Overview
Nasuni Data Service (NDS) presents data stored on Nasuni volumes through an Azure Blob Storage–compatible interface. This guide explains how to:
Deploy UniFS as a Service (UaaS) in Microsoft Azure.
Note: NDS is a component of the UaaS platform.
Enable and configure NDS for one or more volumes.
Validate access and retrieve connection information.
Update an existing deployment.
Audience and Scope
This document is intended for administrators who manage Nasuni environments and Azure resources. You should be comfortable with the following:
The Nasuni Management Console (NMC).
Azure Resource Manager concepts.
PowerShell 7+.
Prerequisites
Ensure you have the following prerequisites before beginning.
Nasuni
UaaS serial number and authentication code.
Serial numbers & authentication codes are available in the Nasuni Portal.
Note: NDS is available at no additional cost. Contact your Account Manager to request licensing for NDS.
NMC version 25.1 or higher.
Nasuni Edge Appliance (NEA) version 10.0.1 or higher.
The target volumes must be shared (Remote Access enabled) via the NMC.
Azure or AWS object storage for the target volumes.
Important: Connecting to object storage in a different cloud provider or region than your NDS deployment will generate cloud egress costs, billed to you by AWS or Azure. Whenever possible, deploy NDS in the same provider and region as the object storage to avoid these charges.
Software
PowerShell 7.0 or higher.
Azure PowerShell module (Az) version 14.0.0 or higher.
Azure Subscription and Permissions
An active Azure subscription.
Owner (or equivalent) access at the scope of the resource group used for deployment.
Connectivity between resources. For more information, see NDS for Azure - Supported Parameters & Limits.
Download & Verify the NDS Setup Script
Download the latest NDS Setup Script here: NDS-AZ-Setup.ps1
In PowerShell, verify by printing the help text:
./NDS-AZ-Setup.ps1 -Help
Important: The script creates and maintains each deployment’s state in a file named
{ResourceGroupName}-state.json. Keep both the script and its JSON file(s) together for future updates.Without the JSON file, future updates to the deployment are not possible.
1. New Deployment
The workflow for a new deployment includes the following steps:
1a. Collect Inputs
Begin by collecting the following inputs:
Parameter | Description |
|---|---|
-ResourceGroupName | Dedicated Azure resource group for UaaS/NDS (required) |
-SerialNumber | Valid UaaS serial number |
-AuthCode | Matching authentication code |
-Location | Azure region co‑located with the Nasuni object store (to avoid egress fees) Tip List Azure regions and corresponding Locations: |
1b. Run the Script
Run this script in PowerShell: ./NDS-AZ-Setup.ps1 -Action New-Deployment -ResourceGroupName <RG> -SerialNumber <SN> -AuthCode <AC> -Location <LOC>
This script accomplishes the following:
Create or reuse the resource group.
Deploy the UaaS ARM template.
Configure supporting NDS resources.
Prompt you to continue.
Note: It takes approximately ten minutes for the initial deployment to complete. The script opens the deployment status in Azure for you to follow.
1c. Register Volumes in the NMC
Each volume presented via NDS must be registered by temporarily enabling cloud-based snapshot retention.
To register volumes in the NMC, follow these steps:
The PowerShell script outputs an API URL (e.g.,
https://uaas-<uniquevalue>.azurecontainerapps.io).
Copy this URL for the next step.
After the script prompts you, log in to the NMC and navigate to Volumes > Snapshot Retention.
Important: Record the current retention settings of your volumes (take a screenshot for reference). You temporarily modify the retention settings, and then revert them back as the last step in this process.
Select the target volume(s) and click Edit Volumes.
Toggle Update Retention Policy.
Set the Retain drop-down to Snapshots Within a Range.
Use the Years field to set the retention period to 25 years temporarily. This prevents retention processing.
Set Run Snapshot Retention on to Cloud.
Paste the API URL copied above in the URL field.
Note: The URL begins with
https://uaas.Click Save and wait for the UI to reflect the new cloud configuration for each of the enabled volume(s).
Revert each volume to its prior retention settings, referencing the screenshot you took in step 2.
If Snapshot Retention was not configured, click the Retain drop-down and select All Snapshots.
The Retention Provider column no longer shows Cloud for the volume(s) in scope.
1d. Enable Volumes and Define Inclusions/Exclusions
To enable volumes and define exclusions, follow these steps:
Navigate to the terminal window and press Enter to continue.
For each discovered volume, type “Y” to enable it for NDS.
(Optional) Provide paths prefixes that will be included or excluded from NDS. Wildcards are not supported. Excluded paths take precedent over included paths; if a path is present in both lists, then it will be excluded.
Provide a comma-separated list of absolute paths from the root to include. By default, everything is included.
For example:
/visible_dir1/,/visible_dir2/
Provide a comma-separated list of absolute paths from the root to exclude. By default, noting is excluded.
For example:
/.nasuni/,/excluded_dir1/,/excluded_dir2/subdir/.Consider excluding
/.nasuniwhich is a system directory.
1e. Save Configuration to Cosmos DB
To save the configuration to Cosmos DB, follow these steps:
Confirm that the script displays a JSON snippet and copies it to your clipboard. For example, this is what is copied from the screenshot below:
{
"id": "UAAS-STACK-CONFIG",
"nds": {
"blob_keys": [
"dQefmwQfGame66pUH8q33cjkIelgH0WhyMHa2LEliERyeaibQ+Msgw1lP4Djjr3TUqWHl0W9w==",
"o89XFVlkpT8ggB4W7GGA/qwFUsNnKtOZCVL8J70WKituOmdGfUCGzqiwd2xanwwCVZ1t+PFbvFw=="
],
"blob_endpoint_volumes": [
"9f58311a-3b21-4ae6-8bb6-600_0"
],
"blob_storage_endpoint_enabled": true,
"included_paths": {
"9f58311a-3b21-4ae6-8bb6-600_0": "/"
}
"excluded_paths": {
"9f58311a-3b21-4ae6-8bb6-600_0": "/.nasuni"
}
},
"type": "CONFIG"
}
The script attempts to open the Azure Cosmos DB in your web browser; if not, open the link manually.
In the Azure Cosmos DB, navigate to Data Explorer > ControlData > Items. Click New Item.
In the right pane, replace the template with the JSON. Ensure it starts and ends with the brackets { }, as shown in the screenshot below. Click Save.
Return to the terminal, enter
continue, and press Enter.
1f. Generate SAS Tokens & Connection Strings
To generate SAS tokens and connection strings, follow these steps:
(Optional) If you decide to generate SAS tokens, type Y. Otherwise, type N and continue to step 3.
Provide start and end dates for the SAS tokens. The tokens are only valid during this time period. You can accept the defaults by pressing Enter for each, or modify them according to the format shown.
There are two sets of keys, tokens, and connection strings, which provide the same results. Store this information securely. The keys and SAS tokens provide unrestricted read access to the Nasuni volumes (containers).
2. Update Deployment
When a new version of UaaS/NDS becomes available, use the NDS Setup script to update your existing deployment, preserving your configuration. Release notes can be found using the following link: UniFS™ as a Service (UaaS) Release Notes.
To check the version of your deployment, run the command in 6. Check Versions.
2a. Collect Inputs
Collect the following inputs:
Parameter | Description |
|---|---|
-ResourceGroupName | Existing Azure resource group for your UaaS/NDS instance |
2b. Run the Script
Run the following script in PowerShell:
./NDS-AZ-Setup.ps1 -Action Update-Deployment -ResourceGroupName <RG>
Use this script to accomplish the following:
Update the UaaS/NDS instance.
Progress appears in the terminal and can be monitored in the Azure Portal via the link provided.
.png)
3. Update Volumes (Add, Remove, Change Inclusions/Exclusions)
Use the script to modify the volumes enabled for NDS and update their included and excluded path configurations.
3a. Collect Inputs
Collect the following inputs:
Parameter | Description |
|---|---|
-ResourceGroupName | Existing Azure resource group for your UaaS/NDS instance |
3b. Run the Script
Run the following script in PowerShell:
./NDS-AZ-Setup.ps1 -Action Update-Volumes -ResourceGroupName <RG>
Use this script to accomplish the following:
Update the UaaS/NDS instance.
Progress appears in the terminal and can be monitored in the Azure Portal via the link provided.
3c. Register Volumes in the NMC
Follow Step 1c from New Deployment.
3d. Enable Volumes and Define Inclusions/Exclusions
Follow Step 1d from New Deployment.
3e. Save Configuration to Cosmos DB
Follow Step 1e from New Deployment.
3f. Generate SAS Tokens & Connection Strings
Follow Step 1f from New Deployment.
4. Update Keys
Use the script to manage previously generated access keys. This process allows you to rotate individual keys for enhanced security while maintaining access to NDS.
4a. Collect Inputs
Collect the following inputs:
Parameter | Description |
|---|---|
-ResourceGroupName | Existing Azure resource group for your UaaS/NDS instance |
4b. Run the Script
Run the following script in PowerShell:
./NDS-AZ-Setup.ps1 -Action Update-Key -ResourceGroupName <RG>
4c. Regenerate Keys
For each of the two keys, choose Y to regenerate or N to keep the existing value.
Note: If you answer Yes, the key regenerates with a new value, and any existing clients using the previous value need to be reconfigured in order to authenticate again.
Regenerating a key invalidates any SAS tokens that are signed by it.
4d. Save Configuration to Cosmos DB
Follow Step 1e from New Deployment.
4e. Generate SAS Tokens & Connection Strings
Follow Step 1f from New Deployment.
5. Get Connection Information
Use this action to retrieve all the information needed to connect applications or tools to your NDS Blob Storage endpoint. This includes:
Endpoint URLs.
Account names.
Access keys.
Connection strings.
SAS tokens (with the option to regenerate them).
Available containers (Nasuni Volumes).
5a. Collect Inputs
Collect the following inputs:
Parameter | Description |
|---|---|
-ResourceGroupName | Existing Azure resource group for your UaaS/NDS instance. |
5b. Run the Script
Run the following script in PowerShell:
./NDS-AZ-Setup.ps1 -Action Get-ConnectionInfo -ResourceGroupName <RG>
You are given the option to regenerate the SAS tokens. If desired, follow Step 1e from the New Deployment section.
The script displays the connection information.
Important: Store this information securely - the keys and SAS tokens provide unrestricted read access to the Nasuni volumes (Containers).
6. Check Versions
Use this action to retrieve the following information:
The version of the NDS Setup script.
Download the latest NDS Setup Script here: NDS-AZ-Setup.ps1.
The version of your UaaS/NDS instance.
The current available version of UaaS/NDS. For more information, see UniFS as a Service (UaaS) Release Notes for additional details.
If this is higher than the version of your instance, you can update it by running 2 - Update Deployment.
6a. Collect Inputs
Collect the following inputs:
Parameter | Description |
|---|---|
-ResourceGroupName | Existing Azure resource group for your UaaS/NDS instance |
6b. Run the Script
Run the following script in PowerShell:
./NDS-AZ-Setup.ps1 -Version -ResourceGroupName <RG>
7. Get Help
If you need help, run the following script in PowerShell: ./NDS-AZ-Setup.ps1 -Help