The Pure Storage VMware Cloud Manager plugin is the linchpin that allows Azure VMware Solution users to connect and manage storage with Pure Cloud Block Store. Installation of this plugin is accomplished by deploying the Pure Storage VMware OVA inside of the AVS vCenter - since that has network connectivity to both AVS and CBS via the AVS ExpressRoute connection.
The OVA leverages Docker to pull down the required binaries from a Debian repo upon first boot as well as any time the logged in user executes an upgrade (when available). Download of these Docker binaries requires the OVA to have an outbound internet connection as well as several ports, URLs and IP address ranges being allowed on the AVS NSX-T network. If these networking items are not allowed the OVA will not function and can prevent creation and management of storage with Pure CBS.
Pure Storage and the Microsoft AVS team are also continually iterating our respective PowerShell modules for managing the joint solution, so checking for upgrades to the OVA is important as PowerShell versions may eventually become obsolete, have a bug and/or a missing feature that might be required.
If the Pure Storage VMware OVA has networking issues or is otherwise powered off or deleted, users will be unable to update or make changes to CBS storage with AVS. However, existing CBS datastore(s) that have been created while the OVA was online will continue to function as normal so long as there are no iSCSI network interruptions, capacity issues or the need to restore the volume from a snapshot (as a volume restore is executed from the OVA). That is, all of those types of commands need to be executed via the VMware Cloud Manager OVA, so having it available is an important consideration.
If the Pure Storage VMware OVA is out of date, certain functionalities may not be available or bugs might exist that are fixed in a later revision.
There are a few important items to check to confirm if the Pure Storage OVA has proper network connectivity. Also, it is important to make certain that the OVA has been powered on and has an IP address associated with it inside of the AVS vCenter, as you are required to login via ssh to the OVA in order to manage it.
Confirm that the OVA is at the latest version
To do so, login to the ova as the pureuser account and then run
If you see an available upgrade, you can upgrade to it via running the
puresw upgrade start pure-vmware-cloud-manager command.
Confirm that an NSX-T network segment has been created and the VMware Cloud Manager OVA was deployed with it
NSX-T network segments are defined by the AVS administrator for virtual machines to consume and use. An NSX-T segment can be setup either inside of the AVS portal or via the NSX-T manager appliance. The Pure Storage OVA needs to reside on a user-defined NSX-T network segment in order to function.
To confirm an NSX-T segment is being utilized, first find the name of the segment as shown in the below screenshot from the Azure portal.
Next, from the AVS vCenter, navigate to the deployed Pure Storage VMware Cloud Manager OVA. Under the Summary screen, confirm it is using the expected NSX-T segment as its network adapter and that it has an IP address from the CIDR block specified. The VMware Cloud Manager support DHCP or static IP addressing.
Confirm that the VMware Cloud Manager OVA is deployed onto an NSX-T segment with internet access
As the Pure Storage OVA requires an outbound internet connection to connect to, and download from a Debian repository for Docker, the AVS instance itself must have an internet connection enabled. To confirm this, navigate to the AVS object inside of the Azure Portal and select 'Internet Connectivity' from the menu on the left.
Both SNAT and NSX-T Edge options are supported for the Pure Storage OVA. A default route must be setup to use the top option shown above (Do not connect).
If internet connectivity is not allowable in the AVS environment, use the 2nd deployment option outlined here to setup a native Azure virtual machine with the required PowerShell modules for managing the AVS and CBS integration.
Confirm that outbound access is available if a firewall is being utilized in your AVS environment
As mentioned previously in this article, the Pure Storage OVA requires access to a debian repo to function. If a firewall port or other routing device is blocking traffic, it will be unable to pull down the required Docker binaries from our Debian repo.
The VMware Cloud Manager requires the following access:
- Port 443 access to deb.cloud-support.purestorage.com
More information can be found about Pure Storage VMware OVA port requirements here. The VMware Cloud Manager OVA is an interchangable component with the 'Pure Plugin Appliance' shown in the diagram.
The VM Analytics Collector is fully supported in AVS, but also requires the access to Pure1 as shown in the diagram in the link above.