Integrate Azure NetApp Files with Azure Kubernetes Service

Azure NetApp Files is an enterprise-class, high-performance, metered file storage service running on Azure. This article shows you how to integrate Azure NetApp Files with Azure Kubernetes Service (AKS).

Before you begin

This article assumes that you have an existing AKS cluster. If you need an AKS cluster, see the AKS quickstart using the Azure CLI or using the Azure portal.

Important

Your AKS cluster must also be in a region that supports Azure NetApp Files.

You also need the Azure CLI version 2.0.59 or later installed and configured. RunĀ az --version to find the version. If you need to install or upgrade, seeĀ Install Azure CLI.

Limitations

The following limitations apply when you use Azure NetApp Files:

  • Azure NetApp Files is only available in selected Azure regions.
  • Before you can use Azure NetApp Files, you must be granted access to the Azure NetApp Files service. To apply for access, you can use the Azure NetApp Files waitlist submission form. You can't access the Azure NetApp Files service until you receive the official confirmation email from the Azure NetApp Files team.
  • Your Azure NetApp Files service must be created in the same virtual network as your AKS cluster.
  • Only static provisioning for Azure NetApp Files is supported on AKS.

Configure Azure NetApp Files

Important

Before you can register the Microsoft.NetApp resource provider, you must complete the Azure NetApp Files waitlist submission form for your subscription. You can't register the resource provide until you receive the official confirmation email from the Azure NetApp Files team.

Register the Microsoft.NetApp resource provider:

az provider register --namespace Microsoft.NetApp --wait

Note

This can take some time to complete.

When you create an Azure NetApp account for use with AKS, you need to create the account in the node resource group. First, get the resource group name with the az aks show command and add the --query nodeResourceGroup query parameter. The following example gets the node resource group for the AKS cluster named myAKSCluster in the resource group name myResourceGroup:

$ az aks show --resource-group myResourceGroup --name myAKSCluster --query nodeResourceGroup -o tsv

MC_myResourceGroup_myAKSCluster_eastus

Create an Azure NetApp Files account in the node resource group and same region as your AKS cluster using az netappfiles account create. The following example creates an account named myaccount1 in the MC_myResourceGroup_myAKSCluster_eastus resource group and eastus region:

az netappfiles account create \
    --resource-group MC_myResourceGroup_myAKSCluster_eastus \
    --location eastus \
    --account-name myaccount1

Create a new capacity pool by using az netappfiles pool create. The following example creates a new capacity pool named mypool1 with 4 TB in size and Premium service level:

az netappfiles pool create \
    --resource-group MC_myResourceGroup_myAKSCluster_eastus \
    --location eastus \
    --account-name myaccount1 \
    --pool-name mypool1 \
    --size 4 \
    --service-level Premium

Create a subnet to delegate to Azure NetApp Files using az network vnet subnet create. This subnet must be in the same virtual network as your AKS cluster.

RESOURCE_GROUP=MC_myResourceGroup_myAKSCluster_eastus
VNET_NAME=$(az network vnet list --resource-group $RESOURCE_GROUP --query [].name -o tsv)
VNET_ID=$(az network vnet show --resource-group $RESOURCE_GROUP --name $VNET_NAME --query "id" -o tsv)
SUBNET_NAME=MyNetAppSubnet
az network vnet subnet create \
    --resource-group $RESOURCE_GROUP \
    --vnet-name $VNET_NAME \
    --name $SUBNET_NAME \
    --delegations "Microsoft.NetApp/volumes" \
    --address-prefixes 10.0.0.0/28

Create a volume by using az netappfiles volume create.

RESOURCE_GROUP=MC_myResourceGroup_myAKSCluster_eastus
LOCATION=eastus
ANF_ACCOUNT_NAME=myaccount1
POOL_NAME=mypool1
SERVICE_LEVEL=Premium
VNET_NAME=$(az network vnet list --resource-group $RESOURCE_GROUP --query [].name -o tsv)
VNET_ID=$(az network vnet show --resource-group $RESOURCE_GROUP --name $VNET_NAME --query "id" -o tsv)
SUBNET_NAME=MyNetAppSubnet
SUBNET_ID=$(az network vnet subnet show --resource-group $RESOURCE_GROUP --vnet-name $VNET_NAME --name $SUBNET_NAME --query "id" -o tsv)
VOLUME_SIZE_GiB=100 # 100 GiB
UNIQUE_FILE_PATH="myfilepath2" # Please note that creation token needs to be unique within all ANF Accounts

az netappfiles volume create \
    --resource-group $RESOURCE_GROUP \
    --location $LOCATION \
    --account-name $ANF_ACCOUNT_NAME \
    --pool-name $POOL_NAME \
    --name "myvol1" \
    --service-level $SERVICE_LEVEL \
    --vnet $VNET_ID \
    --subnet $SUBNET_ID \
    --usage-threshold $VOLUME_SIZE_GiB \
    --creation-token $UNIQUE_FILE_PATH \
    --protocol-types "NFSv3"

Create the PersistentVolume

List the details of your volume using az netappfiles volume show

$ az netappfiles volume show --resource-group $RESOURCE_GROUP --account-name $ANF_ACCOUNT_NAME --pool-name $POOL_NAME --volume-name "myvol1"

{
  ...
  "creationToken": "myfilepath2",
  ...
  "mountTargets": [
    {
      ...
      "ipAddress": "10.0.0.4",
      ...
    }
  ],
  ...
}

Create a pv-nfs.yaml defining a PersistentVolume. Replace path with the creationToken and server with ipAddress from the previous command. For example:

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-nfs
spec:
  capacity:
    storage: 100Gi
  accessModes:
    - ReadWriteMany
  nfs:
    server: 10.0.0.4
    path: /myfilepath2

Update the server and path to the values of your NFS (Network File System) volume you created in the previous step. Create the PersistentVolume with the kubectl apply command:

kubectl apply -f pv-nfs.yaml

Verify the Status of the PersistentVolume is Available using the kubectl describe command:

kubectl describe pv pv-nfs

Create the PersistentVolumeClaim

Create a pvc-nfs.yaml defining a PersistentVolume. For example:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-nfs
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: ""
  resources:
    requests:
      storage: 1Gi

Create the PersistentVolumeClaim with the kubectl apply command:

kubectl apply -f pvc-nfs.yaml

Verify the Status of the PersistentVolumeClaim is Bound using the kubectl describe command:

kubectl describe pvc pvc-nfs

Mount with a pod

Create a nginx-nfs.yaml defining a pod that uses the PersistentVolumeClaim. For example:

kind: Pod
apiVersion: v1
metadata:
  name: nginx-nfs
spec:
  containers:
  - image: nginx
    name: nginx-nfs
    command:
    - "/bin/sh"
    - "-c"
    - while true; do echo $(date) >> /mnt/azure/outfile; sleep 1; done
    volumeMounts:
    - name: disk01
      mountPath: /mnt/azure
  volumes:
  - name: disk01
    persistentVolumeClaim:
      claimName: pvc-nfs

Create the pod with the kubectl apply command:

kubectl apply -f nginx-nfs.yaml

Verify the pod is Running using the kubectl describe command:

kubectl describe pod nginx-nfs

Verify your volume has been mounted in the pod by using kubectl exec to connect to the pod then df -h to check if the volume is mounted.

$ kubectl exec -it nginx-nfs -- bash

root@nginx-nfs:/# df -h
Filesystem             Size  Used Avail Use% Mounted on
...
10.0.0.4:/myfilepath2  100T  384K  100T   1% /mnt/azure
...

Next steps

For more information on Azure NetApp Files, see What is Azure NetApp Files. For more information on using NFS with AKS, see Manually create and use an NFS (Network File System) Linux Server volume with Azure Kubernetes Service (AKS).