Set up your Google Cloud Platform networking so Cloud Volumes ONTAP systems can operate properly.
- Shared VPC
Cloud Manager and Cloud Volumes ONTAP are supported in a Google Cloud Platform shared VPC.
A shared VPC enables you to configure and centrally manage virtual networks across multiple projects. You can set up shared VPC networks in the host project and deploy the Cloud Manager and Cloud Volumes ONTAP virtual machine instances in a service project. Google Cloud documentation: Shared VPC overview.
The only requirement is to provide the following permissions to the Cloud Manager service account in the shared VPC host project:
Cloud Manager needs these permissions to query the firewalls, VPC, and subnets in the host project.
- Outbound internet access for Cloud Volumes ONTAP
Cloud Volumes ONTAP requires outbound internet access to send messages to NetApp AutoSupport, which proactively monitors the health of your storage.
Routing and firewall policies must allow HTTP/HTTPS traffic to the following endpoints so Cloud Volumes ONTAP can send AutoSupport messages:
- Firewall rules
You don’t need to create firewall rules because Cloud Manager does that for you. If you need to use your own, refer to GCP firewall rules.
- Connection from Cloud Volumes ONTAP to Google Cloud Storage for data tiering
If you want to tier cold data to a Google Cloud Storage bucket, the subnet in which Cloud Volumes ONTAP resides must be configured for Private Google Access. For instructions, refer to Google Cloud documentation: Configuring Private Google Access.
For additional steps required to set up data tiering in Cloud Manager, see Tiering cold data to low-cost object storage.
- Connections to ONTAP systems in other networks
To replicate data between a Cloud Volumes ONTAP system in GCP and ONTAP systems in other networks, you must have a VPN connection between the VPC and the other network—for example, your corporate network.
For instructions, refer to Google Cloud documentation: Cloud VPN overview.