Introducing Terraform Provider for Dell APEX Navigator for Multicloud Storage
Tue, 02 Jul 2024 17:22:03 -0000
|Read Time: 0 minutes
We are excited to announce the beta-availability of the new Terraform provider for Dell APEX Navigator for Multicloud Storage. APEX Navigator for Multicloud Storage drastically simplifies multicloud storage deployment and data management. With the new Terraform provider, we are bringing the power of Terraform cloud deployments to APEX Navigator workflows.
APEX Navigator Terraform provider overview
You can find the provider on the Terraform registry. Following is the provider declaration:
terraform { required_providers { apex = { source = "dell/apex" } } } provider "apex" { host = var.HOST jms_endpoint = var.JMS_ENDPOINT }
Where the variables are defined as follows:
variable "HOST" { type = string default = "https://apex.apis.dell.com/apex" } variable "JMS_ENDPOINT" { type = string default = "https://apex.apis.dell.com/apex" }
Following are the resources available in this version of the provider:
- AWS Account
- AWS Trust Policy Generate
- Block Storage
- Block Mobility Groups
- Block Mobility Groups Copy
- Block Mobility Targets
- Block Clones
- Block Clones Map
- Block Clones Refresh
- Block Clones Unmap
- File Storage
Following are the data sources:
- AWS Accounts
- AWS Permissions
- Storages
- Block Clones
- Block Hosts
- Block Mobility Groups
- Block Mobility Targets
- Block Pools
- Storage Products
- Block Volumes
Let’s delve into the different workflows of Dell APEX Navigator for Multicloud Storage and see how you can begin automating with Terraform.
Initial setup
To get started with Dell APEX Navigator for Multicloud Storage, add a cloud account that will be used for storage deployment. This is where the AWS Account resource is used to specify the details of your AWS Cloud account:
resource "apex_navigator_aws_account" "example" { # AWS account ID account_id = "123456789123" # AWS role ARN role_arn = "arn:aws:iam::123456789123:role/example-role-rn" }
Once you have added an AWS account, establish trust between the AWS account and the APEX Navigator by using the “AWS Trust Policy Generate” resource:
resource "terraform_data" "always_run_generate_trust_policy" { input = timestamp() } resource "apex_navigator_aws_trust_policy_generate" "example" { # AWS account ID account_id = "123456789123" // This will allow terraform create process to trigger each time we run terraform apply. // Each time we apply we want to generate a new trust policy. lifecycle { replace_triggered_by = [ terraform_data.always_run_generate_trust_policy ] } }
Storage deployment
Block storage deployment
You can deploy Block or File storage with your AWS account. Here is a typical topology of an APEX Block deployment:
Figure 1. APEX Block Storage deployment on AWS where all the node instances and subnets are automatically deployed by APEX Navigator for Multicloud Storage
There are two subnets within the availability zone: the public subnet for the access end point and the actual block storage nodes that are part of a private subnet. Following is the form on the APEX Navigator UI to define an APEX Block deployment:
Figure 2. APEX Navigator for Multicloud Storage UI form to deploy block storage
In Terraform, you can use the Block storage resource as follows:
resource "apex_navigator_block_storage" "cloud_instance" { # Type of system you want to deploy storage_system_type = "POWERFLEX" # The name of the system. name = "apex-navigator-terraform" product_version = "4.5.1" deployment_details = { system_public_cloud = { deployment_type = "PUBLIC_CLOUD" cloud_type = "AWS" cloud_account = "123456789012" cloud_region = "us-east-1" availability_zone_topology = "SINGLE_AVAILABILITY_ZONE" minimum_iops = "100" minimum_capacity = "8" tier_type = "BALANCED" ssh_key_name = "apex-navigator-terraform-key" vpc = { is_new_vpc = false vpc_id = "vpc-12345678901234567" # vpc_name = "my-vpc" } subnet_options = [ { subnet_id = "subnet-12345678901234567" #cidr_block = "30.0.8.0/22" subnet_type = "EXTERNAL" }, { #subnet_id = "subnet-2" cidr_block = "10.0.16.0/21" subnet_type = "INTERNAL" } ] } } # Note: PowerFlex credentials are required to activate the system for block storage related operations. # This is only required when decomissioning the system powerflex { username = "example-user" password = "example-password" } }
File storage deployment
For File storage, a typical topology would look like this:
Figure 3. APEX File Storage deployment on AWS where all the node instances and subnets are automatically deployed by APEX Navigator for Multicloud Storage
Once again, there are two subnets: a public subnet to access the storage service and the actual storage nodes in a private subnet.
On the APEX Navigator UI, the following is how a deployment is specified. This example is APEX File:
Figure 4. APEX Navigator for Multicloud Storage UI form to deploy File storage
In Terraform, you can use the following File storage resource, which shares a lot of the attributes with Block storage:
resource "apex_navigator_file_storage" "cloud_instance" { # Type of system you want to deploy storage_system_type = "POWERSCALE" # The name of the system. name = "apex-navigator-terraform-file" product_version = "9.8" # deployment_details (can be either system_on_prem or system_public_cloud) deployment_details = { system_public_cloud = { deployment_type = "PUBLIC_CLOUD" cloud_type = "AWS" cloud_account = "012345678901" cloud_region = "us-east-1" availability_zone_topology = "SINGLE_AVAILABILITY_ZONE" raw_capacity = "20" tier_type = "BALANCED" iam_instance_profile = "IAMProfileTest" ssh_key_name = "apex-navigator-terraform-key" vpc = { is_new_vpc = false vpc_id = "vpc-12345678901234567" } availability_zones = ["us-east-1a"] #Use for new VPC subnet_options = [ { subnet_id = "subnet-12345678901234567" subnet_type = "EXTERNAL" }, { subnet_id = "subnet-12345678901234567" subnet_type = "INTERNAL" }, { subnet_id = "subnet-12345678901234567" subnet_type = "SCG" } ] } } }
Data mobility
APEX Navigator for Multicloud Storage provides the ability to easily move data between Dell storage instances across multiple cloud environments.
Here are the steps involved in Block data mobility to a cloud target:
- Create or select a mobility group with the set of volumes you would like to replicate
- Select a Target mobility group for the data copy
- Initiate a mobility job that creates a copy
- Create a mountable clone of the target copy
Figure 5. Schematic showing snap-based copy provisioning for cloud workloads
Source and target mobility groups
The new Terraform provider for APEX Navigator provides the resources to create and manage block mobility groups. Following is an example of how you can group volumes of a source storage system that need to be part of a mobility group:
resource "apex_navigator_block_mobility_groups" "example" { # Name of the Mobility Group source name = "TerraformMobilityGroup" # ID of the target system system_id = "POWERFLEX-ABCD1234567890" # Type of the target system system_type = "POWERFLEX" # IDs of the volumes you want to add to the group volume_id = [ "POWERFLEX-ABCD1234567890__VOLUME__1234567890123456", "POWERFLEX-ABCD1234567890__VOLUME__1234567890123456" ] # Note: PowerFlex credentials are required to activate the system for mobility related operations. powerflex { username = "example-user" password = "example-pass" insecure = true } }
We then set up a mobility target using the Block Mobility Target resource as follows:
resource "apex_navigator_block_mobility_targets" "example" { # Name of the Mobility target name = "TerraformMobilityTarget" # Source Mobility Group Id source_mobility_group_id = "POWERFLEX-ABCD1234567890__DATAMOBILITYGROUP__12345678-1234-1234-1234-123456789012" # Target System Id system_id = "POWERFLEX-ABCD1234567890" # Target System Type system_type = "POWERFLEX" # Storage pool id to use for allocating target volumes target_system_options = "POWERFLEX-ABCD1234567890_STORAGE_POOL__1234567890123456" # Note: PowerFlex credentials are required to activate the system for mobility related operations. # The source mobility group Powerflex powerflex_source { username = "example-source-username" password = "example-source-pass" } # The Powerflex where you want to create the target powerflex_target { username = "example-target-username" password = "example-target-pass" } }
Data mobility in batch mode
To replicate the mobility group to the target destination, we use the Mobility Groups Copy resource as follows:
resource "terraform_data" "always_run_mobility_groups_copy" { input = timestamp() } resource "apex_navigator_block_mobility_groups_copy" "example" { for_each = var.mobility_group mobility_source_id = each.value.mobility_source_id mobility_target_id = each.value.mobility_target_id # Note: PowerFlex credentials are required to activate the system for mobility related operations. powerflex_source { username = each.value.powerflex_source_user password = each.value.powerflex_source_password host = each.value.powerflex_source_host insecure = each.value.insecure } powerflex_target { username = each.value.powerflex_target_user password = each.value.powerflex_target_password host = each.value.powerflex_target_host insecure = each.value.insecure } // This will allow terraform create process to trigger each time we run terraform apply. lifecycle { replace_triggered_by = [ terraform_data.always_run_mobility_groups_copy ] } }
Note that you can specify multiple sources and targets so that you can run multiple mobility or copy jobs at once. Following is how can specify the mobility_group variable that can have multiple sources and targets:
mobility_group = { "group-1" = { powerflex_source_user = "source_user" powerflex_source_password = "source_pass" powerflex_target_user = "target_user" powerflex_target_password = "target_pass" insecure = true mobility_source_id = "source-id-example-1" mobility_target_id = "target-id-example-2" }, "group-2" = { powerflex_source_user = "source_user" powerflex_source_password = "source_pass" powerflex_target_user = "target_user" powerflex_target_password = "target_pass" insecure = true mobility_source_id = "source-id-example-2" mobility_target_id = "target-id-example-2" }, }
Ways to control the snap copy refresh
In the “mobility groups copy” resource configuration, note that we are using the lifecycle block to specify that the copy resource needs to be replaced when there is a change in the referenced resource, “terraform_data.always_run_mobility_groups_copy”. If you look at the “terraform_data.always_run_mobility_groups_copy”, it is simply the time stamp. Given that every apply execution has a unique timestamp, this ensures that the copy job is triggered for every execution. This prompts Terraform to start the copy job afresh in every apply, which refreshes the snapshot copy on the target storage system.
Clones
The next step is to make a clone of this target copy to start giving access to it from various applications/workloads on cloud compute instances. To do this, we use the clones resource, which manages clones on APEX Navigator. We can create, read, update, and delete the Clones using this resource. We can also import an existing clone from APEX Navigator:
resource "apex_navigator_block_clones" "example" { # Name of the clone name = "CloneTerraformName" # Description of the clone description = "for data analysis" # Mobility target ID mobility_target_id = "POWERFLEX-ABCD1234567890__DATAMOBILITYGROUP__12345678-1234-1234-1234-123456789012" # System ID system_id = "POWERFLEX-ELMSIOENG10015" # List of host ids you want to add to the clone host_mappings = [ { host_id = "POWERFLEX-ABCD1234567890__HOST__12345678901234" } ] # Note: PowerFlex credentials are required to activate the system for clones related operations. powerflex { username = "example-username" password = "example-pass" } }
Conclusion
That covers the set of resources that are part of the beta 2 release of the Terraform provider for Dell APEX Navigator for Multicloud Storage. Go ahead and give it a spin. If you are new to the APEX Navigator product family, we invite you to take a look at the following resources to learn more:
Full set of demo videos for APEX Navigator
Following are the links for key resources for each of the Terraform providers for Dell infrastructure:
Provider for APEX Navigator
Provider for PowerScale
Provider for PowerFlex
Provider for PowerStore
Provider for Redfish
Author: Parasar Kodati and Robert Sonders