Skip to main content
Pure Technical Services

Deploy using Azure Portal | Pure CBS on Azure

Currently viewing public documentation. Please login to access the full scope of documentation.

KP_Ext_Announcement.png

Deploying Cloud Block Store 

The following steps will provide guidance on deploying a Cloud Block Store managed application using the the Azure Portal GUI.

See this list of supported regions to confirm Cloud Block Store availability.

To deploy Cloud Block Store using the Azure CLI, see steps in the Cloud Block Store Deployment and Configuration Guide for Azure using Azure CLI KB article.

To deploy Cloud Block Store using Terraform, see steps in the Cloud Block Store Deployment with Terraform KB article.

Note: The followings steps reflects deployment of Cloud Block Store versions 6.1.4 or higher which no longer deploys a public load balancer. Therefore it is mandatory that there is internet access for the Cloud Block Store system network interface in order to successfully deploy. See the Internet Access section within the prerequisites KB article.

Deploy Cloud Block Store from the Azure Marketplace.

1. Log into the Azure “Marketplace”.

clipboard_ed892dd0ed85145f230a81bde0c647460.png

2. In the Marketplace search bar, search for “cloud block store”.

clipboard_e9ce466bb5a1fc865197af5f0c52003bc.png

3. Click on the Pure Cloud Block Store (Product Deployment) tile. Note that the subscription listing is used for purchasing licenses.

clipboard_e604ce037c741c7f79b201cfdefc8df79.png

4. Click Create.

clipboard_ea9fb38e8055f06c14ca15ddb41955580.png

5. Complete the required fields. An example screenshot is provided for additional guidance below.

a. Select the desired Subscription.

b. Select the desired Resource group in which you want the Cloud Block Store managed application to reside. 

Note: It is highly suggested that this region matches the region of your Resource Group in selection b. The deployment may occasionally fail if they do not match.

Note: Some zones may not have the required Azure backend storage available, which is required for Cloud Block Store. To find out which zone in your specific Azure subscription has Ultra SSDs (for V20MUR2 and V10MUR2 CBS Model) or Premium V2 SSD (for V20P2R2 CBS Model), run the following command from the Azure CloudShell or locally with Azure login to your subscription:

For Ultra SSDs (for V20MUR2 and V10MUR2 CBS Model)

- Azure PowerShell 

Get-AzComputeResourceSku | where {$_.ResourceType -eq “disks” -and $_.Name -eq “UltraSSD_LRS”}

- Azure CLI

az vm list-skus --resource-type disks --query "[?name=='UltraSSD_LRS'].{Region:locationInfo[0].location, Zones:locationInfo[0].zones}"

Premium V2 SSD (for V20P2R2 CBS Model)

- Azure PowerShell 

Get-AzComputeResourceSku | where {$_.ResourceType -eq “disks” -and $_.Name -eq “PremiumV2_LRS”}

- Azure CLI

az vm list-skus --resource-type disks --query "[?name=='PremiumV2_LRS'].{Region:locationInfo[0].location, Zones:locationInfo[0].zones}"

f.  Enter the desired Array Name for the Cloud Block Store VM instance.

g. Enter your Company Domain Name. This can be changed later. 

Example: purestorage.com

h. Enter the Cloud Block Store License key

g. (Optional) Enter comma separated email addresses of recipients who wish to receive Purity alerts.

h. (Optional) If you wish to log in via SSH with the default pureuser username, an SSH public key can be provided here.

Note: Alternatively, after deployment you can also log into the Cloud Block Store GUI (HTTPS) and manually add the SSH key to the desired user login. 

i.  (Optional) If you intend to use this CBS Array with Fusion, check this box.

Read this article for guidance on deploying CBS Arrays for Fusion in Azure.

j.  Enter the desired Application Name of your Cloud Block Store managed application. 

k. (Optional) You can change the name of the Managed Resource Group if desired. 

Example:

clipboard_e427cf73379b4ff4a3240c6bd03985474.png

6. Click Next: Managed Identity.

7. Enter the User Managed Identity Resource Id created for the array. The steps on how to create, assign roles, and get the resource Id are under Prerequisites section.

clipboard_ea5184675673bf9dcb015cfc6bc802ae5.png

8. Click Next: Network.

9. Complete the Network fields. Cloud Block Store has four network interfaces (system, management, iSCSI, replication) and will need a Virtual Network (VNet) and subnet assigned. 

Note: 

  • You must select the same VNet for all four interfaces. However, the interfaces can reside in the same or different subnet within the VNET. See the Networking Prerequisites article for network option diagrams in the prerequisites document.
  • Ensure the subnet you select for the System interface has internet access. Example via NAT Gateway or Azure Firewall. See network Internet Access section in the prerequisites document for options to configure internet access.

clipboard_eb7e4a441475e8e3333e63123b2b3937d.png

 

10. Click Next: Tags.

11. Add any desired tags for this deployment.

12. Click Next: JIT Configuration.

13. Ensure that you select Yes to enable Just in Time (JIT) remote access. 

        For CBS version 6.5.1 and above is the enablement of this feature strongly RECOMMENDED

For CBS version 6.5.0 and below is the enablement of this feature MANDATORY
 

clipboard_eeec11f2419adfd573d614b862cb0b915.png

14. Click on the Customize JIT configuration button. Switch the Approval mode to Manual value. 

clipboard_ebbddc0dda3abe5dbc46fd4c4f492f0d8.png    

  1. Select Manual mode
  2. Click Add Approver

clipboard_e4c8d21119e8ca9fd79bd2caed248024e.png

               c. On the right-hand side, search and select user(s)/group(s) whom you wish to be approvers for JIT requests from Pure Support.

We recommend designating a Microsoft Entra security group, which includes several users responsible for deployed resources, as the Approvers.

clipboard_e4a787530a8c7af46eaee8fe8ed40f36f.png

 

          d. Click Select and Save.

15. Click Next: Review + create.

16. Read and check the box to acknowledge the terms and conditions.

clipboard_e9747deb22d629b30c7f913c37fe1d772.png  

17. Review your parameters and click Create.

clipboard_e94cfcf5a2f4865c8fbdeb65faeaed24c.png

18. Cloud Block Store will now be deployed into your desired resource group, VNet, and subnets. The deployment should be completed within 20 minutes depending on the region.

Note: It may take a few minutes after deployment completes for the Cloud Block Store to initialize and be ready.

Removing Cloud Block Store 

To properly terminate and remove a Cloud Block Store instance, run the two CLI commands provided below. The proper steps will ensure that the Cloud Block Store instance removal is reflected accurately and accounted for in the Pure-as-a-Service subscription on Pure1.

Prerequisites:

  • All Cloud Block Store volumes and snapshots must be deleted and eradicated prior to termination of a Cloud Block Store instance. This includes Protection Group snapshots.
  • All connected arrays and targets must be disconnected from any type of Purity replication.
  • Cloud Block Store instance must able to phone home. This ensures the Cloud Block Store instance is properly de-registered in the Pure-as-a-Service subscription.

Once the prerequisite array state has been achieved, the following steps will terminate and remove the Cloud Block Store instance.

  1. Using SSH, log into the Cloud Block Store instance management port. 

Note: See the Viewing the Cloud Block Store IP Addresses in Azure Portal section for the management port IP address.

  1. Run the following command:

purearray factory-reset-token create

Example

purearray factory-reset-token create
Name               Token
MyCloudBlockStore  4109498 
  1. A token will be provided in the output. Make a note of the token value.
  2. Run the following command with the token from the previous command.

purearray erase --factory-reset-token <token> --eradicate-all-data

This allows the Cloud Block Store instance to communicate with Pure1 prior to deleting itself.

Example

purearray erase --factory-reset-token 4109498 --eradicate-all-data
Name
MyCloudBlockStore

 

  1. Important: Wait about 5 minutes and proceed delete the Cloud Block Store managed application.

Note: Cloud Block Store manage application deletion takes about 10-15 minutes to completely remove all the underlying resources. 

clipboard_e1b5e14e20f9306b81e5ce18ccc56ec78.png
 

For new arrays deployed with version 6.4+ 

In version 6.4, Pure has introduced auto-on SafeMode™ protection for volumes on a new array. This would prevent removing all the objects protected by default in the array. Therefore, customers can only perform CBS deletion with Pure Support involvement. 

The screenshot below shows the Default Protection Groups under Protection > Array.


clipboard_e90fd5358fc2b9fe6e10ad5820f367485.png

You can see that the default protection group pgroup-auto is ratcheted

clipboard_ea3956a419dc2ca1dd64d9de2c78af54a.png

Prerequisites before requesting Pure support:

  • All Cloud Block Store volumes and snapshots must be deleted and eradicated prior to termination of a Cloud Block Store instance. This includes Protection Group snapshots. Note: you won't be able to eradicate snapshots under the default pgourp-auto  or destroy the protection group itself.
  • All connected arrays and targets must be disconnected from any type of Purity replication.
  • Cloud Block Store instance must be able to phone home. This ensures the Cloud Block Store instance is properly de-registered in the Pure-as-a-Service subscription.
  • The last step is to enable Remote Assist. 

Once the prerequisite array state has been achieved, request Pure Support and ask for decommissioning the array.