Launching Cloud Volumes ONTAP in AWS Edit on GitHub Request doc changes

Contributors netapp-bcammett

You can launch Cloud Volumes ONTAP in a single-system configuration or as an HA pair in AWS.

Subscribing from the AWS Marketplace

Subscribe from the AWS Marketplace to ensure that there’s no disruption of service after your free trial of Cloud Volumes ONTAP ends. You’ll be charged from this subscription for every Cloud Volumes ONTAP 9.6 PAYGO system that you create and each add-on feature that you enable.

The following video shows the subscription process:

If you’re launching Cloud Volumes ONTAP by bringing your own license (BYOL), then you’ll need to subscribe to that offering in the AWS Marketplace.

Launching a single Cloud Volumes ONTAP system in AWS

If you want to launch Cloud Volumes ONTAP in AWS, you need to create a new working environment in Cloud Manager.

Before you begin
About this task

Immediately after you create the working environment, Cloud Manager launches a test instance in the specified VPC to verify connectivity. If successful, Cloud Manager immediately terminates the instance and then starts deploying the Cloud Volumes ONTAP system. If Cloud Manager cannot verify connectivity, creation of the working environment fails. The test instance is either a t2.nano (for default VPC tenancy) or m3.medium (for dedicated VPC tenancy).

Steps
  1. On the Working Environments page, click Create Cloud Volumes ONTAP and follow the prompts.

  2. Define Your Working Environment: Select Amazon Web Services and Cloud Volumes ONTAP.

  3. Details and Credentials: Optionally change the AWS account and marketplace subscription, enter a working environment name, add tags if needed, and then enter a password.

    Some of the fields in this page are self-explanatory. The following table describes fields for which you might need guidance:

    Field Description

    Account

    You can choose a different account if you added additional AWS accounts to Cloud Manager.

    Marketplace Subscription

    Select a different subscription if you want to change the AWS account from which you get charged. To add a new subscription, go to the offering in the AWS Marketplace.

    Working Environment Name

    Cloud Manager uses the working environment name to name both the Cloud Volumes ONTAP system and the Amazon EC2 instance. It also uses the name as the prefix for the predefined security group, if you select that option.

    Add tags

    AWS tags are metadata for your AWS resources. Cloud Manager adds the tags to the Cloud Volumes ONTAP instance and each AWS resource associated with the instance.

    You can add up to four tags from the user interface when creating a working environment, and then you can add more after its created. Note that the API does not limit you to four tags when creating a working environment.

    For information about tags, refer to AWS Documentation: Tagging your Amazon EC2 Resources.

    Credentials

    These are the credentials for the Cloud Volumes ONTAP cluster admin account. You can use these credentials to connect to Cloud Volumes ONTAP through OnCommand System Manager or its CLI.

  4. Location & Connectivity: Enter the network information that you recorded in the AWS worksheet.

    The following image shows the page filled out:

    Screen shot: Shows the VPC page filled out for a new Cloud Volumes ONTAP instance.

  5. Data Encryption: Choose no data encryption or AWS-managed encryption.

    For AWS-managed encryption, you can choose a different Customer Master Key (CMK) from your account or another AWS account.

    You can’t change the AWS data encryption method after you create a Cloud Volumes ONTAP system.
  6. License and Support Site Account: Specify whether you want to use pay-as-you-go or BYOL, and then specify a NetApp Support Site account.

    To understand how licenses work, see Licensing.

    A NetApp Support Site Account is optional for pay-as-you-go, but required for BYOL systems. Learn how to add NetApp Support Site accounts.

  7. Preconfigured Packages: Select one of the packages to quickly launch Cloud Volumes ONTAP, or click Create my own configuration.

    If you choose one of the packages, you only need to specify a volume and then review and approve the configuration.

  8. IAM Role: You should keep the default option to let Cloud Manager create the role for you.

    If you prefer to use your own policy, it must meet policy requirements for Cloud Volumes ONTAP nodes.

  9. Licensing: Change the Cloud Volumes ONTAP version as needed, select a license, an instance type, and the instance tenancy.

    If your needs change after you launch the instance, you can modify the license or instance type later.

    If a newer Release Candidate, General Availability, or patch release is available for the selected version, then Cloud Manager updates the system to that version when creating the working environment. For example, the update occurs if you select Cloud Volumes ONTAP 9.4 RC1 and 9.4 GA is available. The update does not occur from one release to another—for example, from 9.3 to 9.4.
  10. Underlying Storage Resources: Choose settings for the initial aggregate: a disk type, a size for each disk, and whether S3 tiering should be enabled.

    The disk type is for the initial volume. You can choose a different disk type for subsequent volumes.

    The disk size is for all disks in the initial aggregate and for any additional aggregates that Cloud Manager creates when you use the simple provisioning option. You can create aggregates that use a different disk size by using the advanced allocation option.

    For help choosing a disk type and size, see Sizing your system in AWS.

  11. Write Speed & WORM: Choose Normal or High write speed, and activate write once, read many (WORM) storage, if desired.

  12. Create Volume: Enter details for the new volume or click Skip.

    You might skip this step if you want to create a volume for iSCSI. Cloud Manager sets up volumes for NFS and CIFS only.

    Some of the fields in this page are self-explanatory. The following table describes fields for which you might need guidance:

    Field Description

    Size

    The maximum size that you can enter largely depends on whether you enable thin provisioning, which enables you to create a volume that is bigger than the physical storage currently available to it.

    Access control (for NFS only)

    An export policy defines the clients in the subnet that can access the volume. By default, Cloud Manager enters a value that provides access to all instances in the subnet.

    Permissions and Users / Groups (for CIFS only)

    These fields enable you to control the level of access to a share for users and groups (also called access control lists or ACLs). You can specify local or domain Windows users or groups, or UNIX users or groups. If you specify a domain Windows user name, you must include the user’s domain using the format domain\username.

    Snapshot Policy

    A Snapshot copy policy specifies the frequency and number of automatically created NetApp Snapshot copies. A NetApp Snapshot copy is a point-in-time file system image that has no performance impact and requires minimal storage. You can choose the default policy or none. You might choose none for transient data: for example, tempdb for Microsoft SQL Server.

    The following image shows the Volume page filled out for the CIFS protocol:

    Screen shot: Shows the Volume page filled out for a Cloud Volumes ONTAP instance.

  13. CIFS Setup: If you chose the CIFS protocol, set up a CIFS server.

    Field Description

    DNS Primary and Secondary IP Address

    The IP addresses of the DNS servers that provide name resolution for the CIFS server.
    The listed DNS servers must contain the service location records (SRV) needed to locate the Active Directory LDAP servers and domain controllers for the domain that the CIFS server will join.

    Active Directory Domain to join

    The FQDN of the Active Directory (AD) domain that you want the CIFS server to join.

    Credentials authorized to join the domain

    The name and password of a Windows account with sufficient privileges to add computers to the specified Organizational Unit (OU) within the AD domain.

    CIFS server NetBIOS name

    A CIFS server name that is unique in the AD domain.

    Organizational Unit

    The organizational unit within the AD domain to associate with the CIFS server. The default is CN=Computers.
    If you configure AWS Managed Microsoft AD as the AD server for Cloud Volumes ONTAP, you should enter OU=Computers,OU=corp in this field.

    DNS Domain

    The DNS domain for the Cloud Volumes ONTAP storage virtual machine (SVM). In most cases, the domain is the same as the AD domain.

    NTP Server

    Select Use Active Directory Domain to configure an NTP server using the Active Directory DNS. If you need to configure an NTP server using a different address, then you should use the API. See the Cloud Manager API Developer Guide for details.

  14. Usage Profile, Disk Type, and Tiering Policy: Choose whether you want to enable storage efficiency features and edit the S3 tiering policy, if needed.

  15. Review & Approve: Review and confirm your selections.

    1. Review details about the configuration.

    2. Click More information to review details about support and the AWS resources that Cloud Manager will purchase.

    3. Select the I understand…​ check boxes.

    4. Click Go.

Result

Cloud Manager launches the Cloud Volumes ONTAP instance. You can track the progress in the timeline.

If you experience any issues launching the Cloud Volumes ONTAP instance, review the failure message. You can also select the working environment and click Re-create environment.

For additional help, go to NetApp Cloud Volumes ONTAP Support.

After you finish
  • If you provisioned a CIFS share, give users or groups permissions to the files and folders and verify that those users can access the share and create a file.

  • If you want to apply quotas to volumes, use System Manager or the CLI.

    Quotas enable you to restrict or track the disk space and number of files used by a user, group, or qtree.

Launching a Cloud Volumes ONTAP HA pair in AWS

If you want to launch a Cloud Volumes ONTAP HA pair in AWS, you need to create an HA working environment in Cloud Manager.

Before you begin
About this task

Immediately after you create the working environment, Cloud Manager launches a test instance in the specified VPC to verify connectivity. If successful, Cloud Manager immediately terminates the instance and then starts deploying the Cloud Volumes ONTAP system. If Cloud Manager cannot verify connectivity, creation of the working environment fails. The test instance is either a t2.nano (for default VPC tenancy) or m3.medium (for dedicated VPC tenancy).

Steps
  1. On the Working Environments page, click Create Cloud Volumes ONTAP and follow the prompts.

  2. Define Your Working Environment: Select Amazon Web Services and Cloud Volumes ONTAP HA.

  3. Details and Credentials: Optionally change the AWS account and marketplace subscription, enter a working environment name, add tags if needed, and then enter a password.

    Some of the fields in this page are self-explanatory. The following table describes fields for which you might need guidance:

    Field Description

    Account

    You can choose a different account if you added additional AWS accounts to Cloud Manager.

    Marketplace Subscription

    Select a different subscription if you want to change the AWS account from which you get charged. To add a new subscription, go to the offering in the AWS Marketplace.

    Working Environment Name

    Cloud Manager uses the working environment name to name both the Cloud Volumes ONTAP system and the Amazon EC2 instance. It also uses the name as the prefix for the predefined security group, if you select that option.

    Add tags

    AWS tags are metadata for your AWS resources. Cloud Manager adds the tags to the Cloud Volumes ONTAP instance and each AWS resource associated with the instance.

    You can add up to four tags from the user interface when creating a working environment, and then you can add more after its created. Note that the API does not limit you to four tags when creating a working environment.

    For information about tags, refer to AWS Documentation: Tagging your Amazon EC2 Resources.

    Credentials

    These are the credentials for the Cloud Volumes ONTAP cluster admin account. You can use these credentials to connect to Cloud Volumes ONTAP through OnCommand System Manager or its CLI.

  4. HA Deployment Models: Choose an HA configuration.

    For an overview of the deployment models, see Cloud Volumes ONTAP HA for AWS.

  5. Region & VPC: Enter the network information that you recorded in the AWS worksheet.

    The following image shows the page filled out for a multiple AZ configuration:

    Screen shot: Shows the VPC page filled out for an HA configuration. A different availability zone is selected for each instance.

  6. Connectivity and SSH Authentication: Choose connection methods for the HA pair and the mediator.

  7. Floating IPs: If you chose multiple AZs, specify the floating IP addresses.

    The IP addresses must be outside of the CIDR block for all VPCs in the region. For additional details, see AWS networking requirements for Cloud Volumes ONTAP HA in multiple AZs.

  8. Route Tables: If you chose multiple AZs, select the route tables that should include routes to the floating IP addresses.

    If you have more than one route table, it is very important to select the correct route tables. Otherwise, some clients might not have access to the Cloud Volumes ONTAP HA pair. For more information about route tables, refer to AWS Documentation: Route Tables.

  9. Data Encryption: Choose no data encryption or AWS-managed encryption.

    For AWS-managed encryption, you can choose a different Customer Master Key (CMK) from your account or another AWS account.

    You can’t change the AWS data encryption method after you create a Cloud Volumes ONTAP system.
  10. License and Support Site Account: Specify whether you want to use pay-as-you-go or BYOL, and then specify a NetApp Support Site account.

    To understand how licenses work, see Licensing.

    A NetApp Support Site Account is optional for pay-as-you-go, but required for BYOL systems. Learn how to add NetApp Support Site accounts.

  11. Preconfigured Packages: Select one of the packages to quickly launch a Cloud Volumes ONTAP system, or click Create my own configuration.

    If you choose one of the packages, you only need to specify a volume and then review and approve the configuration.

  12. IAM Role: You should keep the default option to let Cloud Manager create the roles for you.

    If you prefer to use your own policy, it must meet policy requirements for Cloud Volumes ONTAP nodes and the HA mediator.

  13. Licensing: Change the Cloud Volumes ONTAP version as needed, select a license, an instance type, and the instance tenancy.

    If your needs change after you launch the instances, you can modify the license or instance type later.

    If a newer Release Candidate, General Availability, or patch release is available for the selected version, then Cloud Manager updates the system to that version when creating the working environment. For example, the update occurs if you select Cloud Volumes ONTAP 9.4 RC1 and 9.4 GA is available. The update does not occur from one release to another—for example, from 9.3 to 9.4.
  14. Underlying Storage Resources: Choose settings for the initial aggregate: a disk type, a size for each disk, and whether S3 tiering should be enabled.

    The disk type is for the initial volume. You can choose a different disk type for subsequent volumes.

    The disk size is for all disks in the initial aggregate and for any additional aggregates that Cloud Manager creates when you use the simple provisioning option. You can create aggregates that use a different disk size by using the advanced allocation option.

    For help choosing a disk type and size, see Sizing your system in AWS.

  15. WORM: Activate write once, read many (WORM) storage, if desired.

  16. Create Volume: Enter details for the new volume or click Skip.

    You might skip this step if you want to create a volume for iSCSI. Cloud Manager sets up volumes for NFS and CIFS only.

    Some of the fields in this page are self-explanatory. The following table describes fields for which you might need guidance:

    Field Description

    Size

    The maximum size that you can enter largely depends on whether you enable thin provisioning, which enables you to create a volume that is bigger than the physical storage currently available to it.

    Access control (for NFS only)

    An export policy defines the clients in the subnet that can access the volume. By default, Cloud Manager enters a value that provides access to all instances in the subnet.

    Permissions and Users / Groups (for CIFS only)

    These fields enable you to control the level of access to a share for users and groups (also called access control lists or ACLs). You can specify local or domain Windows users or groups, or UNIX users or groups. If you specify a domain Windows user name, you must include the user’s domain using the format domain\username.

    Snapshot Policy

    A Snapshot copy policy specifies the frequency and number of automatically created NetApp Snapshot copies. A NetApp Snapshot copy is a point-in-time file system image that has no performance impact and requires minimal storage. You can choose the default policy or none. You might choose none for transient data: for example, tempdb for Microsoft SQL Server.

    The following image shows the Volume page filled out for the CIFS protocol:

    Screen shot: Shows the Volume page filled out for a Cloud Volumes ONTAP instance.

  17. CIFS Setup: If you selected the CIFS protocol, set up a CIFS server.

    Field Description

    DNS Primary and Secondary IP Address

    The IP addresses of the DNS servers that provide name resolution for the CIFS server.
    The listed DNS servers must contain the service location records (SRV) needed to locate the Active Directory LDAP servers and domain controllers for the domain that the CIFS server will join.

    Active Directory Domain to join

    The FQDN of the Active Directory (AD) domain that you want the CIFS server to join.

    Credentials authorized to join the domain

    The name and password of a Windows account with sufficient privileges to add computers to the specified Organizational Unit (OU) within the AD domain.

    CIFS server NetBIOS name

    A CIFS server name that is unique in the AD domain.

    Organizational Unit

    The organizational unit within the AD domain to associate with the CIFS server. The default is CN=Computers.
    If you configure AWS Managed Microsoft AD as the AD server for Cloud Volumes ONTAP, you should enter OU=Computers,OU=corp in this field.

    DNS Domain

    The DNS domain for the Cloud Volumes ONTAP storage virtual machine (SVM). In most cases, the domain is the same as the AD domain.

    NTP Server

    Select Use Active Directory Domain to configure an NTP server using the Active Directory DNS. If you need to configure an NTP server using a different address, then you should use the API. See the Cloud Manager API Developer Guide for details.

  18. Usage Profile, Disk Type, and Tiering Policy: Choose whether you want to enable storage efficiency features and edit the S3 tiering policy, if needed.

  19. Review & Approve: Review and confirm your selections.

    1. Review details about the configuration.

    2. Click More information to review details about support and the AWS resources that Cloud Manager will purchase.

    3. Select the I understand…​ check boxes.

    4. Click Go.

Result

Cloud Manager launches the Cloud Volumes ONTAP HA pair. You can track the progress in the timeline.

If you experience any issues launching the HA pair, review the failure message. You can also select the working environment and click Re-create environment.

For additional help, go to NetApp Cloud Volumes ONTAP Support.

After you finish
  • If you provisioned a CIFS share, give users or groups permissions to the files and folders and verify that those users can access the share and create a file.

  • If you want to apply quotas to volumes, use System Manager or the CLI.

    Quotas enable you to restrict or track the disk space and number of files used by a user, group, or qtree.