FlashArray: storage configuration from off-site - Pure Storage solves Coronavirus install issues.
[ NOTE: machine translation with the help of DeepL translator without additional proofreading and spell checking ]
Due to the rapid worldwide spread of the coronavirus (SARS-CoV-2 / Covid-19) and the increasing number of infections also here in Germany, I have already had several on-site appointments cancelled in the last two weeks. The external visit of companies is currently prohibited at a majority of customers and therefore on-site hardware commissioning by external specialists is impossible for an indefinite period of time. Especially in these days one appreciates the numerous options of remote work even more, but one must also say ... not everything can be done remotely, especially when it comes to hardware installation or reconfiguration.
So I'm particularly pleased to announce that Pure Storage has managed to find a suitable solution for new installations even in these difficult times - so that we can continue to get new systems up and running in "isolated" environments. The solution is "FlashArray Zero Touch Provisioning".
Exclusive pre-info: Zero Touch Provisioning will soon be available for FlashBlade from Purity //FB3.0 with REST API 1.9.
Zero Touch Provisioning allows racked-stacked (management) FlashArray/FlashBlade systems to be commissioned completely remotely aka "remote install". Previously, setup was only possible by authorized system engineers with a serial connection on-site in the data center.
Zero Touch Provisioning requires only one mounted/racked and uninitialized Pure Storage system and one wired/stacked management interface per controller (ct0.eth0 & ct1.eth0).
How easy the preparation goes...?
Storage can be so simple. I see Pure Storage customers and new customers having their new storage systems already mounted in the rack. Pure Storage's simple storage architecture allows this to happen and enables anyone to do hardware work.
Only if the customer takes over the hardware installation, the initial configuration can be done via Zero Touch Provisioning without on-site setup - unfortunately the FlashArrays do not "fly" into the rack and wire themselves yet. ツEstimated effort: between 30-60 minutes per system.
A Euro pallet with a large carton - in the outer packaging three small cartons, another carton with a bezel, rack rails and a (relatively) tiny carton with power cables, KVM cables and underneath the chassis with the storage controllers already inserted.
In the first box "Open Me First": an installation manual and a Torx screwdriver.
In the second box: contains the first Data Pack consisting of 10x DirectFlashModules/DFMs.
In the third box "Open Me Last": contains the second Data Pack (10x DFMs) or corresponding blanks.
With the installation instructions, the racking and cabling is also no problem - we are talking about a hardware installation similar to servers. However, it is recommended that two people carry out the installation, since the chassis is quite heavy.
Instructions for cabling the SAN can be provided by the partner/Pure Storage Professional Service, but experience shows that many customers always do this themselves after consultation.
Zero Touch Provisioning
The actual setup is then done via the newly implemented DHCP boot function and the Pure Storage REST API.
The management ports ct0.eth0 & ct1.eth0 on the FlashArray request IP addresses from a DHCP server when the array is first powered up. In addition, a REST API endpoint "listens" on ct1.eth0 so that the system engineer can remotely connect via the REST API and initialize the array after booting the FlashArray. This eliminates the need to connect directly to the FlashArray through the console port/KVM for initial setup.
When the FlashArray is first booted using the DHCP boot function, no REST authentication is required to connect. Users can connect to the API endpoint using the IP address assigned by the DHCP server. During initialization, the IP addresses assigned by the DHCP are replaced with static IP addresses. When initialization is complete, the FlashArray returns to its regular operating mode. The DHCP function is disabled and the FlashArray no longer allows remote REST API connections without authentication.
The basic requirement to use "Zero Touch Provisioning" (ZTP) is a Purity operating system version 5.2.4 or newer and a corresponding DHCP service applied to the management ports.
In principle, dynamic IP assignment or assignment using a DHCP reservation based on the MAC address of the management port is possible. Corresponding MAC address information can be taken from the labels.
During boot, a regular DHCP broadcast with a DHCP request is sent to the DHCP server in the case of dynamic assignment. The assigned IP addresses can then be found accordingly in the DHCP Address-Lease Table.
The setup with Zero Touch Provisioning
I have to keep this chapter short, because the configuration routine may only be performed by certified partners or by the Pure Storage Professional Service itself.
With the DHCP IP address present at the management interface at ct1.eth0, a GET request can be executed at the API endpoint for initialization. You then get an API output, which looks like the following example:
The necessary configuration parameters must then be converted into a JSON format and transferred to the FlashArray via a PATCH request. A corresponding JSON template is available for certified partners in the Pure Storage Support Portal.
When the request is sent, the system status changes to "initializing".
After the storage "provisioning" is completed, the system management can be accessed via the assigned static IP addresses (JSON deployment) using a web browser and SSH/CLI. The temporarily used DHCP addresses, as well as the necessary GET request for initialization, are invalid when the setup is completed. Interactions via the REST API are also only possible with prior authorization from this point on.
Initialization via Zero Touch Provisioning (excluding hardware installation) is completed within a few minutes.
INFO: At this time, only IPv4 DHCP boot is supported and no IPv6.
Fazit
Zero Touch Provisioning not only helps you in Corona times, but can also help with a large rollout of multiple FlashArrays. A large number of systems can be brought online in a very short time. Zero Touch Provisioning is an optional way for rollout and is a support for partners.
Even in the "Corona" era, ZTP has tremendous potential to perform Pure Storage rollouts remotely despite strict corporate guidelines/restrictions and for self-protection.
More info - Links
All officially published setting options in the GUI but also CLI can be read via the "on-board" user guides of the Pure Storage systems.
Click on "Help" in the Purity main menu.
The User Guide is structured like the main menu and can be opened downwards. A search function is also integrated - within here you can also search for keywords.
WEB: Pure Storage (Pure1) support portal - Ticket system and support *(requires registered FlashSystems)
PHONE: Pure Storage phone support: GER - (+49) (0)800 7239467; INTERNATIONAL - (+1) 650 7294088
WEB: Pure Storage OFFICIAL blog