The Pure Storage Zero Touch Provisioner
Building the Zero Touch Provisioner Tool for Pure Storage
In March of 2020, the US economy basically shut down. The CDC recommend a shelter in place and the country listened.
Corporations, education systems, government agencies, and everything in-between sent their employees home and scrambled to figure out now to enable virtual work on the fly. The running joke is that it took a pandemic to facilitate digital transformation.
Regardless, this is a unique time for our business. Pure successfully positioned itself as a well oiled machine as we had customer after customer come to us (sometimes even after going to our competitors first) to help them scale out their virtual desktop capabilities as well as several other systems that play a part in supporting a virtual workforce. Pure was able to deliver hardware within days! So word traveled fast as customers were given long lead times by our incumbent competitors that Pure has a solid US supply chain intact.
Here is where the problem presents itself. Pure is shipping FlashArray’s and FlashBlade’s but many of our customers are only allowing essential staff on premises. The question was asked: how can we make deploying these arrays easier for our customers?
Shortly after the shelter in place, Pure Storage announced an internal “hackathon” that read:
“Specifically, the aim of this is to create a simple application to leverage the Zero Touch Provisioning features now available in FlashArray and FlashBlade.
This can be command line or GUI, Linux or Windows, written in whatever language you like — the world is your oyster…”
Now if you didn’t know, Pure added a new capability called Zero Touch Provisioning that essentially opens up a temporary set of RESTful API’s that enable the core setup and initialization of our block and file products. Now this is cool and all, but the end user would need to basically build their own script or application to interact with these API’s hence defeating the core value of simplicity. Ultimately, building this front end tool was the goal of the hack-a-thon.
As it happens, yours truly ended up winning said hack-o-thon with a pretty cool GoLang app and I wanted to take a few minutes to explain what it does, how I built it and how you can access it if you so desire.
Chicken or Egg
As I started thinking about this I realized a few obstacles in front of building this tool.
- My first obstacle was that I’ve never deployed a FA or FB before.
- Second, there wasn’t an existing way for me to test my code since I didn’t have a FlashArray or FlashBlade at my disposal to boot into ZTP mode.
- Third, I’ve never deployed a FA or FB before.
As I pondered this perplexing predicament of programmatic prevention it occurred to me that I should just build a ZTP RESTful API simulator. What a perfect fit for Azure Functions.
Azure Functions are a serverless compute service that enables event-triggered code to run without explicitly provisioning the underlying framework, runtime or infrastructure. Azure Functions supports several types of event triggers but for this simulator I went with an HTTP trigger to simulate hitting an array API. Check out my post on building this API Simulator.
The ZTP Tool
The Zero Touch Provisioner tool is a GUI console application that runs on Windows, Mac, or Linux. You can download the executable binary here.
When you launch the tool you’ll notice two tabs. One is for a Pure Storage FlashArray initialization and the second is for a Pure Storage FlashBlade initialization.
The ZTP FlashArray tab is comprised of 3 columns. Column 1 is the general configurations sections, Column 2 is the IP Addressing section and Column 3 is the Action and Output section.
To begin you will enter the Temp DHCP IP of FlashArray in the “DHCP IP of Array” field in column 3. You can then Query the Array to make sure you have connectivity.
Next you will fill out the remainder of the fileds in Column 1 and Column 2 according to the specifics of the Array and environment.
When ready to initialize, press the Initialize Array button in Column 3 and view the results in the output window below.
Select the ZTP FlashBlade Tab.
The ZTP FlashBlade tab is comprised of 3 columns as well. Column 1 provides the 9 Steps necessary to configure a FlashBlade in order of operation. Each step contains a button that will display the relevant form and controls for the associated step. Column 2 is the Form fields and controls to query and apply required configurations relevant to each of the 9 steps. Column 3 provides the output of each action.
In order to authenticate to a FlashBlade using the ZTP tool, you will need the DHCP IP of the FlashBlade.
To begin you will can either query the FlashBlade to obtain the API versions and auto generate the API url for the “Array API URL” field or you can manually enter the API url in the “Array API URL” field. If you manually enter the API URL you must include the version and have the format as http or https://<fqdn or ip of array>/api/<api version>
When you have the API url in place, clicking the “Create Session” button should result in the API URL and x-auth-token labels in column 3 displaying the resulting values. If you do not see a value listed in the x-auth-token label field then the session was not created.
When the above is successful you are ready to move to Step 2 — Step 9 in succession.
The last step is to validate and finalize the initialization.