager_Azure_3_4_5.json
You should now have a custom role called OnCommand Cloud Manager Operator.
Creating an Active Directory service principal
You must create an Active Directory service principal so Cloud Manager can authenticate with Azure Active Directory.
You must have the appropriate permissions in Azure to create an Active Directory application and to assign the application to a role. For details, refer to Microsoft Azure Documentation: Use portal to create Active Directory application and service principal that can access resources
-
From the Azure portal, open the Azure Active Directory service.
-
In the menu, click App registrations.
-
Create the service principal:
-
Click New application registration.
-
Enter a name for the application, keep Web app / API selected, and then enter any URL—for example, http://url
-
Click Create.
-
-
Modify the application to add the required permissions:
-
Select the created application.
-
Under Settings, click Required permissions and then click Add.
-
Click Select an API, select Windows Azure Service Management API, and then click Select.
-
Click Access Azure Service Management as organization users, click Select and then click Done.
-
-
Create a key for the service principal:
-
Under Settings, click Keys.
-
Enter a description, select a duration, and then click Save.
-
Copy the key value.
You need to enter the key value in Cloud Manager when you create user accounts for this subscription.
-
Click Properties and then copy the application ID for the service principal.
Similar to the key value, you need to enter the application ID in Cloud Manager when you create user accounts for this subscription.
-
-
Obtain the Active Directory tenant ID for your organization:
-
In the Active Directory menu, click Properties.
-
Copy the Directory ID.
Just like the application ID and application key, you must enter the Active Directory tenant ID when you create Cloud Manager user accounts.
-
You should now have an Active Directory service principal and you should have copied the application ID, the application key, and the Active Directory tenant ID. You need to enter this information in Cloud Manager when you set up user accounts.
Assigning the Cloud Manager Operator role to the service principal
You must bind the service principal to one or more Azure subscriptions and assign it the Cloud Manager Operator role so Cloud Manager has permissions in Azure.
If you want to deploy ONTAP Cloud from multiple Azure subscriptions, then you must bind the service principal to each of those subscriptions. Cloud Manager enables you to select the subscription that you want to use when deploying ONTAP Cloud.
-
From the Azure portal, select Subscriptions in the left pane.
-
Select the subscription.
-
Click Access control (IAM) and then click Add.
-
Select the OnCommand Cloud Manager Operator role.
-
Search for the name of the application (you cannot find it in the list by scrolling).
-
Select the application, click Select, and then click OK.
The service principal for Cloud Manager now has the required Azure permissions.
Installing and setting up Cloud Manager in Azure
You need to install and set up Cloud Manager so you can use it to launch ONTAP Cloud in Azure.
-
Go to NetApp Cloud Central and sign up or log in.
-
Under ONTAP Cloud, click Start Free Trial.
-
Select Microsoft Azure to deploy Cloud Manager from the Azure Marketplace.
-
Click Get it now and then click Continue.
-
From the Azure portal, click Create and follow the steps to configure the virtual machine.
Note the following as you configure the virtual machine:
-
Cloud Manager can perform optimally with either HDD or SSD disks.
-
You should choose one of the recommended virtual machine sizes: A2 or D2_v2.
-
For the network security group, it is best to choose Advanced. The Advanced option creates a new security group that includes the required inbound rules for Cloud Manager. If you choose Basic, refer to Security group rules for the list of required rules.
-
-
Review your selections and click OK.
Example
-
Click Purchase.
Azure launches the virtual machine with the specified settings. The virtual machine and Cloud Manager software should be running in approximately five minutes.
-
Open a web browser from a host that has a connection to the Cloud Manager virtual machine and enter the following URL:
http://ipaddress:80
When you log in, Cloud Manager automatically adds your user account as the administrator for this system.
-
After you log in, enter a name for the Cloud Manager system.
Cloud Manager is now installed and set up so users can deploy ONTAP Cloud in Azure.
Deploying ONTAP Cloud in Azure
You can deploy ONTAP Cloud in Azure to provide enterprise-class features for your cloud storage.
-
On the Working Environments page in Cloud Manager, click Create.
-
Under Create, select ONTAP Cloud for Azure.
-
Complete the steps in the wizard to launch the system.
Note the following as you complete the wizard:
-
The predefined network security group includes the rules that ONTAP Cloud needs to operate successfully. If you need to use your own, refer to Security group rules.
-
The underlying Azure disk type is for the initial ONTAP Cloud volume. You can choose a different disk type for subsequent volumes.
-
The performance of Azure Premium Storage is tied to the disk size. Larger disks provide higher IOPS and throughput.
-
The disk size is the default size for all disks on the system.
If you need a different size later, you can use the Advanced allocation option to create an aggregate that uses disks of a specific size. The following video shows how to deploy ONTAP Cloud in Azure.
-
Cloud Manager deploys the ONTAP Cloud system. You can track the progress in the timeline.