Adding NAS IP addresses to an HA pair in multiple AZs

If you used Cloud Manager 3.2 or earlier to deploy an ONTAP Cloud HA pair in multiple Availability Zones (AZs), the configuration uses floating IP addresses for NFS and CIFS data access. Data is not accessible from outside the VPC when using floating IPs. You can add NAS IP addresses for client access from outside of the VPC.

Before you begin

The ONTAP Cloud HA pair must be running the general availability release of ONTAP Cloud 9.1. You must first upgrade to Cloud Manager 3.2.1 and ONTAP Cloud 9.1.

About this task

NAS data IPs used for external VPC access cannot migrate between nodes if failures occur. If a node goes offline, you must manually remount volumes to clients outside the VPC by using the IP address on the other node.

Steps

  1. Edit the IAM role policy associated with the HA mediator instance:
    1. Go the AWS IAM Console and click Roles.
    2. Search for "mediator" and select the role name that is prefixed with the name of the working environment.
    3. Edit the inline policy by adding the following permissions:
      • "ec2:AssignPrivateIpAddresses"
      • "ec2:DescribeNetworkInterfaces"
      • "ec2:UnassignPrivateIpAddresses"
    This step is needed because these permissions are required to manage the NAS IP addresses.
  2. Find the NAS IP addresses that were created when you launched the configuration:
    1. Go to the AWS CloudFormation Console.
    2. Select the region in which you launched the configuration.
    3. Select the stack name that corresponds to the name of the working environment.
    4. Click Outputs.
    5. Copy the IP addresses for the keys titled Node1NASIPAddress and Node2NASIPAddress.
      The following image shows the IP address for the Node1NASIPAddress key:

      Screen shot: Shows the NAS IP address for an ONTAP Cloud HA pair in the AWS CloudFormation console.

  3. Connect to the ONTAP Cloud CLI.
  4. Use the network interface create command to create two LIFs that use the IP addresses that you just obtained.
    The first LIF is for the first ONTAP Cloud node and the second LIF is for the second node.
    Example
    workingEnvName::> network interface create -vserver 
    svm_workingEnvName -lif svm_workingEnvName_data_lif1_private 
    -role data -data-protocol cifs,nfs,fcache -home-node 
    workingEnvName-01 -home-port e0a -address 172.31.1.146 
    -netmask-length 24 -failover-policy disabled -auto-revert true
    
    workingEnvName::> network interface create -vserver 
    svm_workingEnvName -lif svm_workingEnvName_data_lif2_private 
    -role data -data-protocol cifs,nfs,fcache -home-node 
    workingEnvName-02 -home-port e0a -address 172.31.1.176 
    -netmask-length 24 -failover-policy disabled -auto-revert true

Result

The HA configuration includes new NAS IP addresses. You should use these IP addresses for NAS client access from outside of the VPC and the floating IP addresses for client access from within the VPC.