Blog

Getting Started with Cloud Volumes ONTAP in AWS: The Setup Walkthrough

NetApp Cloud Volumes ONTAP is a fully fledged version of ONTAP running natively in Google Cloud, AWS, and Azure that provides a homogeneous solution to meet enterprise storage needs across hybrid cloud architectures.

Cloud Volumes ONTAP brings ONTAP software’s broad value set to the cloud, including:

As a key part of the NetApp Data Fabric, Cloud Volumes ONTAP enables enterprise customers meet various cloud requirements such as lift and shift data migrations, disaster recovery and backup, helping customers accelerate time to market and realize the true value of cloud within a short space of time.

NetApp Cloud Manager provides simplified, centralized, single-pane-of-glass management, monitoring and automation for the end-to-end hybrid and multicloud storage environments. 

This blog will walk you through the prerequisite considerations and setting up Cloud Volumes ONTAP on AWS, including the Cloud Manager deployment steps required for you to successfully start deploying volumes. Click here if you need the Getting Started with Cloud Volumes ONTAP in Azure guide.

Detailed product overview information for both Cloud Manager and Cloud Volumes ONTAP can be found here: NetApp Cloud Manager and Cloud Volumes ONTAP overview.

Key Design Considerations

This section highlights the key design considerations which need to be understood and addressed prior to a Cloud Manager and a Cloud Volumes ONTAP deployment.

  • AWS subscription:
    • Before you start the deployment of Cloud Manager and Cloud Volumes ONTAP on AWS, you need to have an active AWS subscription.
    • If you don’t have an AWS subscription, sign up for an account here. Note that since this account must not be on the free tier, a PAYGO account is recommended.
  • Supported AWS regions:
  • Cloud Manager deployment option:
    • Deploy Cloud Manager from NetApp Cloud Central on AWS (Main focus of this post).
    • Deploy Cloud Manager from AWS marketplace.
    • Install Cloud Manager installable in an on-premises data center.
  • AWS Key pair:
    • Cloud Manager deployment from NetApp Cloud Central requires a valid AWS Key pair to be available within the region that the Cloud Manager appliance is being deployed.
    • If a key pair does not exist within your AWS subscription, this needs to be created prior to proceeding with the steps outlined below (Except for when Cloud Manager is deployed directly from the AWS Marketplace).
  • AWS Networking considerations:

AWS Marketplace Subscription

In order for Cloud Manager to deploy Cloud Volumes ONTAP, users must be subscribed to Cloud Volumes ONTAP within the AWS Marketplace. This step is only required once, in order to accept and confirm the AWS EULA terms.

Watch here a demonstration of these steps.

107 - 223 Demo Deploying Cloud Manager on AWS

 

1. Log into the AWS management console via an internet browser.

2. Visit the NetApp Cloud Volumes ONTAP solution on the AWS Marketplace (on the same browser sharing the same session credentials). Selects "Cloud Volumes ONTAP for AWS" (exact name):

Visit the NetApp Cloud Volumes ONTAP solution on the AWS Marketplace

3. Click "Continue to subscribe" at the top:

Cloud Volumes ONTAP for AWS - Product Overview

4. Click "Accept Terms":

Accept Terms

5. Verify subscription confirmation and close the browser tab/window: 

Close the browser tab/window

DO NOT click the “continue to configuration” option as Cloud Volumes ONTAP should only be deployed via Cloud Manager and not directly on the AWS Marketplace. All that is required here is to ensure the marketplace subscription is in place so that Cloud Manager has all the prerequisites required to automatically deploy the Cloud Volumes ONTAP appliance as needed.

AWS Account & Permissions

When deploying Cloud Manager from NetApp Cloud Central, you need to use an AWS account that has sufficient permission within the AWS subscription to deploy the Cloud Manager instance.

In this section, we’ll show how to create an AWS account with the required IAM (Identity and Access Management) policy in order to prepare your AWS environment to deploy Cloud Manager.

Watch here a demonstration of these steps.

033 - 105 Demo Deploying Cloud Manager on AWS

 

1. Go to the Cloud Manager policies for AWS & Azure page

2. Click “I’m deploying Cloud Manager from NetApp Cloud Central” link:

Choose "I'm deploying Cloud Manager from NetApp Cloud Central"

3. Click the "NetApp Cloud Central policy for AWS" hyperlink:

Under AWS, Click the "NetApp Cloud Central policy for AWS"

4. Copy the content of the JSON file that is required to create the IAM access policy on AWS:

Copy the content of the JSON file

5. Now go to the AWS management console and click on the "Services" menu at the top.
Click on IAM under "security, Identify & Compliance":

Click on IAM under "security, Identify & Compliance"

6. Go to Policies and click "Create Policy":

Create Policy

7. Click JSON and paste the content copied from the JSON file in step 4 above and click "Review policy." (Ignore any policy validation warnings that appears):

Click JSON and paste the content from the JSON file in step 4 above and click "Review Policy"

8. Provide a unique policy name (staying in line with any best practice naming conventions) and a description and click "Create policy":

In create policy, provide a unique policy name and description

You now have an IAM access policy called "NetAppCloudCentral".

9. Next we will define a new user and attach the policy to the new user. Go to the "Users" menu option on the left-hand side and click "Add user":

Click "Add user"

10. Add a new user and select the "Programmatic Access" check box. Click "Next: Permissions" when complete:

Fill the user name and click on "Next: Permissions" when complete

11. In the next window, select "Attach existing policies directly" and search for the policy created in Step 8 above and click "Next: Tags": 

Select "Attach existing polities directly" and search for the policy from Step 8

12. Click "Next: Review" on the next screen.

13. Click "Create user" on the final screen:

Click "Create user" on the final screen

14. In the next window, please make sure to note the "Access key ID", as these will be required for the initial deployment of Cloud Manager. Alternatively, you can download the credentials as a .csv file and store in a secure location:

You can download the credentials as a .csv file and store in a secure location

Your AWS subscription is now prepared with the appropriate user account and associated access policy, and ready for NetApp Cloud Manager to be deployed.

NetApp Cloud Manager Deployment

Now that the prerequisites in AWS are completed, we can initialize the deployment steps for Cloud Manager.

Watch here a demonstration of these steps.

225 - 401 Demo Deploying Cloud Manager on AWS


1. Log in to NetApp Cloud Central and select "Fabric View" at the top right corner of the screen..

2. In the Fabric View, click "Start Free Trial" under Cloud Volumes ONTAP.

In the Fabric View, click Start Free Trial in the left sidebar

3. Select "AWS":

Select "AWS"

4. Provide the AWS Access Key and AWS Secret Key that were recorded for the new user account (Step 14 of the "AWS Account & Permissions" section above) and click "Continue". 

In AWS Cedentials settings, provide the AWS Access Key and AWS Secret Key

5. Now provide a name for the Cloud Manager instance, select the AWS region, VPC and subnet where the Cloud Manager instance needs to be deployed. 

Note that while Cloud Manager can be deployed to any AWS region, if you plan to deploy and manage Cloud Volume ONTAP instances in other regions, network connectivity between the Cloud Manager and Cloud Volumes ONTAP VPCs is required. (As outlined within the “Key design considerations” section above).

An example of such a case may be in a disaster recovery use case where the secondary copy is typically deployed in a separate region.

Click “Continue” when complete:

Fill in the questions in the Location Settings

6. Under the Network settings, select the appropriate key paid and click continue:

Select the appropriate key paid

7. Now create a new security group to be used by Cloud Manager or select an existing security group. For the purpose of this article, we will create a new security group and set communication permission from anywhere to the Cloud Manager instance using this deployment wizard: 

Security Group

In a production deployment however, it is highly recommended to set strict access control to limit the network communication only to the specific Cloud Manager endpoints required for advanced security. If this security group was pre-created and already in place, it can be selected here instead of creating a new one. 

Click “Go” once complete.

Cloud Manager deployment has now started. This may take around 30 minutes to complete:

Deploying OnCommand Cloud Manager

8. Once the deployment is completed, you will be automatically directed to the Cloud Manager management UI where you can start provisioning Cloud Volume ONTAP instances and creating additional working environments:

Start provisioning Cloud Volume ONTAP instances and creating additional working environments

9. If you go to the AWS management console, and browse through instances, you will see that the Cloud Manager appliance has successfully been deployed:

The Cloud Manager application has been deployed

10. If you navigate to EC2 > Network & Security > Security groups, you will also notice the new AWS Security Group created during the Cloud Manager deployment. This can be modified to amend the inbound and outbound rules to secure the network access as required (recommended if no security group permissions were set during the Cloud Manager deployment):

Edit inbound rules

There are optional additional configuration items that can also be performed once the Cloud Manager appliance has been deployed. Please refer to the below documentation for if required:

Conclusion

Now that you have all the necessary prerequisites in place, you can go ahead with deploying Cloud Volumes ONTAP in AWS and enjoy all the enterprise class data management features natively on AWS.

To see the same deployment steps for Azure, please refer to this walkthrough.

If you haven’t done so already, you can sign up for a free trial to explore NetApp Cloud Volumes ONTAP service on AWS.

-