Azure DevOps – Azure NetApp Files (Part 1, Azure CLI)

For the next post in this series around using Azure DevOps and WVD, I wanted to focus on Azure NetApp Files. Azure NetApp Files (ANF) is often used for hosting both application and profile data, and in particular is used when rapid access and high IO throughput are required. This is often the case with User Profiles in a VDI environment.  As part of my series on setting up the required components to support Windows Virtual Desktop, within Azure DevOps, this post will go through the setup and configuration of Azure NetApp Files in a DevOps pipeline.

Within this article, I will cover the Azure CLI deployment method. Part 2 (coming soon!) will cover deployment with Terraform.

Note: within this post, I am using Key Vault secrets pulled using the method from my previous post around Domain Controller creation. This allows me to have the required password (to setup the Azure NetApp Files Active Directory connection) saved within my Release Pipeline. This is done by using the Key Vault secret extracted by an earlier step in the Pipeline. This makes the setup of ANF really simple – as I can just refer to the username/password as variables!

Azure CLI Task

Setting up Azure NetApp Files within the CLI is really easy – and takes just 5 CLI steps!

  1. Creation of a Resource Group to host the Azure NetApp Files Account
  2. Creation of an Azure NetApp Files Account
  3. Creation of an Azure NetApp Files Capacity Pool
  4. Creation of the Active Directory Connection
  5. Creation of the Azure NetApp Files Volume

In Step 4 – note the use of $(vmpassword). This makes use of the Password from the Key Vault in my previous post around Domain Controller promotion (so ANF can be created on the fly using a Key Vault value for the account username/password as required). The Domain Values (OU, Domain Name, DNS IP, VNET, Subnet etc.) will also need to be customised to meet your requirements. If required you could use Azure DevOps Pipeline Variables here too.

call az group create -l uksouth -n rg-uks-anf1

call az netappfiles account create -g rg-uks-anf1 --name region1-anf -l uksouth

call az netappfiles pool create -g rg-uks-anf1 --account-name region1-anf --name pool1 -l uksouth --size 4 --service-level standard

call az netappfiles account ad add -g rg-uks-anf1 --name region1-anf --username labadmin --password $(vmpassword) --smb-server-name region1-dc01-vm --dns --domain ad.lab --smb-server-name ANF --organizational-unit "ou=ANF,ou=Lab"

call az netappfiles volume create -g rg-uks-anf1 --account-name region1-anf --pool-name pool1 --name profiles -l uksouth --service-level standard --usage-threshold 4096 --file-path "profiles" --vnet region1-vnet1-spoke1 --subnet region1-vnet2-snet-anf1 --protocol-types CIFS

If you need to delegate a subnet as part of the setup – the Azure CLI for this is here. My Subnet is already delegated thanks to an earlier task in the Pipeline.

Within our Pipeline, we just need to run these CLI commands as an Azure CLI task:

We now have a task that sets up an Azure NetApp Files Account, Capacity Pool, Active Directory Connection, and Volume! 

Just as a reminder – if you need to pull the account username or password from Azure Key Vault, add this as an earlier task in the Pipeline:

You will then need to add a Pipeline Variable:

This variable can then be referenced, as I have done in the CLI posted above, by using $(vmpassword). This is useful for dynamic environments like Labs or Demos which are stood up/down as required.


I hope this has been helpful – in the next post in this series I will look at the Terraform setup of Azure NetApp Files within a DevOps Pipeline.