Tech ONTAP Blogs

Adopting BlueXP workload factory for AWS: Baby steps from zero trust to operational excellence

Nimrode_Borovsky
NetApp
43 Views

Adopting BlueXP workload factory for AWS: Baby steps from zero trust to operational excellence

 

BlueXP™ workload factory for AWS manages your workloads and leverages industry best practices to optimize and automate workload deployments on Amazon FSx for NetApp ONTAP (FSx for ONTAP). It methodically assesses your workload demands and evaluates resource alternatives for optimal cost and performance alignment. Using workload factory you can apply industry best practices to plan, provision, and implement workloads on AWS.

 

Workload factory lets you efficiently manage dynamically scaling AWS resources. By auto-generating infrastructure-as-code (IaC) templates, it provides operational excellence, repeatability, and seamless integration with existing workflows while continuously safeguarding your workloads’ data. Along with NetApp® BlueXP and AWS-native services, workload factory helps you leverage ONTAP® capabilities for extensive data protection on AWS.

 

This post will guide you through the recommended gradual steps for adopting workload factory.

 

Workload factory operational modes

Workload factory provides three different operational modes that enable you to carefully control access to your cloud estate and assign incremental trust to workload factory based on your IT policies.

 

  • Basic mode represents a zero-trust relationship and is designed for early exploration of workload factory and usage of the various wizards to create the needed Infrastructure as Code. This code can be copied and used manually along with the relevant AWS credentials.
  • Read mode enhances the experience of Basic mode by assisting you in detecting various resources and tools, and consequently, helping to complete relevant wizards.
  • Automate mode represents a full-trust relationship and is designed to execute and automate on your behalf along with the assigned credentials that have the needed and validated permissions for execution.

 

It’s important to remember that workload factory supports a hybrid experience. That means all of its functionality exists within the NetApp BlueXP console, and it’s available free of charge for all customers with an active BlueXP account.

 

In addition, workload factory supports a dedicated experience, also free of charge, that doesn’t require the customers to use the BlueXP console.

 

Workload factory has received an AWS Well-Architected Review approval and has attained SOC 2 type 1 certification.  Read the SOC report here.

 

The baby-steps approach to getting started with workload factory

NetApp recommends that you follow these steps in adopting workload factory:

 

Explore

The recommended entry point for exploring the capabilities of workload factory without assigning any credentials, or establishing any connectivity to the AWS storage estate, is by signing up to the dedicated workload factory experience at console.workloads.netapp.com. Note, that if you already have BlueXP credentials, you can sign the using those.

 

Even without any credentials, workload factory can help you make informed decisions about your storage estate with built-in cost calculators, migration advisors, and templatize complex processes into repeatable infrastructure-as-code (IaC) templates. These all combine to reduce planning time and operational efforts.

 

Attach

Once you have explored the fundamentals of workload factory, it is recommended to attach it to the AWS account. This account will serve as the landing zone and allow you to start using read mode for discovering the storage estate.

 

In this phase, you can start detecting real-life cost savings opportunities and building IaC templates that are fine-tuned to your AWS Regions and VPC, all while adhering to industry and NetApp best practices.

 

A good landing zone typically is a lab or non-production account, or an account that doesn’t run business critical workloads.

 

Expand

Once you have attached workload factory to a landing zone AWS account, you can easily increase the scope by adding credentials (typically read only). This will give wider visibility across additional AWS accounts or Regions and explore additional workloads that are supported in workload factory, such as database, generative AI, or VMware.

 

By taking this approach, you can gradually move beyond the landing zone, until you are able to achieve a “storage estate” view. This allows you to get relevant recommendations for best-practice optimizations, cost improvements, protection enhancements, and more. A set of dashboards is available that enable you to get a quick top-down view of your storage estate and be able to add a daily or weekly routine to your operations runbook and answer the fundamental question: “Is everything running optimally in my storage estate?”

 

It’s important to remember that different workloads or parts of the estate can be handled with separate credentials sets and different scopes. Further, any credential set that is assigned to workload factory can be easily revoked.

 

Operate

While Amazon CloudWatch is a powerful and AWS-native monitoring service, customers often seek streamlined workflows that allow them to detect and correct, rather than just observing or getting notified of issues. Workload factory helps solve that with its unique ability to monitor the storage estate and provide operational recommendations, all within a specific workload context. It further enables you to implement the necessary changes in accordance with vendor best practices by using additional credentials that allow workload factory to provision or modify resources with the AWS account.

 

Conclusion

Workload factory makes operating and optimizing FSx for ONTAP easier than ever. With the gradual steps to exploring how it works shown in this post, you now have a better idea of how to get started.

 

Ready to take the first step? Learn more about BlueXP workload factory here or get started now.

Public