Skip to main content
Pure Technical Services

Deploy using Azure CLI/PowerShell | Pure CBS on Azure

Currently viewing public documentation. Please login to access the full scope of documentation.

KP_Ext_Announcement.png

This document is intended to walk users through the deployment of Cloud Block Store on Azure using the Azure PowerShell. For complete detailed deployment guidance, best practices, and pre-requisite information, please refer to the main Cloud Block Store Deployment and Configuration Guide for Azure document.

Before You Begin (Deployment Checklist) 

Deployment may fail if all the requirements are not met. Before deploying Cloud Block Store, go through the following checklist:

  1. Does your tenant have an Azure Active Directory Premium 2 license? See Azure Active Directory Premium 2 License section for details.
  2. Ensure you have the proper IAM roles for your user account. See the Azure IAM Roles section for details.
  3. Ensure there is internet access from the subnet used for the System interface. See the Internet Access section for details.
  4. (Optional) Is there a Service Endpoint for CosmoDB for the subnet used by the System interface. See Service Endpoint section for details.
  5. Ensure that your max vCPU limits can accommodate Cloud Block Store instances. See Azure VM instance vCPU limits section for details.
  6. Have you retrieved your Pure-As-A-Service license from Pure1? Steps to retrieve license are here.
    1. Note: - If you have not purchased a license, there are two options to obtain a license key:
      1. Working with Pure Storage sales teams and Pure Storage partners to obtain a Pure as-a-Service subscription.
      2. Going directly to the Azure Marketplace to sign up for a subscription service.
  7. Have you added your Azure subscription ID to Pure1? This is a security feature to ensure only user approved Azure subscriptions are allowed to deploy Cloud Block Store. Instructions to whitelist Azure subscriptions are provided here
  8. If the above requirements have been met, proceed and deploy Cloud Block Store.

Upload Cloud Block Store Template and Parameter Files to Azure CLI

To deploy Cloud Block Store on Azure using the Azure CLI, you will need to get Cloud Block Store template and parameter files into the Azure CLI. There are a few ways to do this.

Option 1: Copy/Paste Contents into Azure CLI

  1. Log onto your Azure portal and open up a Cloud Shell.

clipboard_e8852fafdae7d388a716efd6faf88884f.png 

  1. In your Cloud Shell (Powershell or Bash), navigate to the desired directory.

clipboard_ebeadf3f5b760016b3857f9b627edb48c.png

  1. Using your favorite file editor, create a new template file and parameter file. Save the files as .JSON files.

clipboard_e25a00b8b11a3f6048b1dc03086953e3d.png

  1. Copy and paste the contents of the template and parameter files from the Template and Parameter Files section below to your respective files in your Azure CLI.
  2. Edit the Cloud Block Store parameter file with the desired parameters for your Cloud Block Store deployment. Refer to the parameter file in the Template and Parameter Files section below and edit the fields as shown in red text.

Option 2: Use the Upload Function in the Azure Portal

  1. Save the Cloud Block Store template and parameter files (provided above) onto your local desktop.
  2. Edit the Cloud Block Store parameter file with the desired parameters for your Cloud Block Store deployment. Refer to the parameter file in the Template and Parameter Files section below and edit the fields as shown in red text.
  3. Log onto your Azure portal and open up a Cloud Shell.

clipboard_e8852fafdae7d388a716efd6faf88884f.png

  1. Click on the Upload icon and select Upload. 

clipboard_e95820d3826ad9cc57bae5aad3efca5be.png

  1. Select the template and parameter files from your local desktop.
  2. It should now appear in your Azure CLI home directory. 

Deploying Cloud Block Store via Azure CLI

  1. Log onto your Azure portal and open up a Cloud Shell.

clipboard_e60e897384bda7edde438de36ccab640e.png

  1. Use the command below to set your desired subscription:

az account set --subscription <subscription ID>

  1. Accept Terms and Conditions for the Cloud Block Store managed application deployment.

Get-AzMarketplaceTerms -Publisher 'purestoragemarketplaceadmin'-Product '<product name>' -Name '<plan name>' | Set-AzMarketplaceTerms -Accept

where 

<product name>can be found inside the latest CBS template file below in Appendix A.

<plan name> can be found inside the latest CBS template file below in Appendix A.

Example:

Template file shows (lines in green)

 "resources": [
        {
            "type": "Microsoft.Solutions/applications",
            "apiVersion": "2017-09-01",
            "location": "[resourceGroup().Location]",
            "kind": "MarketPlace",
            "name": "[parameters('applicationResourceName')]",            
            "plan": {
                "name": "cbs_azure_6_3_5",
                "product": "pure_storage_cloud_block_store_deployment",
                "publisher": "purestoragemarketplaceadmin",
                "version": "1.0.0"
            },

        In Azure CLI:

clipboard_e72395df22977947e8dd14b190682b854.png

 

  1. Run the command below to deploy the Cloud Block Store managed application into your desired resource group.

az deployment group create --resource-group <Resource Group> --template-file <CBS template file> --parameters <CBS parameter file>

where 

<Resource Group> is the desired resource group where the Cloud Block Store managed application will reside.

<CBS template file>  is the Cloud Block Store template file.

<CBS parameter file> is the Cloud Block Store parameter file with your desired parameters.

Example:

clipboard_e9a74305bed57b0d72735f2b6af8e46ef.png

 

It will take about 15-20 minutes to complete the deployment. When complete, the Cloud Block Store managed application will appear in your selected resource group. 

To access, view, and manage your Cloud Block Store instance, go to the Managing Cloud Block Store sections of the main Cloud Block Store Deployment and Configuration Guide for Azure document.

 


Appendix A

Template and Parameter Files

CBS Parameter File

  • Please note that items in red below are fields you should edit with your desired parameters and specific environment.
  • The managementResourceGroup,  systemResourceGroup, iscsiResourceGroup, and replicationResourceGroup parameters below should reflect the Resource Group where you desired VNET resides. 
  • The location region parameter should reflect the same region where your selected managementVnet, iscsiVnet, replicationVnet, and systemVnet resides.
  • For the sku parameter, you can set to V10MUR1 or V20MUR1 for your desired Cloud Block Store model. See Cloud Block Store Support Matrix for details of each model.
  • For the jitAccessPolicy parameter, you can leave the approval mode as AutoApprove for the deployment but it is highly recommended to set this to manual approval once deployment completes successfully. For detailed steps to set approval mode, see the Appendix section of the Cloud Block Store Deployment Guide.

Downloadable Parameter file

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "location": {
            "value": "westus2"
        },
        "arrayName": {
            "value": "MyCoudBlockStore"
        },
        "sku": {
            "value": "V10MUR1"
        },
        "orgDomain": {
            "value": "mycompany.com"
        },
        "licenseKey": {
            "value": "123456789"
        },
        "alertRecipients": {
            "value": ""
        },
        "pureuserPublicKey": {
            "value": ""
        },
        "zone": {
            "value": 1
        },
        "managementSubnet": {
            "value": "MySubnet"
        },
        "systemSubnet": {
            "value": "MySubnet"
        },
        "iSCSISubnet": {
            "value": "MySubnet"
        },
        "replicationSubnet": {
            "value": "MySubnet"
        },
        "managementVnet": {
            "value": "MyVNET"
        },
        "systemVnet": {
            "value": "MyVNET"
        },
        "iSCSIVnet": {
            "value": "MyVNET"
        },
        "replicationVnet": {
            "value": "MyVNET"
        },
        "managementResourceGroup": {
            "value": "MyCBSResourceGroup"
        },
        "systemResourceGroup": {
            "value": "MyCBSResourceGroup"
        },
        "iSCSIResourceGroup": {
            "value": "MyCBSResourceGroup"
        },
        "replicationResourceGroup": {
            "value": "MyCBSResourceGroup"
        },
        "managementNewOrExisting": {
            "value": "existing"
        },
        "systemNewOrExisting": {
            "value": "existing"
        },
        "iscsiNewOrExisting": {
            "value": "existing"
        },
        "replicationNewOrExisting": {
            "value": "existing"
        },
        "jitAccessPolicy": {
            "value": {
                "jitAccessEnabled": true,
                "jitApprovalMode": "ManualApprove",
                "maximumJitAccessDuration": "PT8H",
                "jitApprovers": [ <<SECURITY GROUP OF APPROVERS>> ]
            }
        },
        "tagsByResource": {
            "value": {}
        },
        "applicationResourceName": {
            "value": "MyCoudBlockStore"
        },
        "managedResourceGroupId": {
            "value": ""
        }
    }
}

 

CBS Template File, Version 6.3.0

There is no need for you to edit the provided CBS template file below.

Downloadable Template file

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "tagsByResource": {
            "type": "object",
            "defaultValue": {},
            "metadata": {
                "description": "Dictionary of additional tags to be added to the array."
            }
        },
        "alertRecipients": {
            "type": "string",
            "metadata": {
                "description": "A comma-separated list of email addresses to which the array will send alerts."
            }
        },
        "arrayName": {
            "type": "string",
            "metadata": {
                "description": "The name of the array. 0-30 alphanumeric characters only."
            }
        },
        "licenseKey": {
            "type": "securestring",
            "metadata": {
                "description": "Pure provided license key for production or \"CBS-TRIAL-LICENSE\" for a trial array."
            }
        },
        "location": {
            "type": "string",
            "defaultValue": "[resourceGroup().location]"
        },
        "orgDomain": {
            "type": "string",
            "metadata": {
                "description": "The domain name of your organization - used internally by Pure Storage Inc for telemetry and diagnostics."
            }
        },
        "pureuserPublicKey": {
            "type": "securestring",
            "defaultValue": "",
            "metadata": {
                "description": "Public ssh key to allow pureuser login"
            }
        },
        "sku": {
            "type": "string",
            "allowedValues": [
                "V10MUR1",
                "V20MUR1"
            ]
        },
        "managementSubnet": {
            "type": "string",
            "metadata": {
                "description": "Subnet containing the Array's management interfaces. Does not need internet access."
            }
        },
        "systemSubnet": {
            "type": "string",
            "metadata": {
                "description": "Subnet for the system interface of the Array, used for activation, telemetry, etc. Needs to have internet access."
            }
        },
        "iSCSISubnet": {
            "type": "string",
            "metadata": {
                "description": "Subnet containing the Array's iSCSI interfaces"
            }
        },
        "replicationSubnet": {
            "type": "string",
            "metadata": {
                "description": "Subnet containing the Array's Management interfaces"
            }
        },
        "managementVnet": {
            "type": "string",
            "metadata": {
                "description": "Virtual network for the Array's Management interfaces."
            }
        },
        "systemVnet": {
            "type": "string",
            "metadata": {
                "description": "Virtual network for the Array's network interfaces."
            }
        },
        "iSCSIVnet": {
            "type": "string",
            "metadata": {
                "description": "Virtual Network containing the Array's ISCSI interfaces"
            }
        },
        "replicationVnet": {
            "type": "string",
            "metadata": {
                "description": "Virtual Network containing the Array's Replication interfaces"
            }
        },
        "managementResourceGroup": {
            "type": "string",
            "metadata": {
                "description": "Resource Group containint the Array's Management Network Resources"
            }
        },
        "systemResourceGroup": {
            "type": "string",
            "metadata": {
                "description": "Resource group name for the virtual network containing the system interfaces."
            }
        },
        "iSCSIResourceGroup": {
            "type": "string",
            "metadata": {
                "description": "The Resource Group containging the ISCSI Virtual Network"
            }
        },
        "replicationResourceGroup": {
            "type": "string",
            "metadata": {
                "description": "The Resource Group containing the Replication Virtual Network"
            }
        },
        "zone": {
            "type": "int",
            "defaultValue": 1,
            "allowedValues": [
                1,
                2,
                3
            ],
            "metadata": {
                "description": "The Availability Zone within the location to deploy to"
            }
        },
        "pureStorageDefaultTags": {
            "type": "object",
            "metadata": {
                "description": "Deal with various versions of Microsoft's ARM-TTK empty object warnings. Should never have an actual parameter."
            },
            "defaultValue": {
                "Product": "Pure:CBS"
            }
        },
        "managementNewOrExisting": {
            "type": "string",
            "defaultValue": "existing",
            "metadata": {
                "description": "A Required but ignored input, required by Microsoft's ARM-TTK validation tools"
            }
        },
        "systemNewOrExisting": {
            "type": "string",
            "defaultValue": "existing",
            "metadata": {
                "description": "A Required but ignored input, required by Microsoft's ARM-TTK validation tools"
            }
        },
        "iscsiNewOrExisting": {
            "type": "string",
            "defaultValue": "existing",
            "metadata": {
                "description": "A Required but ignored input, required by Microsoft's ARM-TTK validation tools"
            }
        },
        "replicationNewOrExisting": {
            "type": "string",
            "defaultValue": "existing",
            "metadata": {
                "description": "A Required but ignored input, required by Microsoft's ARM-TTK validation tools"
            }
        },
        "applicationResourceName": {
            "type": "string",
            "defaultValue": "4d109be51b9b4ed09ac936ddb9981844"
        },
        "managedResourceGroupId": {
            "type": "string",
            "defaultValue": ""
        },
        "managedIdentity": {
            "type": "object",
            "defaultValue": {}
        },
        "jitAccessPolicy": {
            "type": "object",
            "defaultValue": {
               "jitAccessEnabled": true,
                "jitApprovalMode": "ManualApprove",
                "maximumJitAccessDuration": "PT8H",
                "jitApprovers": [ <<SECURITY GROUP OF APPROVERS>> ]
            }
            
        }
    },
    "variables": {
        "managedResourceGroupId": "[if(empty(parameters('managedResourceGroupId')),concat(subscription().id,'/resourceGroups/',take(concat(resourceGroup().name,'-',uniquestring(resourceGroup().id),uniquestring(parameters('applicationResourceName'))),90)),parameters('managedResourceGroupId'))]"
    },
    "resources": [
        {
            "type": "Microsoft.Solutions/applications",
            "apiVersion": "2017-09-01",
            "location": "[resourceGroup().Location]",
            "kind": "MarketPlace",
            "name": "[parameters('applicationResourceName')]",
           "plan": {    
                "name": "cbs_azure_6_3_5",    
                "product": "pure_storage_cloud_block_store_deployment",    
                "publisher": "purestoragemarketplaceadmin",    
                "version": "1.0.0"    
            },
            
            "identity": "[if(empty(parameters('managedIdentity')),json('null'),parameters('managedIdentity'))]",
            "properties": {
                "managedResourceGroupId": "[variables('managedResourceGroupId')]",
                "parameters": {
                    "tagsByResource": {
                        "value": "[parameters('tagsByResource')]"
                    },
                    "alertRecipients": {
                        "value": "[parameters('alertRecipients')]"
                    },
                    "arrayName": {
                        "value": "[parameters('arrayName')]"
                    },
                    "licenseKey": {
                        "value": "[parameters('licenseKey')]"
                    },
                    "location": {
                        "value": "[parameters('location')]"
                    },
                    "orgDomain": {
                        "value": "[parameters('orgDomain')]"
                    },
                    "pureuserPublicKey": {
                        "value": "[parameters('pureuserPublicKey')]"
                    },
                    "sku": {
                        "value": "[parameters('sku')]"
                    },
                    "managementSubnet": {
                        "value": "[parameters('managementSubnet')]"
                    },
                    "systemSubnet": {
                        "value": "[parameters('systemSubnet')]"
                    },
                    "iSCSISubnet": {
                        "value": "[parameters('iSCSISubnet')]"
                    },
                    "replicationSubnet": {
                        "value": "[parameters('replicationSubnet')]"
                    },
                    "managementVnet": {
                        "value": "[parameters('managementVnet')]"
                    },
                    "systemVnet": {
                        "value": "[parameters('systemVnet')]"
                    },
                    "iSCSIVnet": {
                        "value": "[parameters('iSCSIVnet')]"
                    },
                    "replicationVnet": {
                        "value": "[parameters('replicationVnet')]"
                    },
                    "managementResourceGroup": {
                        "value": "[parameters('managementResourceGroup')]"
                    },
                    "systemResourceGroup": {
                        "value": "[parameters('systemResourceGroup')]"
                    },
                    "iSCSIResourceGroup": {
                        "value": "[parameters('iSCSIResourceGroup')]"
                    },
                    "replicationResourceGroup": {
                        "value": "[parameters('replicationResourceGroup')]"
                    },
                    "zone": {
                        "value": "[parameters('zone')]"
                    },
                    "pureStorageDefaultTags": {
                        "value": "[parameters('pureStorageDefaultTags')]"
                    },
                    "managementNewOrExisting": {
                        "value": "[parameters('managementNewOrExisting')]"
                    },
                    "systemNewOrExisting": {
                        "value": "[parameters('systemNewOrExisting')]"
                    },
                    "iscsiNewOrExisting": {
                        "value": "[parameters('iscsiNewOrExisting')]"
                    },
                    "replicationNewOrExisting": {
                        "value": "[parameters('replicationNewOrExisting')]"
                    }
                },
                "jitAccessPolicy": "[parameters('jitAccessPolicy')]"
            }
        }
    ]
}