April 30, 2020
Topics: Azure NetApp Files Advanced9 minute read
A cloud migration journey is often both exciting and challenging for organizations, especially when the process involves NFS file share workloads. In such cases, traditional approaches like lift-and-shift, lift-and-migrate, or even full refactoring may not be relevant since most file share workloads require additional planning and resources. Azure NetApp Files (ANF) fills this gap by offering a managed file share service that meets the demands of enterprise workloads, including high availability and performance as well as scalability.
This blog post presents a real-world case of migrating NFS file-based workloads to Azure, the challenges and lessons learned, as well as how ANF helped a customer accelerate their cloud adoption.
NFS File Share Migration Challenges
Following the adoption of a cloud-first digital transformation strategy, a global beverage company made the decision to move their workloads to Azure. During the migration assessment and planning phase, they were able to fit the majority of their Windows and Linux workloads into an as-is/lift-and-shift migration method. However, they encountered a problem with their NFS file-share dependent Linux workloads that could prove a real hindrance to the cloud migration process.
The possibility of refactoring the workloads to use cloud-based object storage to replace the file shares was ruled out, as this would have required modifying the application code. In addition, the configuration information and dependencies of these legacy applications were either unknown or undocumented, which made refactoring or rearchitecting the application a risky approach.
The conventional approach in such cases is to deploy NFS file share clusters in Azure using virtual machines (VMs) and managed disks to support Linux file sharing. Once the clusters are ready, the required NFS file shares can then be provisioned and attached to the workload. This approach, however, comes with its fair share of challenges, especially in terms of complexity of building a highly reliable, performant file server - or file server cluster - just to serve the needs of your Linux workloads.
A normalized performance standard using a specific VM and managed disk SKU was not feasible due to the different types of workloads involved—databases, enterprise file shares, analytics applications, and so on—that required different, and often extreme performance levels. Moreover, building out multiple NFS clusters with different resource SKUs to cater to the varying performance demands of different workloads would have been impractical.
If they were to adopt the do-it-yourself NFS cluster approach, the cloud administrators would have had to plan for the monthly patch deployments and vulnerability management processes. In addition to ACLs applied to file shares, the access management of backend virtual machines and disks would also need to be managed diligently.
Capacity management was another issue, as increasing the storage capacity on demand is not an easy process for sprawling NFS clusters. Last but not the least was the challenge of migrating terabytes of data to the NFS cluster. While there are data copy tools and scripts available to accomplish this, the need of the hour was an enterprise-class solution that was well integrated with the target environment and could handle the data transfer in a secure manner.
Efficient Migration Using ANF
Azure NetApp Files is a Microsoft first-party file share service available in Azure, and the result of years of collaboration between Microsoft and NetApp to address the challenges associated with Linux file sharing requirements for cloud migration. ANF integrates the enterprise-class data management capabilities of the NetApp® ONTAP technology with Azure data centers. The service is sold, supported, and managed directly by Microsoft. It is custom built to address the NFS file share requirements of organizations similar to those of the aforementioned customer, where cloud migration often comes to a standstill when it comes to NFS file-share-dependent Linux workloads.
ANF volumes can be directly provisioned from the Azure portal and connected to dependent Linux workloads. ANF is available as a fully managed PaaS service, there is no need to set up or manage sprawling NFS clusters. Customers can access the service from the Azure portal through their existing enterprise agreements and manage it through Azure Portal, PowerShell, CLI, and Rest APIs as with other Azure services. Organizations can thus seamlessly integrate ANF into their Linux migration plans.
ANF also offers bare-metal storage performance and three service levels—Standard, Premium and Ultra—thus catering to the varying performance requirements of different types of workloads. Scaling the service for workloads that handle large datasets is also easy, as the volumes can be scaled on demand from the Azure portal or through automation scripts. With support for NFSv3 and NFSv4.1, even legacy Linux file share workloads can be migrated to and operated in Azure, without compromising quality or performance.
Migration: Lessons Learned
ANF’s enterprise-grade data management capabilities addressed the need for a simple to use, high performance NFS file service in Azure. The customer was able to leverage ANF for a smooth migration of NFS file-share-dependent workloads to the cloud, availing its many benefits, including built-in high availability, resiliency, and scalability to name a few. As with every cloud adoption journey, there were also lessons learned.
Plan for High Availability
High availability is one of the main design pillars of cloud migration. While the common approach is to ensure availability of VMs hosting workloads, availability of the storage service must also be a key consideration during the design phase. Built on NetApp® ONTAP’s architecture and deeply integrated with Azure data centers, ANF offers out-of-the-box high availability backed by an Azure SLA of 99.99%. Customers can simply provision the file shares and rest assured that their data will remain highly available and protected from any underlying infrastructure, software, or hardware-related issues.
Secure File Share Deployments
ANF employs the Azure RBAC roles to control management plane access. In order to ensure that only authorized personnel can create, delete, and manage the ANF volumes, it’s important to select the right RBAC role or to create a custom role and assign it to a restricted set of users. In addition, access to the volumes at the data plane should be restricted through export policies for network-based ACLs to prevent unauthorized access from rogue sources. ANF is deployed in a private Azure VNet accessible only to workloads with connectivity to the VNet, meaning additional security measures are not required here while using public IP addresses. While the service provides all these capabilities for secure file share deployment, the customer is responsible for aligning the roles and permissions with the specific business requirements.
Design for Scalability
A single ANF volume can be provisioned with a minimum capacity of 100 GB and scaled up to 100 TB on demand based on the application data growth requirements. Provisioned from capacity pools, ANF volumes can have a maximum capacity of 100 TiB; a single NetApp account can have 25 such capacity pools, which can be adjusted by contacting Microsoft support. A single capacity pool can scale to a maximum size of 500 TiB. For applications handling large data sets, it’s important to consider the service level maximums during ANF capacity planning.
ANF service levels offer the following throughput per terabyte of volume quota:
- 16MiB/s for the Standard tier
- 64 MiB/s for the Premium tier
- 128 MiB/s for Ultra tier
The ANF volume throughput depends on the quota and associated service level, irrespective of volume consumption. For example, with lower environments like test and development systems, customers can opt for the Standard tier and adjust performance by simply changing the volume quota. Production systems can use the Standard, Premium, or Ultra tier depending on the performance requirements. Customers can adjust the volume quota to meet increased performance demands and later scale down the quota as the workload throughput demand decreases.
Large-Scale Data Migration
While there are many available third-party tools, services, and scripts for transferring large data sets stored in on-premises NFS file shares to Azure, the need of the hour is a tool that can handle the process through a simple, unified interface in a reliable and secure manner.
ANF can be integrated with NetApp’s Cloud Sync service, custom built for rapid and secure data synchronization between on-premises systems to multiple target cloud environments. Cloud Sync addresses one of the greatest challenges of cloud adoption, i.e., data migration, by allowing you to replicate and synchronize your on-premises NFS file share data with the ANF volumes.
Overcome Your Linux File Sharing Obstacles with ANF
By removing the complexity associated with cloud-based file share services, the customer was able to overcome the initial hiccups with its NFS file-share-dependent workloads. This led to a paradigm shift in their cloud migration approach and accelerated the company’s digital transformation.
Don’t let your Linux file share workloads be an obstacle for migration to Azure. Subscribe to Azure NetApp Files today.