Share via

Configure Azure NetApp Files for OpenShift Virtualization on Azure Red Hat OpenShift (preview)

Azure NetApp Files is an enterprise-class, high-performance, metered file storage service. It supports the most demanding enterprise file-workloads in the cloud, including databases and high-performance computing applications with no code changes.

Azure NetApp Files supports OpenShift Virtualization on Azure Red Hat OpenShift using the Trident CSI driver. The certified Trident Operator enables consumption and management of storage resources and can be deployed onto Azure Red Hat OpenShift from the OperatorHub. This allows Azure Red Hat OpenShift clusters to automatically create Azure NetApp Files volumes as persistent volumes for virtual machine (VM) disks. Azure NetApp Files offers fast VM provisioning, instant cloning, and live migration for OpenShift Virtualization.

When a new VM is deployed in Azure Red Hat OpenShift, Trident automatically provisions an NFS volume on Azure NetApp Files to store the VM's disks, tailoring capacity and performance on the selected Azure NetApp Files service level (Standard, Premium, Ultra, or Flexible). Multiple OpenShift nodes can simultaneously access the same volume, enabling seamless VM migration without any interruption in disk access.

Prerequisites

  • A Microsoft Azure Red Hat OpenShift cluster running version 4.18 or greater

    Note

    Review the upgrade guidance, especially if you're running a version earlier than 4.17.x.

  • OpenShift Virtualization for Azure Red Hat OpenShift, which can be deployed on OperatorHub or the OpenShift console

  • NetApp Trident Version 25.6.2 or later Follow the instructions to deploy Trident operator from Red Hat OpenShift OperatorHub and deploy the Trident orchestrator into the OpenShift cluster. The examples on this page assume that Trident orchestrator is deployed into the trident namespace on the OpenShift cluster.

  • Azure NetApp Files with at least one capacity pool using the Flexible, Premium, Standard, or Ultra service level.

    If this is your first time using Azure NetApp Files, see the quickstart guide.

    The examples on this page assume that one Flexible service level capacity pool of Flexible an Azure NetApp Files delegated subnet exists on the virtual network used by Azure Red Hat OpenShift. The Flexible service level is recommended to control capacity and throughput for individual Azure NetApp Files volumes that contain the individual VM disk.

    Note

    Ensure there's sufficient capacity and throughput in your capacity pool for your VM disks. For more information, see Azure NetApp Files service levels and Azure NetApp Files performance calculator.

Architecture

This page details the setup of Azure NetApp Files for OpenShift Virtualization and the configuration steps for the Trident and its virtual storage pools as well as corresponding Kubernetes storage classes as shown in the diagram. It offers examples for one basic storage class with one throughput setting and for three storage classes with differing throughput characteristics.

Diagram showing the software components and configuration on the Azure Red Hat OpenShift cluster and Azure resources.

Before you begin

This configuration process uses the built-in Contributor role for the service principle used by Trident. If you don't want to use the default Contributor role, you can create a custom role to grant only the required privileges to Trident.

Configure Trident for Azure NetApp Files

  1. Create the service principal for the resource group that includes the Azure NetApp Files resources (NetApp account).

    az ad sp create-for-rbac --name trident --role Contributor --scopes /subscriptions/<Subscription_ID>/resourceGroups/<Resource_Group>

    The command outputs an appId and password. Make note of these outputs; they're required in the next step to create a secret for the Trident service principal.

    {
  "appId": "<appID>",
  "displayName": "trident",
  "password": "<password>",
  "tenant": "<tenant>"
}

  2. In the OpenShift console, create the secret with the credentials from the Trident service principal to manage the Azure NetApp Files resources.

    oc create secret generic anf-credentials --from-literal=clientID=<appID> --from-literal=clientSecret=<password> -n trident

  3. Configure Azure NetApp Files backend for Trident. Import YAML using the OpenShift console.

    1. Log in to your OpenShift web console.
    2. Select the + icon in the masthead then Import YAML.
    3. Paste the YAML directly into the editor or create a file and upload it with the Upload button.

    This example configuration establishes one virtual storage pool in the Trident backend that is used by one StorageClass later. The virtual storage pool uses the Flexible service level capacity pool with manual QoS that's assigned 60 MB/s for every volume created.

    apiVersion: trident.netapp.io/v1
kind: TridentBackendConfig
metadata:
  name: <ANF_TridentBackendConfig_name>
  namespace: trident
spec:
  version: 1
  storageDriverName: azure-netapp-files
  credentials:
      name: anf-credentials
  subscriptionID: <Subscription_ID>
  tenantID: <Tenant_ID>
  location: <region>
  networkFeatures: Standard
  virtualNetwork: <Resource_Group/Virtual_Network_used_by_ARO>
  subnet: <Resource_Group/Virtual_Network_used_by_ARO/Delegate_subnet_for_ANF>
  nfsMountOptions: nfsvers=3,nconnect=4
  defaults:
    unixPermissions: "0777"
    maxThroughput: "60"
    qosType: "Manual"
  labels:
    qos: manual60mbps

  4. Confirm Azure NetApp Files backend configuration for Trident.

    1. Log in to your OpenShift console.

    2. In the sidebar, select Home then Search.

    3. Select your TridentBackendConfig resource.

    4. From the Resources drop-down, select TridentBackendConfig.

    5. From the Projects drop-down, select All Projects.

    6. From the TridentBackendConfig list, select TridentBackendConfig_name.

    7. Select YAML.

    8. Confirm the following TridentBackendConfig settings:

    status:
    backendInfo:
    backendName: <TridentBackendConfig_name>
    backendUUID: <TridentBackendConfig_ID>
    deletionPolicy: delete
    lastOperationStatus: Success
    message: Backend '<TridentBackendConfig_name>' updated
    phase: Bound

  5. Configure the storage class to use Azure NetApp Files.

    1. Select the + icon in the masthead then Import YAML.
    2. Paste the YAML directly into the editor, or create a file and upload it with the Upload button.

    This storage class uses the one virtual storage pool in the Trident backend based on the qos label.

    apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: <ANF_StorageClass_name>
provisioner: csi.trident.netapp.io
parameters:
  backendType: "azure-netapp-files"
  selector: qos=manual60mbps
reclaimPolicy: Delete
allowVolumeExpansion: true

  6. Configure the volume snapshot class for Azure NetApp Files. Select the + icon in the masthead then Import YAML.

    Paste the YAML directly into the editor, or create a file and upload it with the Upload button.

    apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
metadata:
  name: <ANF_VolumeSnapshotClass_name>
driver: csi.trident.netapp.io
deletionPolicy: Delete

  7. In the OpenShift console, modify the storage profile for the Azure NetApp Files based storage classes so that ReadWriteMany (RWX) is the default. This modification allows the VM that uses VM disks in those storage classes to use live migration.

    # Linux:
oc patch storageprofile <ANF_StorageClass_name> --type='json' -p='[{"op": "replace", "path": "/spec/claimPropertySets", "value": [{"accessModes": ["ReadWriteMany"], "volumeMode": "Filesystem"}]}]'

  8. Set the AzureNetAppFiles_StorageClass_name as a default.

    1. In the OpenShift console's sidebar, select Storage then Storage Classes
    2. Select the Action menu ⋮ for the AzureNetAppFiles_StorageClass_name then Set as default.

Next steps

Further resources

  • Last updated on