Setting networks

Virtual Storage Platform One SDS Cloud for Microsoft Azure Setup and Configuration
Version
1.18.x
Audience
anonymous
Part Number
MK-24VSP1SDS010-02

Set a network to manage Microsoft Azure resources from storage nodes. Perform either of the following settings for the control network subnet.

(A) Allow outbound communication with the internet

(B) Create a resource management private link, private endpoint, and service endpoint

For details and cautions about how to create resource management private links, see the following website.

https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/create-private-link-access-portal

CAUTION:

VSP One SDS Block does not support a custom DNS server (your own custom DNS server). Use a DNS service provided by Microsoft Azure as a DNS server.

(A) When you allow outbound communication with the internet

Create a firewall, NAT, and other items so that outbound communication with the internet from the control network subnet is possible. For details, see the Microsoft Azure documentation.

When you use a firewall policy to control outbound communication with the internet, allow the following communication for the network rule.

Item

Setting description

Source type

IP address

Source IP address

CIDR Block of a control network subnet

Destination type

Service tags

Destination service tag

AzureCloud

Protocol

TCP

Port

443

(B) When you create a resource management private link, private endpoint, and service endpoint

  1. Create a resource management private link.

    The setting contents are as follows.

    Item

    Setting description

    Private link scope

    Tenant Root Group

    Subscription

    Azure subscription

    Resource group

    Any resource group

    Azure region

    Any region in which the storage cluster is to be configured.

    Name

    Any name
  2. Create a private endpoint for the resource management private link you created.

    The setting contents are as follows.

    Tab

    Item

    Setting description

    Basics

    Subscription

    Azure subscription

    Resource group

    Any resource group

    Name

    Any name

    Network interface name

    Any name

    Region

    Any region in which the storage cluster is to be configured.

    Resource

    Target sub-resource

    ResourceManagement

    Virtual network

    Virtual network

    Virtual network name to be used for setting up VSP One SDS Block

    Subnet

    Control network subnet

    Private IP configuration

    Optional

    Application security group

    Not set

    DNS

    Integrate with private DNS zone

    Yes

    Subscription

    Azure subscription

    Resource group

    Virtual network resource group
  3. Create a service endpoint for a virtual network to be used for setting up VSP One SDS Block.

    The setting contents are as follows.

    Item

    Setting description

    Service

    Microsoft.Storage

    Service endpoint policy

    None

    Subnet

    Control network subnet