Introduction

This Quick Start guide is designed to help you deploy the Lightbits managed application on Azure. More detailed options on how to install Lightbits can be found in the Lightbits on Azure Managed Application User Guide. For additional information about Azure managed applications, please see the Azure Managed Application Documentation.

The articles in this guide will help you deploy the Lightbits software-defined block storage managed application, including:

  • Preparing the environment
  • Locating the product in the Azure Marketplace
  • Deploying the application
  • Building volumes
  • Connecting volumes to application virtual machines.

Prerequisites

To build Lightbits in Azure, you will need the following prerequisites. These will help you effectively deploy and manage the cluster.

Azure Tenant Access for Managed Application

Due to a new feature from Azure, tenants now block the ability to use Azure Managed Applications by default. This can be changed by following the below steps. These steps are required to deploy the Lightbits managed application.

You must have tenant level access permissions to perform this action.
  1. Navigate to Microsoft Entra ID within Azure.
  2. Navigate to External Identities and then Cross-tenant Access Settings.
  3. Edit Tenant restrictions (preview) and the tab External applications. Change this value to Allow access:

Azure Subscription Permissions

You must have permissions to deploy the managed application. It is recommended to run with the following default roles on the Subscription.

  • Key Vault Administrator
  • Managed Application Contributor
  • Managed Identity Contributor
  • Network Contributor
  • Role-Based Access Control Administrator
  • Virtual Machine Contributor
  • Monitoring Contributor
  • Website Contributor
  • Web Plan Contributor
  • Storage Account Contributor

Please note that there are some default roles that include some of the above roles; for example, the Contributor role.

Resource Group

  • The Lightbits SDS for Azure is deployed inside a resource group as any other resource in Azure. It can be in an existing or a new Resource Group.
  • To create a Resource Group, see the Azure Resource Group Documentation.

vNet/Subnet

  • The Lightbits managed application can optionally create a vNet and all subnets for you. If you selected this option, you will not have to create a vNet before deployment.
  • You will need an Azure Virtual Network (vNet) and subnet to deploy the Lightbits resources into. This vNet and subnet must be accessible from the clients that will be connecting to the Lightbits cluster. The clients can be either in the same vNet or in a different vNet with vNet peering,
  • To create an Azure vNet and subnet, see the Azure vNet Documentation.

Azure Managed Identity

  • The managed application must make changes to the vNet and subnet that will be used for the Lightbits networking, including creating load balancers. To perform these actions, an Azure managed identity is required.
  • To create the managed identity, please navigate to the Create a User-Managed Identity section in the Azure User Guide.

Connectivity

The Lightbits managed application will create network security groups for the storage.

For more information about which ports will be used by the managed application, please refer to the Lightbits on Azure managed application Installation Preparation and Prerequisites section.

Quota

You will need enough quota to deploy the family of VMs that will be used as targets for the Lightbits cluster. To check quotas, see the Azure documentation on vCPU Quotas.

You should have available vCPU quota both on Total Regional vCPUs and on the specific VM Family Standard LSv3/LASv3 Family vCPU. Note that you need sufficient vCPUs based on the VM type multiplied by the number of VMs in the cluster.

KeyVault

Verify that you can deploy various resources required by the Lightbits cluster on Azure deployment, such as a KeyVault. The managed application will deploy a KeyVault containing secrets about the deployment:

  1. Go to the Azure portal and search for Subscription.
  2. Select the subscription that you are planning to deploy from.
  3. From the left menu, select Resource Provider.
  4. The filter for KeyVault should be marked as registered. If not, click Register before you deploy the Marketplace.

Terminology

  • Lsv3: Intel class of Azure Virtual Machines
  • Lasv3: AMD class of Azure Virtual Machines
  • lbcli: Lightbits command-line interface to interact with Lightbits storage on an admin level.
  • SDS: Lightbits Scale-Out Disaggregated Software-Defined Storage

Lightbits Managed Application Diagram for Azure

The following diagram illustrates the architecture of the Lightbits managed application and resources.
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Gathering Information About the Deployment Environment

© 2025 Lightbits Labs™

On This Page
IntroductionPrerequisitesAzure Tenant Access for Managed ApplicationAzure Subscription PermissionsTerminologyLightbits Managed Application Diagram for Azure