Skip to main content
Active IQ Unified Manager 9.12
A newer release of this product is available.

Adding clusters

Contributors
PDFs

You can add a cluster to Active IQ Unified Manager so that you can monitor the cluster. This includes the ability to obtain cluster information such as the health, capacity, performance, and configuration of the cluster so that you can find and resolve any issues that might occur.

What you'll need

  • You must have the Application Administrator or Storage Administrator role.

  • You must have the following information:

    • Host name or cluster-management IP address

      The host name is the FQDN or short name that Unified Manager uses to connect to the cluster. The host name must resolve to the cluster-management IP address.

      The cluster-management IP address must be the cluster-management LIF of the administrative storage virtual machine (SVM). If you use a node-management LIF, the operation fails.

    • The cluster must be running ONTAP version 9.1 software or greater.

    • ONTAP administrator user name and password

      This account must have the admin role with Application access set to ontapi, console, and http.

    • The port number to connect to the cluster using the HTTPS protocol (typically port 443)

    • You have the required certificates. Unified Manager installs security certificates when adding a cluster:

      Server certificates: This certificate is owned by Unified Manager. A default self-signed SSL (HTTPS) certificate is generated with a fresh installation of Unified Manager. NetApp recommends that you upgrade it to CA-signed certificate for better security. If the server certificate expires, you should regenerate it and restart Unified Manager for the services to incorporate the new certificate. For more information about regenerating SSL certificate, see Generating an HTTPS security certificate.

      Certificates for Mutual TLS communication: Used during Mutual TLS communication between Unified Manager and ONTAP. The certificate-based authentication is enabled for a cluster, based on the ONTAP version. If the cluster running the ONTAP version is lower than the 9.5, certificate-based authentication is not enabled.

      Certificate-based authentication is not enabled automatically for a cluster, if you are updating an older version of Unified Manager to Unified Manager 9.12. However, you can enable it by modifying and saving the cluster details. If the certificate expires, you should regenerate it to incorporate the new certificate. For more information about viewing and regenerating the certificate, see Editing clusters.

      Note

      • The certificate-based authentication enables automatically, if you add a cluster from the web UI. If you add a cluster from the maintenance console, the certificate-based authentication is not enabled.

      • If certificate-based authentication is enabled for a cluster, and you take the backup of Unified Manager from a server and restore to another Unified Manager server where hostname or IP address is changed, then monitoring of the cluster can fail. To avoid the failure, edit and save the cluster details. For more information about editing cluster details, see Editing clusters.

      Client certificates: Used during authentication for EMS messages received from ONTAP. This certificate is owned by ONTAP and required when adding an ONTAP cluster to Unified Manager. You cannot add a cluster to Unified Manager with an expired certificate and if the client certificate has already expired, you should regenerate it before adding the cluster. However, if this certificate expires for a cluster that is already added, and is being used by Unified Manager, EMS messaging continues to function with the expired certificate. For information about certificate generation, see the knowledge base (KB) article How to renew an ONTAP self-signed certificate in System Manager user interface.

  • You must have adequate space on the Unified Manager server. You are prevented from adding a cluster to the server when greater than 90% of space in the database directory is already consumed.

For a MetroCluster configuration, you must add both the local and remote clusters, and the clusters must be configured correctly.

Steps

  1. In the left navigation pane, click Storage Management > Cluster Setup.

  2. On the Cluster Setup page, click Add.

  3. In the Add Cluster dialog box, specify the required values, such as the host name or IP address of the cluster, user name, password, and port number.

    You can change the cluster-management IP address from IPv6 to IPv4 or from IPv4 to IPv6. The new IP address is reflected in the cluster grid and the cluster configuration page after the next monitoring cycle is complete.

  4. Click Submit.

  5. In the Authorize Host dialog box, click View Certificate to view the certificate information about the cluster.

  6. Click Yes.

    In Unified Manager 9.12, after saving the cluster details, you can see the certificate for Mutual TLS communication for a cluster.

    If the certificate-based authentication is not enabled, Unified Manager checks the certificate only when the cluster is added initially. Unified Manager does not check the certificate for each API call to ONTAP.

After all the objects for a new cluster are discovered, Unified Manager starts to gather historical performance data for the previous 15 days. These statistics are collected using the data continuity collection functionality. This feature provides you with over two weeks of performance information for a cluster immediately after it is added. After the data continuity collection cycle is completed, real-time cluster performance data is collected, by default, every five minutes.

Note

Because the collection of 15 days of performance data is CPU intensive, it is suggested that you stagger the addition of new clusters so that data continuity collection polls are not running on too many clusters at the same time. Additionally, if you restart Unified Manager during the data continuity collection period, the collection will be halted and you will see gaps in the performance charts for the missing timeframe.
Tip

If you receive an error message that you cannot add the cluster, check to see if the clocks on the two systems are not synchronized and the Unified Manager HTTPS certificate start date is later than the date on the cluster. You must ensure that the clocks are synchronized using NTP or a similar service.

Related information

Installing a CA signed and returned HTTPS certificate