Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Dell APEX Navigator for Multicloud Storage Using Your Service

PDF

Dell APEX Block Storage for AWS

Use the following procedure to deploy Dell APEX Block Storage for AWS.

Steps

Select storage product and cloud

  1. From the Dell Premier home page, select Discover and Deploy > Available Services.
  2. In the APEX Storage for Public Cloud tile, click Configure.
  3. Select APEX Block Storage for AWS.
  4. Enter the following information as you go through the deployment wizard:
    Table 1. Select storage product and cloudEnter values for the following fields.
    Field or Action Enter
    Product Version (Recommended) Select the latest version of Dell APEX Block Storage for AWS.
    AWS Region Select the AWS region. You can select only one region.
    Grant cloud access

    Enter the following information as you go through the deployment wizard:

    Table 2. Grant cloud accessEnter values for the following fields.
    Field or Action Enter
    Connect your AWS account You can choose to connect to an existing or a new AWS account.
    • For an existing AWS account, select a previously entered AWS account ID.
    • For a new AWS account, enter your AWS account ID.
    This ID is required to generate a custom trust policy and create an AWS role. For more information about AWS account ID, see Viewing account identifiers and Finding your AWS account ID in AWS Account Management Reference Guide.
    Copy your permission policy The permission policy grants levels of access for managing and deploying storage resources in the AWS account. You must copy your permissions policy and create a policy in your AWS account which is attached to the AWS role that is granted to Dell APEX Navigator. For more information, see "Understanding permissions granted by a policy" in AWS documentation.
    Copy your trust policy The trust policy grants the trust to an AWS principal for Dell APEX Block Storage for AWS. The AWS principal is an AWS Identity and Access Management (IAM) user who is allowed to manage and deploy resources. Dell APEX Navigator generates a unique external ID for each AWS account that is to be trusted to Dell APEX Navigator. Use this policy as the custom trust policy when you create an AWS role that is used to grant access to Dell APEX Navigator. For more information about a trust policy, see "Roles terms and concepts - AWS Identity and Access Management" in AWS documentation.
    AWS Role ARN The ARN includes the AWS Account ID and other information that uniquely identifies the AWS resources. Once the role is created using the permission policy and trust policy, you must copy the AWS role ARN from AWS and provide the ARN to Dell APEX Navigator. Your AWS account is now connected to Dell APEX Navigator.
    Verify your EBS encryption status Click Verify to check the status of elastic block storage (EBS) encryption on your AWS account. Once verified, select how the EBS default encryption key is managed: Managed by AWS or Customer-managed.
    • If the EBS default encryption key is Managed by AWS, click Continue and continue to the following section: Select deployment configuration.
    • If the EBS default encryption key is Customer-managed: Review and, if needed, update your key policy in AWS to ensure that the Dell APEX Navigator role has the required permissions to access the key for a successful deployment. Be sure to replace the placeholder text for <account-id> and <APEXNavigator-role-name-with-path> with your own inputs. Select where your key comes from: From the same AWS account as you are deploying to or From a different AWS account.
    • If selecting From the same AWS account: Click Continue and continue to the following section: Select deployment configuration.
    • If selecting From a different AWS account: Select Copy Policy, update the values for <region>, <account-id>, and <key-id>, paste the resulting JSON into AWS as a policy, and attach it to the role Dell APEX Navigator will use to manage the deployed system. Then click Continue.
    Select deployment configuration

    Enter the following information as you go through the deployment wizard:

    Table 3. Select deployment configurationEnter values for the following fields.
    Field or Action Enter
    Deployment name Provide a name for the deployment. Use a naming convention that lets you identify the deployment as Dell APEX Block Storage for AWS. Use the following guidelines for the deployment name:
    • Minimum characters: One and Maximum characters: 31
    • Non-ASCII, Unicode characters, and spaces are not allowed.
    • Hyphens and underscores are allowed.
    • Special characters ((*&^%$#@!)) are allowed.
    • The deployment name does not have to be unique. Duplicate names are allowed.
    Storage performance Select the storage performance that you need for your deployment. If you select Performance optimized, Dell Technologies recommends backing up your storage.
    Minimum usable capacity Enter the minimum amount of storage that you need for your deployment.
    Minimum IOPS Enter the minimum IOPS needed for your deployment.
    Availability level Select single or multiple availability zones. Selecting multiple availability zones may incur more charges from AWS. If you select Performance optimized storage option, by default, Multiple availability zones option is selected for you.
    NOTE:If you choose Balanced storage option, you can deploy Dell APEX Block Storage for AWS only in a single availability zone.
    Virtual Private Cloud (VPC) You must select an existing VPC or create a VPC that forms a connection with your on-premises network. This connection helps you to launch the PowerFlex Manager after you have deployed Dell APEX Block Storage for AWS.
    NOTE:Ensure that you enable DNS resolution and DNS hostnames attributes in the AWS console to a VPC. See DNS attributes in your VPC in Amazon Virtual Private Cloud User Guide for more information.
    • Select an existing VPC: This option lets you deploy Dell APEX Block Storage in an existing VPC in your AWS account.
      • Select an existing VPC name: You must select an existing VPC with a subnet whose IPs are routable from the network you intend to access PowerFlex Manager.
      • External Subnet: Select a routable subnet from your VPC. A routable subnet ensures that the IP addresses assigned to the resources within that subnet are accessed from your company's network. Dell uses the routable subnet to deploy PowerFlex Manager. Choosing routable IP ranges establishes the connection with resources in other networks or VPCs. The routable subnet must have at least eight free IPs. If you choose a multi-availability zone option, provide three different routable subnets for the different availability zones.
      • Internal subnet: Select an internal subnet from your VPC. The number of required IPs for storage nodes of Powerflex is calculated based on the configuration selected for Powerflex. Dell uses the provided subnet for inter-node communications within the cluster.
      • Secure Connect Gateway subnet:
        NOTE:Before you select a SCG subnet, ensure that you set up an Internet gateway in the VPC to enable communication between SCG and Dell APEX Navigator, and add the route in the route table of SCG subnet. See Configure network settings for the Secure Connect Gateway to set up SCG subnet.
        Select a subnet that can be used to establish secure connections to the cluster. If a Secure Connect Gateway (SCG) exists in the VPC, then the subnet that is associated with the SCG instance will be preselected as the SCG subnet. The subnet must have at least 1 free IP, a route table, and a route to the Internet gateway for outbound Internet traffic.
    • Create a new VPC: With this option, Dell creates a VPC in your AWS account and uses it to deploy Dell APEX Block Storage for AWS.
      • VPC name: Provide a name for the VPC that you want to create.
      • External subnet IP address : Provide a range of IP addresses, or CIDR block, that are routable from your company's network. Dell associates the routable IP range as a secondary CIDR block to the newly created VPC, creates a subnet and a load balancer. This load balancer routes the traffic to the Powerflex Element Manager. AWS may apply IP range restriction. For more information, see VPC CIDR blocks topic in Amazon Virtual Private Cloud User Guide.
        NOTE:Ensure that the External subnet IP address range that you provide is not on the list of secondary CIDR block association restrictions in AWS.
      • IP range for internal and SCG subnets: Dell uses the provided IP range as primary CIDR block during VPC creation and to create subnets for the storage system and SCG.
      Table 4. IP range of external, internal and SCG subnetsIP range example
      Deployment options Maps to AWS VPC IP addresses Example Valid/Invalid
      IP range for internal and SCG subnets Primary IPv4 CIDR block 172.31.0.0/27 Valid
      External subnet IP address Secondary IPv4 CIDR block 172.32.0.0/27 Valid as this range is not in the restricted associated range of 172.31.0.0/16
      External subnet IP address Secondary IPv4 CIDR block 172.31.0.32/27 Invalid. Although this range does not overlap with the Primary VPC CIDR block (172.31.0.0/27), it is invalid as it is in the restricted associated range of 172.31.0.0/16
    Key pair Provide a name for the key pair that is used to connect to PowerFlex nodes through SSH. During deployment, Dell APEX Navigator creates the key pair using the name that you enter in this field.

    Use the following guidelines for your key pair name:

    • Only letters, numbers, hyphens, and underscores are allowed.
    • Non-ASCII and Unicode characters are not allowed.
    • Minimum characters: One and Maximum characters: 31
    • The key pair name must be unique. Provide a name that does not exist in your AWS account.
    Once the deployment is complete, the key pair is stored in AWS Secrets Manager with the same name for you to retrieve.

Review and deploy

  1. On the Review deployment page, review the infrastructure—instance types and instance count—that is provisioned as part of deployment. Ensure that sufficient AWS infrastructure, and networking quotas are available in your account for the specific region.
  2. To make any changes, click the pencil to edit your selections.
  3. Assess the AWS charges that you may incur for this deployment.
  4. Read and acknowledge the statements regarding the evaluation period, AWS infrastructure costs, and legal terms.
  5. Click Deploy. A message indicates that the deployment has started. This action takes several hours to complete. You can monitor the progress under the Jobs menu.
    To learn about the resources created with the deployment, reference this documentation.

Next steps

  • If you have not already, switch to an ITOps role to manage IT operations. See "Switch access roles in Dell Premier" in this document for more information.
  • To access Dell APEX Block Storage for AWS for I/O operations, you must install the PowerFlex Storage Data Client (SDC) device driver. See "Setting up Application Hosts to Access Dell APEX Block Storage for AWS" in the appendix of this document.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\