NDS for Azure - Installation & Management

Overview

Nasuni Data Service (NDS) presents data stored on Nasuni volumes through an Azure Blob Storage–compatible interface. This guide explains how to:

• Deploy UniFS as a Service (UaaS) in Microsoft Azure. Note that NDS is a component of the UaaS platform.

• Enable and configure NDS for one or more volumes.

• Validate access and retrieve connection information.

• Update an existing deployment.

Audience and Scope

This document is intended for administrators who manage Nasuni environments and Azure resources. You should be comfortable with:

• The Nasuni Management Console (NMC).

• Azure Resource Manager concepts.

• PowerShell 7+.

Prerequisites

Nasuni

• UaaS serial number and authentication code.

  • Serial numbers & authentication codes are available in the Nasuni Portal.

  • NDS is available at no additional cost. Contact your Account Manager to request licensing for NDS.

• NMC version 25.1 or higher.

• Nasuni Edge Appliance (NEA) version 10.0 or higher.

• Azure object storage for the target volumes.

• The target volumes must be shared via the NMC.

Software

• PowerShell 7.0 or higher.

• Azure PowerShell module (Az) version 14.0.0 or higher.

Azure Subscription and Permissions

• An active Azure subscription.

• Owner (or equivalent) access at the scope of the resource group used for deployment.

• Connectivity between resources, reference NDS for Azure - Supported Parameters & Limits.

Download & Verify the NDS Setup Script

1. Download the latest NDS Setup Script here: NDS-Setup.ps1

2. In PowerShell, verify by printing the help text: ./NDS-Setup.ps1 -Help

The script creates and maintains each deployment’s state in a file named {ResourceGroupName}-state.json. Keep both the script and its JSON file(s) together for future updates.

Without the JSON file, future updates to the deployment are not possible.

1.  New Deployment

New Deployment Workflow Summary

1. Collect Inputs

2. Run the Script

3. Register Volumes in the NMC

4. Enable Volumes and Define Exclusions

5. Save Configuration to Cosmos DB

6. Generate SAS Tokens & Connection Strings

1a. Collect Inputs

1b. Run the Script

./NDS-Setup.ps1 -Action New-Deployment -ResourceGroupName <RG> -SerialNumber <SN> -AuthCode <AC> -Location <LOC>

Use this script to accomplish the following:

1. Create or reuse the resource group.

2. Deploy the UaaS ARM template.

3. Configure supporting NDS resources.

4. Prompt you to continue.

It takes approximately ten minutes for the initial deployment to complete. The script opens the deployment status in Azure for you to follow.

1c. Register Volumes in the NMC

Each volume presented via NDS must be registered by temporarily enabling cloud-based snapshot retention.

The script outputs an API URL (e.g., https://uaas-<uniquevalue>.azurecontainerapps.io).
Copy this URL for the next step.

1. After the script prompts you, log in to the NMC and navigate to Volumes > Snapshot Retention.

   Important: Record the current retention settings of your volumes (take a screenshot for reference). You temporarily modify the retention settings, and then revert them back as the last step in this process.

2. Select the target volume(s) and click Edit Volumes.

3. Toggle Update Retention Policy.

4. Set the Retain drop-down to Snapshots Within a Range.

5. Use the Years field to set the retention period to 25 years temporarily. This prevents retention processing.

6. Set Run Snapshot Retention on to Cloud.
   

7. Paste the API URL copied above in the URL field.

   Note: The URL begins with https://uaas.

8. Click Save and wait for the UI to reflect the new cloud configuration for each of the enabled volume(s).
   
   

9. Revert each volume to its prior retention settings, referencing the screenshot you took in step 2.

   If Snapshot Retention was not configured, click the Retain drop-down and select All Snapshots.
   The Retention Provider column no longer shows Cloud for the volume(s) in scope.

   

1d. Enable Volumes and Define Exclusions

1. Back in the terminal window, press Enter to continue. For each discovered volume, type Y to enable it for NDS.

2. (Optional) Provide a comma-separated list of absolute paths from the root to exclude. For example: /.nasuni,/dir1,/dir2/subdir. Wildcards are not supported.
   Consider excluding /.nasuni which is a system directory.
   

1e. Save Configuration to Cosmos DB

The script displays a JSON snippet and copies it to your clipboard. For example, from the screenshot below, this is what is copied:

{
  "id": "UAAS-STACK-CONFIG",
  "nds": {
    "blob_keys": [
      "dQefmwQfGame66pUH8q33cjkIelgH0WhyMHa2LEliERyeaibQ+Msgw1lP4Djjr3TUqWHl0W9w==",
      "o89XFVlkpT8ggB4W7GGA/qwFUsNnKtOZCVL8J70WKituOmdGfUCGzqiwd2xanwwCVZ1t+PFbvFw=="
    ],
    "blob_endpoint_volumes": [
      "9f58311a-3b21-4ae6-8bb6-600_0"
    ],
    "blob_storage_endpoint_enabled": true,
    "excluded_paths": {
      "9f58311a-3b21-4ae6-8bb6-600_0": "/.nasuni"
    }
  },
  "type": "CONFIG"
}

The script attempts to open the Azure Cosmos DB in your web browser; if not, open the link manually.

1. In the Azure Cosmos DB, navigate to Data Explorer > ControlData > Items. Click New Item.
   

2. In the right pane, replace the template with the JSON. Ensure it starts and ends with the brackets { }, as shown in the screenshot below. Click Save.
   

3. Return to the terminal, enter continue , and press Enter.

1f. Generate SAS Tokens & Connection Strings

1. You are given the option to generate SAS tokens. Type Y to generate SAS tokens. Otherwise, type N and continue to step 3.
   

2. Provide start and end dates for the SAS tokens. The tokens are only valid during this time period. You might accept the defaults by pressing Enter for each, or modify them according to the format shown.
   

3. There are two sets of keys, tokens, and connection strings, which provide the same results. Store this information securely. The keys and SAS tokens provide unrestricted read access to the Nasuni volumes (containers).
   

2. Update Deployment

When a new version of UaaS/NDS is available, use the NDS Setup script to update your existing deployment while preserving your configuration. Release notes can be found using the following link: UniFS™ as a Service (UaaS) Release Notes

To check the version of your deployment, run the command in 6. Check Versions.

2a. Collect Inputs

2b. Run the Script

./NDS-Setup.ps1 -Action Update-Deployment -ResourceGroupName <RG>

Use this script to accomplish the following:

1. Update the UaaS/NDS instance.

2. Progress appears in the terminal and can be monitored in the Azure Portal via the link provided.

3. Update Volumes (Add, Remove, Change Exclusions)

Use the script to modify the volumes that are enabled for NDS, and update their excluded path configurations.

3a. Collect Inputs

3b. Run the Script

./NDS-Setup.ps1 -Action Update-Volumes -ResourceGroupName <RG>

Use this script to accomplish the following:

1. Update the UaaS/NDS instance.

2. Progress appears in the terminal and can be monitored in the Azure Portal via the link provided.

3c. Register Volumes in the NMC

Follow Step 1c from New Deployment.

3d. Enable Volumes and Define Exclusions

Follow Step 1d from New Deployment.

3e. Save Configuration to Cosmos DB

Follow Step 1e from New Deployment.

3f. Generate SAS Tokens & Connection Strings

Follow Step 1f from New Deployment.

4. Update Keys

Use the script to manage previously generated access keys. This process allows you to rotate individual keys for enhanced security while maintaining access to NDS.

4a. Collect Inputs

4b. Run the Script

./NDS-Setup.ps1 -Action Update-Key -ResourceGroupName <RG>

4c. Regenerate Keys

For each of the two keys, choose Y to regenerate or N to keep the existing value.

Note: If you answer Yes, the key regenerates with a new value, and any existing clients using the previous value need to be reconfigured in order to authenticate again.
Regenerating a key invalidates any SAS tokens that are signed by it.

4d. Save Configuration to Cosmos DB

Follow Step 1e from New Deployment.

4e. Generate SAS Tokens & Connection Strings

Follow Step 1f from New Deployment.

5. Get Connection Information

Use this action to retrieve all the information needed to connect applications or tools to your NDS Blob Storage endpoint. This includes:

• Endpoint URLs.

• Account names.

• Access keys.

• Connection strings.

• SAS tokens (with the option to regenerate them).

• Available containers (Nasuni Volumes).

5a. Collect Inputs

5b. Run the Script

./NDS-Setup.ps1 -Action Get-ConnectionInfo -ResourceGroupName <RG>

You are given the option to regenerate the SAS tokens. If desired, follow Step 1e from New Deployment.

The script displays the connection information.

Store this information securely - the keys and SAS tokens provide unrestricted read access to the Nasuni volumes (Containers).

6. Check Versions

Use this action to retrieve the following information:

• The version of the NDS Setup script.

  • Download the latest NDS Setup Script here: NDS-Setup.ps1.

• The version of your UaaS/NDS instance.

• The current available version of UaaS/NDS. See UniFS as a Service (UaaS) Release Notes for additional details.
  If this is higher than the version of your instance, you can update it by running 2 - Update Deployment.

6a. Collect Inputs

6b. Run the Script

./NDS-Setup.ps1 -Version -ResourceGroupName <RG>

7. Get Help

Prints full command‑line help.

7a. Run the Script

./NDS-Setup.ps1 -Help