Deploying cloud edition Azure

• Subscription ID: Specify the subscription ID for the subscription used to store the resources of the cluster. Log in to the Azure portal. From the side panel, click Subscriptions. Copy the SUBSCRIPTION ID from the table. You obtain this value during the process of creating a service principal.
• Application ID: Specify the application ID assigned by Azure during the process of creating a service principal. For instructions, see Get application ID and authentication key in the Microsoft™ Azure documentation. You obtain this value during the process of creating a service principal.
• Application Key: Specify the application key generated by Azure during the service principal creation process that is used for authentication. For instructions, see Get application ID and authentication key in the Microsoft Azure documentation. You obtain this value during the process of creating a service principal.
• Tenant ID: Specify the unique Tenant ID assigned by Azure. For instructions, see Get tenant ID in the Microsoft Azure documentation. You obtain this value during the process of creating a service principal.

• Region: Select an Azure region from the drop-down list.
• Compute Resource Group: Select a compute resource group available in the drop-down list or create a new compute resource group in Azure.
• Storage Resource Group: Select a storage resource group available in the drop-down list or create a new storage resource group in Azure.
• Virtual Network: From the drop-down list, select a virtual network available in the selected region.
• Subnet: Select the subnet range within your selected virtual network.
• Security Group: Select a security group available in the drop-down list or create a new security group in Azure to filter traffic to and from resources.
  Note: If you create a new one, it automatically contains rules that open the ports that are needed for cross-node communication within the cluster. If you use an existing security group, ensure that the correct ports are open. If you use an existing security group, make sure it opens the ports described in Opening firewall ports for existing security group.
• Tags: Provide a tag value for this deployment.

• Cluster Name: Specify a name for the cluster. Only alphanumeric characters and hyphens are allowed. A hyphen cannot be the first or last character. Length cannot exceed 32 characters. No other characters are allowed.
• Node Size: Select the size for each node in the cluster:
  • Small: 2 TB HDD and 1.6 TB SSD per node.
  • Medium: 6 TB HDD and 1.6 TB SSD per node.
  • Large: 12 TB HDD and 1.6 TB SSD per node.
  • XLarge: 12 TB HDD, 2 TB SSD and up to 36 TB of Azure Hot Blob storage per node. The XLarge nodes are supported on cluster version 6.5.1 and later.

    Create a storage account and a storage container in the same Azure region as IBM® for Cloud. The storage account must be exclusive for IBM use.

    Note: To avoid egress charges while you transfer data between IBM and Azure storage, IBM recommends you to use Private Endpoints for Azure Storage. For more information, see Private Endpoints in the Microsoft Azure documentation.
• Number of Nodes: Specify how many nodes to add to the cluster. For a production cluster, at least 3 nodes are required. However, for test or demonstration purposes, you can select 1 or 2 nodes. The cluster does not allow node failures.
  If you select XLarge, the following properties must be configured for the storage account that will be used for cold data moved from the cluster. Data Management registers the account as an external target on the cluster and enable Cloud Tier for the Default Storage Domain.

  • Storage Container Name: The storage container name.
  • Storage Account Name: The storage account name.
  • Storage Access Key: - The access key for the Azure storage account.
• Fault Tolerance: Enable this option to tolerate the failure of a single node. This option is available only if the cluster has three or more nodes.
• DNS Servers: Specify the IP addresses of the Domain Name System (DNS) servers that the cluster should use. Separate multiple IPs with commas. Ensure the Active Directory DNS IP address (if applicable) is listed first. Verify that the NTP servers and other entities in the system can be resolved by the specified DNS server.
• NTP Servers: Specify NTP servers. IBM suggests that use the external Google Public Network Time Protocol (NTP) server and specify multiple servers (time1.google.com, time2.google.com, time3.google.com, time4.google.com). If using an internal NTP server, use only one server (and no external servers). Specify the IP address or the Fully Qualified Domain Name of the NTP servers. The cluster uses the specified NTP server to synchronize the time on all nodes in the cluster.
• Domain Names: Specify the fully qualified domain name for the cluster.
• Cluster Encryption: The cluster supports AES256 software encryption. If wanted, enable encryption to encrypt all the data that is to be stored on the cluster. After a cluster has been created, cluster-level encryption is not editable, however, you can enable encryption at the Storage Domain level. You can also enable encryption while creating a Storage Domain. After a Storage Domain has been created, Storage Domain-level encryption is not editable.

The process of deploying the cluster into the Azure account begins. A message indicates deployment initiation and the cluster name is displayed in the list of Cloud Edition.