Creating an Azure NetApp Files volume using Terraform

Over the past few weeks we have been gradually building out our Azure NetApp Files (ANF) environment in Azure using Terraform. Using Terraform, we have built an ANF account, link to that post here. We have also created an ANF capacity pool, link to that post here. In this post we are going to deploy an ANF Volume as well as other Azure services to support it, such as Azure Virtual Network and Subnets.

Please note, you must have registered your subscription to use the NetApp Resource Provider. For more information on this please have a look at the docs page here.

Hopefully you’ll have a code editor and Terraform installed on your system. If not, to get them installed, whiz on over to this article here.

What are we building today?

Today we will be building the following resources:

  • 1 x Resource Group
  • 1 x Keyvault
  • 1 x Secret
  • 1 x Virtual Network
  • 1 x Subnet
  • 1 x Azure NetApp Files account
  • 1 x Azure NetApp Files capacity pool
  • 1 x Azure NetApp Files volume

The Terraform code used for this lab can be found in my GitHub here. The files in the repo are used to do the following:

  • main.tf – Used to specify providers and create the resource groups
  • variables.tf – Used to define variables for this deployment. They are defaults and referenced using the terraform.tfvars file.
  • terraform.tfvars – This is file the only file you’ll need to edit amend parameters for your deployment.
  • output.tf – This file will be used will be used to capture the randomly generated name of the Resource Group for future deployments that need to reference the name of this resource group.
  • keyvault.tf – This file will be used to create the Azure Keyvault and Secret. These will be used in future deployments to specify the username and password for Virtual Machines.
  • vnets.tf – This file is used to create the Azure Virtual Network that will have subnet delegation the the ANF service, more on this later.
  • anf_account.tf – This file is used to create the Azure NetApp Files account.
  • anf_capacity_pool.tf – This file is used to create the Azure NetApp Files capacity pool.
  • anf_volumes.tf
Let’s build our Azure NetApp Files volume

In order to create our Azure NetApp File volume, we will require a resource group and and Azure NetApp Files account, a capacity pool and a Virtual Network with a subnet. This will be done using the the files that are included in my GitHub repo, link above.

1. As mentioned above, we will require a Virtual Network (VNet) to host our ANF volume. The code below will create a VNet, subnet and delegate access to the Microsoft/NetApp resource to that subnet.

# Create VNet 1
resource "azurerm_virtual_network" "vnet_1" {
  name                = "${var.vnet_1}-${random_string.rg_random_1.result}"
  location            = var.region_1
  resource_group_name = azurerm_resource_group.rg_1.name
  address_space       = [var.address_space_region_1]
  dns_servers         = [var.dns_server_1]
  tags = {
    Environment = var.tag_environment
    CreatedBy   = var.tag_createdby
    CreatedWith = var.tag_createdwith
    Project     = var.tag_project
  }
}

# Create VNet 1 Subnet 1
resource "azurerm_subnet" "vnet_1_snet_1" {
  name                 = "${var.snet_1}-${var.vnet_1}-${random_string.rg_random_1.result}"
  resource_group_name  = azurerm_resource_group.rg_1.name
  virtual_network_name = azurerm_virtual_network.vnet_1.name
  address_prefixes     = [var.address_vnet_1_snet_1]
  delegation {
    name = "delegation"
    service_delegation {
      name    = "Microsoft.Netapp/volumes"
      actions = ["Microsoft.Network/networkinterfaces/*", "Microsoft.Network/virtualNetworks/subnets/join/action"]
    }
  }
}

2. Next, we will create our ANF volume. For the purpose of this article, we will create a NFS volume, the reason fir this is that a CIFS volume will require Active Directory and most people might not have an Active Directory to play with in their lab. If, however, you do have access to an Active Directory within you lab and you would like to deploy a CIDS volume I have included this in the code below but commented it out. Simply remove the comments around the code (/* */) and save the file.

# Create Azure NetApp Files NFS Volume 1
resource "azurerm_netapp_volume" "anf_nfs_vol_1" {
  lifecycle {
    prevent_destroy = false
  }

  name                = "vol-nfs-${var.region_1}-${random_string.rg_random_1.result}"
  location            = var.region_1
  resource_group_name = azurerm_resource_group.rg_1.name
  account_name        = azurerm_netapp_account.anf_acc_1.name
  pool_name           = azurerm_netapp_pool.anf_cap_1.name
  volume_path         = "${var.region_1}-${var.vol_path_nfs}"
  service_level       = var.service_level_std
  subnet_id           = azurerm_subnet.vnet_1_snet_1.id
  protocols           = [var.protocol_nfs]
  storage_quota_in_gb = var.volume_size

  export_policy_rule {
    rule_index          = 1
    allowed_clients     = [var.address_vnet_1_snet_1]
    protocols_enabled   = ["NFSv3"]
    unix_read_write     = true
    root_access_enabled = true
  }

  tags = {
    Environment = var.tag_environment
    CreatedBy   = var.tag_createdby
    CreatedWith = var.tag_createdwith
    Project     = var.tag_project
  }
}


/*
# Create Azure NetApp Files SMB Volume 1
resource "azurerm_netapp_volume" "anf_smb_vol_1" {
  lifecycle {
    prevent_destroy = false
  }

  name                = "vol-smb-${var.region_1}-${random_string.rg_random_1.result}"
  location            = var.region_1
  resource_group_name = azurerm_resource_group.rg_1.name
  account_name        = azurerm_netapp_account.anf_acc_1.name
  pool_name           = azurerm_netapp_pool.anf_cap_1.name
  volume_path         = "${var.region_1}-${var.vol_path_smb}"
  service_level       = var.service_level_std
  subnet_id           = azurerm_subnet.vnet_1_snet_1.id
  protocols           = [var.protocol_smb]
  storage_quota_in_gb = 1024

  tags = {
    Environment = var.tag_environment
    CreatedBy   = var.tag_createdby
    CreatedWith = var.tag_createdwith
    Project     = var.tag_project
  }
}
*/
Deploying the code

Once you have your files in your Terraform directory you can go ahead and deploy the code. To do this, open your editor of choice and browse to your Terraform directory.

1. In your Terraform directory, run the following command to initialise the Terraform deployment and download the required modules.

terraform init

2. Next we need to create a Terraform plan. This is used to determine what is required to create the configuration you have specified in your Terraform directory. To do this, run the command below.

terraform plan -out main.tfplan

3. Now that you have generated your Terraform deployment plan, we can push the Terraform code into Azure and create our resources. Run the command below to apply your code.

terraform apply main.tfplan

4. That’s it, you have now deployed your Azure NetApp Files resources using Terraform. If you have a look in the Azure portal you will see the resource group you created and within it the resources.

5. Now that you have successfully deployed your resources into Azure, once you have finished with them, it’s time to clean it up and remove your deployment. This is quite straightforward, simply run the command below. This will use the .tfstate file and destroy all resource that terraform built using the apply command previously.

terraform destroy
Summary

I hope that this very short blog post about creating Azure NetApp Files capacity pools using Terraform has been helpful? I think that the more you use this toolset to deploy infrastructure into Azure, the more you will appreciate its power and simplicity. In my next blog, we’ll build upon this one and add more services into the resource group. Next time, we will look at configuring Cross Region Replication 😊

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.