NetApp ONTAP Cloud in AWS – Full Deployment Guide
Welcome to my quick guide on deploying NetApp’s ONTAP Cloud into AWS (Amazon Web Services).
If you’re unfamiliar with the product, ONTAP Cloud is NetApp’s ONTAP software, as see on FAS and AFF equipment for many years, now available in AWS and Azure. By running ONTAP Cloud you can gain the same efficiencies and software features available on a traditional hardware platform in your cloud infrastructure. There are many benefits of presenting storage via ONTAP Cloud, such as using its deduplication abilities to lower costs and SnapMirror to easily replicate data between hyperscalers.
Every ONTAP Cloud deployment starts with OnCommand Cloud Manager. OnCommand Cloud Manager is a bit of software that allows you to deploy and manage ONTAP Cloud instances. OnCommand Cloud Manager can be installed local to your site, or up in the cloud along side your ONTAP Cloud instances. Typically it’s best to run it in the cloud along side your ONTAP Cloud instances so that a network disconnect to your data center or other cloud environment does not impact management capabilities.
For Azure deployments of ONTAP Cloud the roadmap is quite simple…
- Verity AWS environment
- Deploy OnCommand Cloud Manager
- Deploy ONTAP Cloud
Note that this article is for reference only, as procedures and best practices are subject to change. Always consult with NetApp or NetApp partner for the most up to do date info. Best practices for cloud and application security should always be considered in addition to the steps within. That’s a very important aspect that I’m not fully covering here.
This document is currently in version 0.1, last update Sept 14th, 2017.
Before starting I recommend watching this video from NetApp which runs through the deployment process. It’s pretty quick, does a great job at summarizing the process, but leaves out some of the important steps covered in this guide.
As of this revision, there are some limitations for ONTAP Cloud deployments. Be sure to consult the latest release notes for finer details.
ONTAP Cloud 9.2 For AWS
- 368 TB max raw capacity, 360 TB for nodes in a HA pair (dependent on instance & license)
- Maximum of 46 aggregates per system 18 aggregates for nodes in a HA pair, 96 TB max aggregate size, maximum usable of a 96 TB aggregate is 85.05 TB
- Up to 2 billion files per voume
- 500 FlexVol volumes per node, 76.55 TB of fully provisioned capacity
- 255 snapshot copies per FlexVol
- High availability environments supported across Availability Zones
- ONTAP Cloud managed encryption is supported is supported (however encryption is not supported on m3 instances)
Step 1 – Prep Your AWS Environment
Before installation can begin you need to ensure your AWS infrastructure is ready for deployment. Here are some of the basics,
- Ensure your Azure environment meets security best practices. Secure your cloud!
- OnCommand Cloud Manager and ONTAP Cloud systems must reside in a VPC where at least one subnet has outbound internet access. ONTAP Cloud instances can reside on a private subnet leveraging a NAT for internet access.
- If deployment OnCommand Cloud Manager and ONTAP Cloud in different subnets/networks, those networks must be able to communicate (they need to be able to talk to each other).
- Configure VPN connections for any communication between external ONTAP Cloud connections (e.g. from local ONTAP environments, or to other ONTAP Cloud environments).
- To keep costs down, ensure any ONTAP Cloud instance resides in a VPC with an endpoint to S3
Before getting started I highly recommend you read the following documents from NetApp. For the purpose of this guide I assume that your AWS foundation is solid as just jumping right in can lead to all kinds of issues later on.
- AWS Networking Requirements
- AWS Networking Requirements for ONTAP Cloud HA in multiple AZs
- Sample VPC Configurations
- Setting up AWS billing and cost management for Cloud Manager
If you’re planning to implement encryption please read the following…
- Ways to encrypt ONTAP Cloud data in AWS
- Key Manager requirements for ONTAP Cloud encryption
- AWS Key Management Service Requirements
Step 1.1 – Download/copy the latest Cloud Manager IAM policy and create one for use in your AWS environment. In IAM go to policies and create your own. Enter in a name, description, and the JSON formated policy.
Step 1.2 – Once the policy has been created you need to create a roll, type “Amazon EC2,” and attach the policy. At the end of the wizard you’ll want to give it a descriptive name and description.
Yeah, the prep was that easy.
Step 2 – Install OnCommand Cloud Manager
Once you’ve got AWS all set, it’s time to install OnCommand Cloud Manager.
Step 2.1 – Head on over to the AWS Marketplace and search for NetApp Cloud Manager. The results are pretty crowded but you want to find OnCommand Cloud Manager (for ONTAP Cloud). Click continue in the listing and head into the Manual Launch wizard.
Step 2.2 – To start working through the Manual Launch wizard first select Accept Software Terms on the right side. Once that’s complete you’ll end back on the launch screen and your region based launch buttons will now be enabled. Select the Launch with EC2 Console button next to the region you would like to deploy into to continue.
Step 2.3 – Time to walk through the EC2 Launch Wizard. As you make your way through configure the following…
- Instance Type
- Typically t2.medium and m3.large are available, I’m not aware of any performance requirements for OnCommand Cloud Manager so the cheaper t2.medium instance is the way to go.
- Configure Instance
- Choose your network
- Choose the IAM role you created previously
- Add Stroage
- Nothing to configure here
- Add Tags
- Add tags if you’re using them
- Configure Security Group
- Create a new group making sure you have 0.0.0.0/0 rules for SSH, HTTP, and HTTPS. Mine auto populated.
When things are all set it’s time to click Review and Launch. Select an existing key, or create a new one and save, before finishing completely.
In about 5 minutes your instance will be good to go once the Instance State is running and the Status Checks are 2/2. Grab the public IP for the instance and proceed to the next step.
Step 2.4 – Setup OnCommand Cloud Manager
With the the instance IP’s public IP in hand, enter it into a browser and select Storage System View to configure OnCommand Cloud Manager.
Waling through the wizard, start with Set up new Cloud Manager.
- Enter Site and Company Information
- Create a new admin user for cloud manager
- Confirm that Cloud Manager uses the proper IAM role
- Configure an AWS Cost S3 Bucket
- This is an optional step that will allow you to see the AWS cost data of AWS payer accounts, where Cloud Manager saves cost data to an S3 bucket for reference. Click here for more information.
- Tenant Informaton
- NetApp Support Site credentials (optional, but you’ll need this for licensing and support services)
- Automatically Upgrade (Recommended)
- That you’ve read and approve the user agreement
- Capacity Management (this can be changed at any time)
- Automatic manages storage for ONTAP Cloud (purchasing more storage, deleting unused disks, and moving volumes between disks)
- Manual requires user access before any of the prior actions can take place
In about 5 minutes the configuration will finalize and you’ll be all set to start deploying ONTAP Cloud instances.
Take some time to get to know the GUI. Note the cool chat in the lower right hand corner that should pop up with the latest updates each time you log in. You can actually use that to chat and ask questions if any should arise. It’s 24/7, but the team is dispersed and you may not get a prompt response on evenings and weekends.
Working environments consist of one or more ONTAP Cloud instances and can even expand to local ONTAP environments.
Tenants, like the one you created earlier, are used to isolate working environments. Users can be created under each tenant to isolate access, allowing different groups to provision and manage their own ONTAP environments. You can read more about tenants here.
The timeline is basically a log of all events within the system.
Step 3 – Deploy ONTAP Cloud Working Environments
As with most things, before we can deploy ONTAP Cloud, there are some preliminary work and considerations to consider.