Configure Azure NetApp Files for Azure Kubernetes Service

A persistent volume represents a piece of storage that has been provisioned for use with Kubernetes pods. A persistent volume can be used by one or many pods, and it can be statically or dynamically provisioned. This article shows you how to configure Azure NetApp Files to be used by pods on an Azure Kubernetes Service (AKS) cluster.

Azure NetApp Files is an enterprise-class, high-performance, metered file storage service running on Azure and supports volumes using NFS (NFSv3 or NFSv4.1), SMB, and dual-protocol (NFSv3 and SMB, or NFSv4.1 and SMB). Kubernetes users have two options for using Azure NetApp Files volumes for Kubernetes workloads:

• Create Azure NetApp Files volumes statically. In this scenario, the creation of volumes is external to AKS. Volumes are created using the Azure CLI or from the Azure portal, and are then exposed to Kubernetes by the creation of a PersistentVolume. Statically created Azure NetApp Files volumes have many limitations (for example, inability to be expanded, needing to be over-provisioned, and so on). Statically created volumes aren't recommended for most use cases.
• Create Azure NetApp Files volumes dynamically, orchestrating through Kubernetes. This method is the preferred way to create multiple volumes directly through Kubernetes, and is achieved using Astra Trident. Astra Trident is a CSI-compliant dynamic storage orchestrator that helps provision volumes natively through Kubernetes.

Note

Dual-protocol volumes can only be created statically. For more information on using dual-protocol volumes with Azure Kubernetes Service, see Provision Azure NetApp Files dual-protocol volumes for Azure Kubernetes Service.

Using a CSI driver to directly consume Azure NetApp Files volumes from AKS workloads is the recommended configuration for most use cases. This requirement is accomplished using Astra Trident, an open-source dynamic storage orchestrator for Kubernetes. Astra Trident is an enterprise-grade storage orchestrator purpose-built for Kubernetes, and fully supported by NetApp. It simplifies access to storage from Kubernetes clusters by automating storage provisioning.

You can take advantage of Astra Trident's Container Storage Interface (CSI) driver for Azure NetApp Files to abstract underlying details and create, expand, and snapshot volumes on-demand. Also, using Astra Trident enables you to use Astra Control Service built on top of Astra Trident. Using the Astra Control Service, you can backup, recover, move, and manage the application-data lifecycle of your AKS workloads across clusters within and across Azure regions to meet your business and service continuity needs.

Before you begin

The following considerations apply when you use Azure NetApp Files:

• Your AKS cluster must be in a region that supports Azure NetApp Files.
• The Azure CLI version 2.0.59 or higher installed and configured. Run az --version to find the version. If you need to install or upgrade, see Install Azure CLI.
• After the initial deployment of an AKS cluster, you can choose to provision Azure NetApp Files volumes statically or dynamically.
• To use dynamic provisioning with Azure NetApp Files with Network File System (NFS), install and configure Astra Trident version 19.07 or higher. To use dynamic provisioning with Azure NetApp Files with Secure Message Block (SMB), install and configure Astra Trident version 22.10 or higher. Dynamic provisioning for SMB shares is only supported on windows worker nodes.
• Before you deploy Azure NetApp Files SMB volumes, you must identify the AD DS integration requirements for Azure NetApp Files to ensure that Azure NetApp Files is well connected to AD DS. For more information, see Understand guidelines for Active Directory Domain Services site design and planning. Both the AKS cluster and Azure NetApp Files must have connectivity to the same AD.

Configure Azure NetApp Files for AKS workloads

This section describes how to set up Azure NetApp Files for AKS workloads. It's applicable for all scenarios within this article.

1. Define variables for later usage. Replace myresourcegroup, mylocation, myaccountname, mypool1, poolsize, premium, myvnet, myANFSubnet, and myprefix with appropriate values for your environment.

   RESOURCE_GROUP="myresourcegroup"
   LOCATION="mylocation"
   ANF_ACCOUNT_NAME="myaccountname"
   POOL_NAME="mypool1"
   SIZE="poolsize" # size in TiB
   SERVICE_LEVEL="Premium" # valid values are Standard, Premium and Ultra
   VNET_NAME="myvnet"
   SUBNET_NAME="myANFSubnet"
   ADDRESS_PREFIX="myprefix"
   

2. Register the Microsoft.NetApp resource provider by running the following command:

   az provider register --namespace Microsoft.NetApp --wait
   

   Note

   This operation can take several minutes to complete.

3. Create a new account by using the command az netappfiles account create. When you create an Azure NetApp account for use with AKS, you can create the account in an existing resource group or create a new one in the same region as the AKS cluster.

   az netappfiles account create \
       --resource-group $RESOURCE_GROUP \
       --location $LOCATION \
       --account-name $ANF_ACCOUNT_NAME
   

4. Create a new capacity pool by using the command az netappfiles pool create. Replace the variables shown in the command with your Azure NetApp Files information. The account_name should be the same as created in Step 3.

   az netappfiles pool create \
       --resource-group $RESOURCE_GROUP \
       --location $LOCATION \
       --account-name $ANF_ACCOUNT_NAME \
       --pool-name $POOL_NAME \
       --size $SIZE \
       --service-level $SERVICE_LEVEL
   

5. Create a subnet to delegate to Azure NetApp Files using the command az network vnet subnet create. Specify the resource group hosting the existing virtual network for your AKS cluster. Replace the variables shown in the command with your Azure NetApp Files information.

   Note

   This subnet must be in the same virtual network as your AKS cluster.

   az network vnet subnet create \
       --resource-group $RESOURCE_GROUP \
       --vnet-name $VNET_NAME \
       --name $SUBNET_NAME \
       --delegations "Microsoft.Netapp/volumes" \
       --address-prefixes $ADDRESS_PREFIX
   

Statically or dynamically provision Azure NetApp Files volumes for NFS or SMB

After you configure Azure NetApp Files for AKS workloads, you can statically or dynamically provision Azure NetApp Files using NFS, SMB, or dual-protocol volumes within the capacity pool. Follow instructions in:

• Provision Azure NetApp Files NFS volumes for Azure Kubernetes Service
• Provision Azure NetApp Files SMB volumes for Azure Kubernetes Service
• Provision Azure NetApp Files dual-protocol volumes for Azure Kubernetes Service

Next steps

Astra Trident supports many features with Azure NetApp Files. For more information, see:

• Expanding volumes
• On-demand volume snapshots
• Importing volumes