Earlier this year, we announced the preview of Azure Container Storage (ACS), the industry’s first platform-managed container native storage service in the public cloud, providing highly scalable, cost-effective persistent volumes, built natively for containers.
With ACS, you can,
- Seamlessly failover volumes across the cluster to maximize pod availability without bottlenecks on volume attaches and deletes.
- Rapidly scale up to a large number of volumes as application pods scale up or scale out without node or cluster level limitations.
- Get a consistent volume management experience across backing storage types including ephemeral disks, Azure Disks and Azure Elastic SAN.
- Optimize price-performance, with small volumes that require higher input/output operations per second (IOPS).
Today, we are announcing the preview update enabling advanced capabilities on resiliency, security, data protection and an Azure Kubernetes Service (AKS)-integrated install experience enabling you to easily use block storage volumes for production-scale stateful container applications on Azure.
Resiliency
(limited preview) Use volume replication for storage pools using ephemeral disks (on NVMe)
Applications that require extremely low latency or high performance can leverage Local NVMe disks available on the AKS cluster nodes with Azure Container Storage by choosing ephemeral disk as the backing storage. For workloads that need added resiliency, you can now configure replication as an optional feature in the storage pool definition, which will synchronously replicate data volumes across the NVMe disks in the storage pool based on the number of replicas specified. This enables you to seamlessly run stateful applications like PostgreSQL with high availability while also leveraging the capabilities of local NVMe disks to achieve fast failovers, as an alternative to using technologies like DRBD. To try this capability please sign up here.
Multi-zone storage pools for high availability and redundancy
Applications using multi-zone AKS clusters for high availability can now benefit from the topology awareness on Azure Container Storage. When you create a storage pool with a multi-zone AKS cluster, this will automatically be configured as a multi-zone storage pool with capacity provisioned in each specified zone. This enables users to create and use volumes in multiple zones, including – zone spreading with application-level replication, or using backing storage with zonally replicated storage (ZRS) disks for storage level replication, to protect against zone outages.
Zone pinning with application-level replication (e.g., Cassandra)
When running applications like CassandraDB that offer application-level replication, you can use Kubernetes topologySpreadConstraints or nodeaffinity to achieve maximum cross-zonal spread for higher availability. You can learn more about zone pinning and spreading pods across zones on AKS here.
Zone redundancy with storage replication (e.g., mySQL)
If your application needs storage-level replication for added resiliency across zones, you need to use a storage pool backed by Premium SSD ZRS or Standard SSD ZRS disks.
Zone selection is enabled for Azure Disk and ephemeral disk storage options. Zone redundancy is enabled for Azure Disk.
Security
Secure storage pools using server-side encryption with customer managed keys (SSE/CMK)
You can now secure storage pools using SSE/CMK. Simply pass in a pointer to the key in KeyVault as part of the metadata during storage pool creation. All volumes provisioned in the storage pool will be encrypted using the user specified key. This is currently enabled on storage pools backed by Azure Disk.
Data Protection
Protect and restore volumes within and across clusters
As part of previous preview updates, we enabled the ability to snapshot and clone volumes for recovery within a storage pool. For workloads that need added resiliency across regions as well as the ability to move volumes between clusters during version upgrades, you can now use integrated partner solutions that provide a wider set of options including – configuring backup policies, cross cluster recovery of volumes, and ability to protect applications i.e., resources in namespace/label. In addition, you can also migrate existing volumes to Azure Container Storage using these solutions. This is currently enabled for storage pools backed by ephemeral disk and Azure Disk.
|
"With Azure Container Storage, Microsoft has removed much of the management burden from Kubernetes storage, allowing development and DevOps teams to focus on their data and applications. This approach enables organizations to more easily operate stateful production applications at scale. We are pleased to have worked with the Azure Container Storage team to certify CloudCasa for backup and recovery of stateful applications running on it, and to provide a jointly tested solution for easy migration to it."
Bob Adair, Head of Product Management, CloudCasa By Catalogic |
|
"With Azure Container Storage (ACS) and Kasten by Veeam, organizations can maximize performance, flexibility and resiliency, while protecting their cloud native workloads from ransomware attacks. Kasten by Veeam collaborated with Microsoft Product and Engineering teams to validate provisioning, volume snapshot and restore capabilities on Azure Container Storage to ensure joint Microsoft and Kasten by Veeam customers can backup, protect, and migrate their stateful workloads to Azure Kubernetes Service (AKS). Through our strategic partnership, we simplify organizations’ cloud journeys without sacrificing performance, scalability or resiliency."
Matt Slotten, Principal Solution Architect, Cloud Native Partnerships Kasten by Veeam |
In addition, here is a quick recap of the capabilities enabled since preview -
- Expansion to 26 regions with the ability to configure auto-upgrades via Arc Extensions.
- Ability to scale up by resizing volumes backed by Azure Disk and NVMe storage pools.
- Storage pools backed by additional Azure Disk options including Premium SSD v2, Standard SSD and Ultra Disk along with Premium SSD.
- Recover volumes within a storage pool with Snapshots and Clones.
Get Started
Simplified installation with AKS CLI
You can now deploy and use Azure Container Storage directly as part of the AKS cluster create or update preview experience. This will automatically install the extension and seamlessly configure a storage pool and storage class for use, improving the current experience requiring multiple steps for installation. You can now simply pass in the backing storage type alongside cluster properties to enable Azure Container Storage alongside AKS cluster create,
az aks create --name --resource-group --node-vm-size --node-count [--enable-azure-container-storage {azureDisk, ephemeraldisk, elasticSan}]
You can also enable Azure Container Storage on an existing AKS cluster using az aks update. Check out our quickstart here.
To learn more, read the documentation, blog, and watch the video. If you are interested in providing us feedback on your preview experience, please complete this short survey. If you need help or have additional feedback, you can email us at AskContainerStorage @ microsoft.com.