Muokkaa

Jaa


Manage availability zone volume placement for Azure NetApp Files

You can deploy new volumes in the logical availability zone of your choice. You can also populate existing volumes with availability zone information. To better understand availability zones, see Use availability zone volume placement for high availability.

Requirements and considerations

Important

If you're using availability zones with custom roles or the built-in Contributor RBAC role, ensure you have the appropriate permissions set. Not having certain permissions can cause issues in the Azure portal. For configuration details, see Configure custom RBAC roles.

  • This feature doesn't guarantee free capacity in the availability zone. For example, even if you can deploy a VM in availability zone 3 of the East US region, it doesn’t guarantee free Azure NetApp Files capacity in that zone. If no sufficient capacity is available, volume creation will fail.

  • After a volume is created with an availability zone, the specified availability zone can’t be modified. Volumes can’t be moved between availability zones.

  • NetApp accounts and capacity pools aren't bound by the availability zone. A capacity pool can contain volumes in different availability zones.

  • This feature provides zonal volume placement, with latency within the zonal latency envelopes. It does not provide proximity placement towards compute. As such, it does not provide lowest latency guarantee.

  • Each data center is assigned to a physical zone. Physical zones are mapped to logical zones in your Azure subscription. Azure subscriptions are automatically assigned this mapping at the time a subscription is created. This feature aligns with the generic logical-to-physical availability zone mapping for the subscription.

  • VMs and Azure NetApp Files volumes are to be deployed separately, within the same logical availability zone to create zone alignment between VMs and Azure NetApp Files. The availability zone volume placement feature doesn't create zonal VMs upon volume creation, or vice versa.

  • For volumes in different availability zones, Azure NetApp Files allows you to create volumes with the same file path (NFS), share name (SMB), or volume path (dual-protocol).

Important

It's not recommended that you use availability zones for Terraform-managed volumes. If you do, you must add the zone property to your volume.

Create a volume with an availability zone

  1. Select Volumes from your capacity pool. Then select + Add volume to create a volume.

    For details about volume creation, see:

  2. In the Create a Volume page, under the Basic tab, select the Availability Zone pulldown to specify an availability zone where Azure NetApp Files resources are present.

    Important

    Logical availability zones for the subscription without Azure NetApp Files presence are marked (Unavailable) and are greyed out.

    Screenshot that shows the Availability Zone menu.

  3. Follow the UI to create the volume. The Review + Create page shows the selected availability zone you specified.

    Screenshot that shows the Availability Zone review.

  4. Navigate to Properties to confirm your availability zone configuration.

    Screenshot of volume properties interface.

Populate an existing volume with availability zone information

  1. Navigate to the volume that you want to populate with availability zone information.

  2. Select Populate availability zone.

  3. The Populate Availability Zone window appears and displays the availability zone in which the Azure NetApp Files volume is deployed.

  4. Select Save if you want to populate this availability zone to the volume, or select Cancel if you want to keep the volume regional.

    Important

    Availability zone information can only be populated as provided. You can't select an availability zone or move the volume to another availability zone by using this feature. If you want to move this volume to another availability zone, consider using cross-zone replication (after populating the volume with the availability zone information).

    Screenshot of the Populate Availability Zone window.

Populate availability zone for Terraform-managed volumes

The populate availability zone features requires a zone property on the volume. You can set the zone property only when you create the Terraform-managed volume, but you can't modify it after the volume has been created. Adding the zone property after the volume has been created can cause data loss or loss of the volume if the specified zone value does not match the availability zone.

Important

To prevent data loss on any Azure resource that includes volatile resources, you should use the prevent_destroy lifecycle argument.

  1. Navigate to the Terraform module terraform.tfstate file. The "zone" property should be an empty string.

  2. In the Terraform-managed volume's configuration file (main.tf), locate the lifecycle configuration block for the volume resource. Modify the block with ignore_changes = [zone]. If no lifecycle configuration block exists, add it:

    lifecycle {
        ignore_changes = [zone]
    }
    
  3. In the Azure portal, locate the Terraform-managed volume. In the volume Overview, select Populate availability zone and make note of the availability zone. Do not select save.

    Screenshot of the Populate Availability Zone menu.

  4. In the volume's configuration file (main.tf), add a value for zone, entering the numerical value you retrieved in the previous step. For example, if the volume's availability zone is 1, enter zone = 1.

  5. Save the file.

  6. Return to the Azure portal. Select Save to populate the availability zone.

  7. Run terraform plan to confirm that no changes will be made to your volume. The CLI output should display: No changes. Your infrastructure matches the configuration.

  8. Run terraform apply to apply the changes. You should see the same CLI output as in the previous step.

If you need to delete and recreate the volume in a different availability zone, remove the ignore_changes = [zone] line in the configuration file then run terraform plan followed by terraform apply.

Configure custom RBAC roles

If you're using a custom RBAC role or the built-in Contributor role and managing availability zones in the Azure portal, you might not be able to access network features and Availability Zone options in the Azure portal. To ensure you have the appropriate access, add the Microsoft.NetApp/locations/* permission. The wildcard encompasses the following permissions:

  • Microsoft.NetApp/locations/{location}/checkNameAvailability
  • Microsoft.NetApp/locations/{location}/checkFilePathAvailability
  • Microsoft.NetApp/locations/{location}/checkQuotaAvailability
  • Microsoft.NetApp/locations/{location}/quotaLimits
  • Microsoft.NetApp/locations/{location}/quotaLimits/{quotaLimitName}
  • Microsoft.NetApp/locations/{location}/regionInfo
  • Microsoft.NetApp/locations/{location}/regionInfos
  • Microsoft.NetApp/locations/{location}/queryNetworkSiblingSet
  • Microsoft.NetApp/locations/{location}/updateNetworkSiblingSet

Steps

  1. In your Azure NetApp Files subscription, select Access control (IAM).

  2. Select Roles then choose the custom role you want to modify. Select the three dots (...) then Edit.

  3. To update the custom role, select JSON. Modify the JSON file to include the locations wild card permission (Microsoft.NetApp/locations/*). For example:

    {
    	"properties": {
    	    "roleName": ""
    	    "description": ""
    	    "assignableScopes": ["/subscription/<subscriptionID>"
            ],
    	},
    	"permissions": [
            {
        	    "actions": [
                	"Microsoft.NetApp/locations/*",
                	"Microsoft.NetApp/netAppAccounts/read",
                	"Microsoft.NetApp/netAppAccounts/renewCredentials/action",
                    "Microsoft.NetApp/netAppAccounts/capacityPools/read",
                ]
            }]
    }
    
  4. Select Review + update.

  5. Sign out of your Azure account, then sign back in to confirm permissions effect has taken hold and the options are visible.

Next steps