Skip to main content
A newer release of this product is available.

Astra Control Center requirements

Contributors netapp-dbagwell

Get started by verifying the readiness of your operational environment, application clusters, applications, licenses, and web browser. Ensure that your environment meets these requirements to deploy and operate Astra Control Center.

Supported host cluster Kubernetes environments

Astra Control Center has been validated with the following Kubernetes host environments:

Note Ensure that the Kubernetes environment you choose to host Astra Control Center meets the basic resource requirements outlined in the environment's official documentation.
Kubernetes distribution on host cluster Supported versions

Azure Kubernetes Service on Azure Stack HCI

Azure Stack HCI 21H2 and 22H2 with AKS 1.23 and 1.24

Google Anthos

1.12 through 1.14 (See Google Anthos ingress requirements)

Kubernetes (Upstream)

1.24 to 1.26 (Astra Trident 22.10 or newer is required for Kubernetes 1.25 or newer)

Rancher Kubernetes Engine (RKE)

RKE 1.3 with Rancher 2.6
RKE 1.4 with Rancher 2.7
RKE 2 (v1.23.x) with Rancher 2.6
RKE 2 (v1.24.x) with Rancher 2.7

Red Hat OpenShift Container Platform

4.10 through 4.12

VMware Tanzu Kubernetes Grid

1.6 (See Host cluster resource requirements)

VMware Tanzu Kubernetes Grid Integrated Edition

1.14 and 1.15 (See Host cluster resource requirements)

Host cluster resource requirements

Astra Control Center requires the following resources in addition to the environment's resource requirements:

Note These requirements assume that Astra Control Center is the only application running in the operational environment. If the environment is running additional applications, adjust these minimum requirements accordingly.
  • CPU extensions: The CPUs in all nodes of the hosting environment must have AVX extensions enabled.

  • Worker nodes: At least 3 worker nodes total, with 4 CPU cores and 12GB RAM each

  • VMware Tanzu Kubernetes Grid cluster requirements: When hosting Astra Control Center on a VMware Tanzu Kubernetes Grid (TKG) or Tanzu Kubernetes Grid Integrated Edition (TKGi) cluster, keep in mind the following considerations.

    • The default VMware TKG and TKGi configuration file token expires ten hours after deployment. If you use Tanzu portfolio products, you must generate a Tanzu Kubernetes Cluster configuration file with a non-expiring token to prevent connection issues between Astra Control Center and managed application clusters. For instructions, visit the VMware NSX-T Data Center Product Documentation.

    • Use the kubectl get nsxlbmonitors -A command to see if you already have a service monitor configured to accept ingress traffic. If one exists, you should not install MetalLB, because the existing service monitor will override any new load balancer configuration.

    • Disable the TKG or TKGi default storage class enforcement on any application clusters intended to be managed by Astra Control. You can do this by editing the TanzuKubernetesCluster resource on the namespace cluster.

    • Be aware of specific requirements for Astra Trident when you deploy Astra Control Center in a TKG or TKGi environment. For more information, see the Astra Trident documentation.

Astra Trident requirements

Ensure that you meet the following Astra Trident requirements specific to the needs of your environment:

  • Minimum version for use with Astra Control Center: Astra Trident 22.04 or newer installed and configured.

  • SnapMirror replication: Astra Trident 22.07 or newer installed for SnapMirror-based application replication.

  • For Kubernetes 1.25 or newer support: Astra Trident 22.10 or newer installed for Kubernetes 1.25 or newer clusters (you must upgrade to Astra Trident 22.10 prior to upgrading to Kubernetes 1.25 or newer)

  • ONTAP configuration with Astra Trident:

    • Storage class: Configure at least one Astra Trident storage class on the cluster. If a default storage class is configured, ensure that it is the only storage class with the default designation.

    • Storage drivers and worker nodes: Ensure that the worker nodes in your cluster are configured with the appropriate storage drivers so that the pods can interact with the backend storage. Astra Control Center supports the following ONTAP drivers provided by Astra Trident:

      • ontap-nas

      • ontap-san

      • ontap-san-economy (app replication is not available with this storage class type)

      • ontap-nas-economy (snapshots, replication policies, and protection policies are not available with this storage class type)

Storage backends

Ensure that you have a supported backend with sufficient capacity.

  • Supported backends: Astra Control Center supports the following storage backends:

    • NetApp ONTAP 9.8 or newer AFF, FAS, and ASA systems

    • NetApp ONTAP Select 9.8 or newer

    • NetApp Cloud Volumes ONTAP 9.8 or newer

  • Required storage backend capacity: At least 500GB available

ONTAP licenses

To use Astra Control Center, verify that you have the following ONTAP licenses, depending on what you need to accomplish:

  • FlexClone

  • SnapMirror: Optional. Needed only for replication to remote systems using SnapMirror technology. Refer to SnapMirror license information.

  • S3 license: Optional. Needed only for ONTAP S3 buckets

To check whether your ONTAP system has the required licenses, refer to Manage ONTAP licenses.

Image registry

You must have an existing private Docker image registry to which you can push Astra Control Center build images. You need to provide the URL of the image registry where you will upload the images.

Astra Control Center license

Astra Control Center requires an Astra Control Center license. When you install Astra Control Center, an embedded 90-day evaluation license for 4,800 CPU units is already activated. If you need more capacity or different evaluation terms, or want to upgrade to a full license, you can obtain a different evaluation license or full license from NetApp. You need a license to protect your applications and data.

You can try Astra Control Center by signing up for a free trial. You can sign up by registering here.

To set up the license, refer to use a 90-day evaluation license.

To learn more about how licenses work, refer to Licensing.

Networking requirements

Configure your operational environment to ensure Astra Control Center can communicate properly. The following networking configurations are required:

  • FQDN address: You must have an FQDN address for Astra Control Center.

  • Access to the internet: You should determine whether you have outside access to the internet. If you do not, some functionality might be limited, such as receiving monitoring and metrics data from NetApp Cloud Insights, or sending support bundles to the NetApp Support Site.

  • Port access: The operational environment that hosts Astra Control Center communicates using the following TCP ports. You should ensure that these ports are allowed through any firewalls, and configure firewalls to allow any HTTPS egress traffic originating from the Astra network. Some ports require connectivity both ways between the environment hosting Astra Control Center and each managed cluster (noted where applicable).

Note You can deploy Astra Control Center in a dual-stack Kubernetes cluster, and Astra Control Center can manage applications and storage backends that have been configured for dual-stack operation. For more information about dual-stack cluster requirements, see the Kubernetes documentation.
Source Destination Port Protocol Purpose

Client PC

Astra Control Center

443

HTTPS

UI / API access - Ensure this port is open both ways between the cluster hosting Astra Control Center and each managed cluster

Metrics consumer

Astra Control Center worker node

9090

HTTPS

Metrics data communication - ensure each managed cluster can access this port on the cluster hosting Astra Control Center (two-way communication required)

Astra Control Center

Hosted Cloud Insights service (https://www.netapp.com/cloud-services/cloud-insights/)

443

HTTPS

Cloud Insights communication

Astra Control Center

Amazon S3 storage bucket provider

443

HTTPS

Amazon S3 storage communication

Astra Control Center

NetApp AutoSupport (https://support.netapp.com)

443

HTTPS

NetApp AutoSupport communication

Ingress for on-premises Kubernetes clusters

You can choose the type of network ingress Astra Control Center uses. By default, Astra Control Center deploys the Astra Control Center gateway (service/traefik) as a cluster-wide resource. Astra Control Center also supports using a service load balancer, if they are permitted in your environment. If you would rather use a service load balancer and you don't already have one configured, you can use the MetalLB load balancer to automatically assign an external IP address to the service. In the internal DNS server configuration, you should point the chosen DNS name for Astra Control Center to the load-balanced IP address.

Note The load balancer should use an IP address located in the same subnet as the Astra Control Center worker node IP addresses.

For more information, refer to Set up ingress for load balancing.

Google Anthos ingress requirements

When hosting Astra Control Center on a Google Anthos cluster, note that Google Anthos includes the MetalLB load balancer and the Istio ingress service by default, enabling you to simply use the generic ingress capabilities of Astra Control Center during installation. Refer to Configure Astra Control Center for details.

Supported web browsers

Astra Control Center supports recent versions of Firefox, Safari, and Chrome with a minimum resolution of 1280 x 720.

Additional requirements for application clusters

Keep in mind these requirements if you plan to use these Astra Control Center features:

What's next

View the quick start overview.