Install Astra Control Center with a Cloud Volumes ONTAP storage backend

Contributors amgrissino netapp-dbagwell

With Astra Control Center, you can manage your apps in a hybrid cloud environment with self-managed Kubernetes clusters and Cloud Volumes ONTAP instances. You can deploy Astra Control Center in your on-premise Kubernetes clusters or in one of the self-managed Kubernetes clusters in the cloud environment.

With one of these deployments, you can perform app data management operations using Cloud Volumes ONTAP as a storage backend. You can also configure an S3 bucket as the backup target.

To install Astra Control Center in Amazon Web Services (AWS) and Microsoft Azure with a Cloud Volumes ONTAP storage backend, perform the following steps depending on your cloud environment.

Deploy Astra Control Center in Amazon Web Services

You can deploy Astra Control Center on a self-managed Kubernetes cluster hosted on an Amazon Web Services (AWS) public cloud.

Only self-managed OpenShift Container Platform (OCP) clusters are supported for deploying Astra Control Center.

What you’ll need for AWS

Before you deploy Astra Control Center in AWS, you will need the following items:

  • Astra Control Center license. See Astra Control Center licensing requirements.

  • Meet Astra Control Center requirements.

  • NetApp Cloud Central account

  • Red Hat OpenShift Container Platform (OCP) permissions (on namespace level to create pods)

  • AWS credentials, Access ID and Secret Key with permissions that enable you to create buckets and connectors

  • AWS account Elastic Container Registry (ECR) access and login

  • AWS hosted zone and Route 53 entry required to access the Astra Control UI

Operational environment requirements for AWS

Astra Control Center requires the following operational environment for AWS:

  • Red Hat OpenShift Container Platform 4.8

Note Ensure that the operating environment you choose to host Astra Control Center meets the basic resource requirements outlined in the environment’s official documentation.

Astra Control Center requires the following resources in addition to the environment’s resource requirements:

Component Requirement

Backend NetApp Cloud Volumes ONTAP storage capacity

At least 300GB available

Worker nodes (AWS EC2 requirement)

At least 3 worker nodes total, with 4 vCPU cores and 12GB RAM each

Load balancer

Service type "LoadBalancer" available for ingress traffic to be sent to services in the operational environment cluster

FQDN

A method for pointing the FQDN of Astra Control Center to the load balanced IP address

Astra Trident (installed as part of the Kubernetes cluster discovery in NetApp Cloud Manager)

Astra Trident 21.04 or newer installed and configured and NetApp ONTAP version 9.5 or newer as a storage backend

Image registry

You must have an existing private registry, such as AWS Elastic Container Registry, to which you can push Astra Control Center build images. You need to provide the URL of the image registry where you will upload the images.

Note The Astra Control Center hosted cluster and the managed cluster must have access to the same image registry to be able to back up and restore apps using the Restic-based image.

Astra Trident / ONTAP configuration

Astra Control Center requires that a storage class be created and set as the default storage class. Astra Control Center supports the following ONTAP Kubernetes storage classes that are created when you import your Kubernetes cluster into NetApp Cloud Manager. These are provided by Astra Trident:

  • vsaworkingenvironment-<>-ha-nas csi.trident.netapp.io

  • vsaworkingenvironment-<>-ha-san csi.trident.netapp.io

  • vsaworkingenvironment-<>-single-nas csi.trident.netapp.io

  • vsaworkingenvironment-<>-single-san csi.trident.netapp.io

Note These requirements assume that Astra Control Center is the only application running in the operational environment. If the environment is running additional applications, adjust these minimum requirements accordingly.
Note The AWS registry token expires in 12 hours, after which you will have to renew the Docker image registry secret.

Overview of deployment for AWS

Here is an overview of the process to install Astra Control Center for AWS with Cloud Volumes ONTAP as a storage backend.

Each of these steps is explained in more detail below.

Ensure that you have sufficient IAM permissions

Ensure that you have sufficient IAM roles and permissions that enable you to install a RedHat OpenShift cluster and a NetApp Cloud Manager Connector.

Install a RedHat OpenShift cluster on AWS

Install a RedHat OpenShift Container Platform cluster on AWS.

Configure AWS

Next, configure AWS to create a virtual network, set up EC2 compute instances, create an AWS S3 bucket, create an Elastic Container Register (ECR) to host the Astra Control Center images, and push the images to this registry.

Follow the AWS documentation to complete the following steps. See AWS installation documentation.

  1. Create an AWS virtual network.

  2. Review the EC2 compute instances. This can be a bare metal server or VMs in AWS.

  3. If the instance type does not already match the Astra minimum resource requirements for master and worker nodes, change the instance type in AWS to meet the Astra requirements. See Astra Control Center requirements.

  4. Create at least one AWS S3 bucket to store your backups.

  5. Create an AWS Elastic Container Registry (ECR) to host all the ACC images.

    Note If you do not create the ECR, Astra Control Center cannot access monitoring data from a cluster containing Cloud Volumes ONTAP with an AWS backend. The issue is caused when the cluster you try to discover and manage using Astra Control Center does not have AWS ECR access.
  6. Push the ACC images to your defined registry.

Note The AWS Elastic Container Registry (ECR) token expires after 12 hours and causes cross-cluster clone operations to fail. This issue occurs when managing a storage backend from Cloud Volumes ONTAP configured for AWS. To correct this issue, authenticate with the ECR again and generate a new secret for clone operations to resume successfully.

Here’s an example of an AWS deployment:

Astra Control Center with Cloud Volumes ONTAP deployment example

Configure NetApp Cloud Manager

Using Cloud Manager, create a workspace, add a connector to AWS, create a working environment, and import the cluster.

Follow the Cloud Manager documentation to complete the following steps. See the following:

Steps
  1. Add your credentials to Cloud Manager.

  2. Create a workspace.

  3. Add a connector for AWS. Choose AWS as the Provider.

  4. Create a working environment for your cloud environment.

    1. Location: "Amazon Web Services (AWS)"

    2. Type: "Cloud Volumes ONTAP HA"

  5. Import the OpenShift cluster. The cluster will connect to the working environment you just created.

    1. View the NetApp cluster details by selecting K8s > Cluster list > Cluster Details.

    2. In the upper right corner, note the Trident version.

    3. Note the Cloud Volumes ONTAP cluster storage classes showing NetApp as the provisioner.

      This imports your Red Hat OpenShift cluster and assigns it a default storage class. You select the storage class.
      Trident is automatically installed as part of the import and discovery process.

  6. Note all the persistent volumes and volumes in this Cloud Volumes ONTAP deployment.

Tip Cloud Volumes ONTAP can operate as a single node or in High Availability. If HA is enabled, note the HA status and node deployment status running in AWS.

Install Astra Control Center

Deploy Astra Control Center in Microsoft Azure

You can deploy Astra Control Center on a self-managed Kubernetes cluster hosted on a Microsoft Azure public cloud.

What you’ll need for Azure

Before you deploy Astra Control Center in Azure, you will need the following items:

Operational environment requirements for Azure

Ensure that the operating environment you choose to host Astra Control Center meets the basic resource requirements outlined in the environment’s official documentation.

Astra Control Center requires the following resources in addition to the environment’s resource requirements:

Component Requirement

Backend NetApp Cloud Volumes ONTAP storage capacity

At least 300GB available

Worker nodes (Azure compute requirement)

At least 3 worker nodes total, with 4 vCPU cores and 12GB RAM each

Load balancer

Service type "LoadBalancer" available for ingress traffic to be sent to services in the operational environment cluster

FQDN (Azure DNS zone)

A method for pointing the FQDN of Astra Control Center to the load balanced IP address

Astra Trident (installed as part of the Kubernetes cluster discovery in NetApp Cloud Manager)

Astra Trident 21.04 or newer installed and configured and NetApp ONTAP version 9.5 or newer will be used as a storage backend

Image registry

You must have an existing private registry, such as Azure Container Registry (ACR), to which you can push Astra Control Center build images. You need to provide the URL of the image registry where you will upload the images.

Note You need to enable anonymous access to pull Restic images for backups.

Astra Trident / ONTAP configuration

Astra Control Center requires that a storage class be created and set as the default storage class. Astra Control Center supports the following ONTAP Kubernetes storage classes that are created when you import your Kubernetes cluster into NetApp Cloud Manager. These are provided by Astra Trident:

  • vsaworkingenvironment-<>-ha-nas csi.trident.netapp.io

  • vsaworkingenvironment-<>-ha-san csi.trident.netapp.io

  • vsaworkingenvironment-<>-single-nas csi.trident.netapp.io

  • vsaworkingenvironment-<>-single-san csi.trident.netapp.io

Note These requirements assume that Astra Control Center is the only application running in the operational environment. If the environment is running additional applications, adjust these minimum requirements accordingly.

Overview of deployment for Azure

Here is an overview of the process to install Astra Control Center for Azure.

Each of these steps is explained in more detail below.

Install a RedHat OpenShift cluster on Azure

The first step is to install a RedHat OpenShift cluster on Azure.

For installation instructions, see the following:

Create Azure resource groups

Create at least one Azure resource group.

Note OpenShift might create its own resource groups. In addition to these, you should also define Azure resource groups. Refer to OpenShift documentation.

You might want to create a platform cluster resource group and a target app OpenShift cluster resource group.

Ensure that you have sufficient IAM permissions

Ensure that you have sufficient IAM roles and permissions that enable you to install a RedHat OpenShift cluster and a NetApp Cloud Manager Connector.

Configure Azure

Next, configure Azure to create a virtual network, set up compute instances, create an Azure Blob container, create an Azure Container Register (ACR) to host the Astra Control Center images, and push the images to this registry.

Follow the Azure documentation to complete the following steps. See Installing OpenShift cluster on Azure.

  1. Create an Azure virtual network.

  2. Review the compute instances. This can be a bare metal server or VMs in Azure.

  3. If the instance type does not already match the Astra minimum resource requirements for master and worker nodes, change the instance type in Azure to meet the Astra requirements. See Astra Control Center requirements.

  4. Create at least one Azure Blob container to store your backups.

  5. Create a storage account. You will need a storage account to create a container to be used as a bucket in Astra Control Center.

  6. Create a secret, which is required for bucket access.

  7. Create an Azure Container Registry (ACR) to host all the Astra Control Center images.

  8. Set up ACR access for Docker push/pull all the Astra Control Center images.

  9. Push the ACC images to this registry by entering the following script:

    az acr login -n <AZ ACR URL/Location>
    This script requires ACC manifest file and your Azure ACR location.

    Example:

    manifestfile=astra-control-center-<version>.manifest
    AZ_ACR_REGISTRY=<target image repository>
    ASTRA_REGISTRY=<source ACC image repository>
    
    while IFS= read -r image; do
        echo "image: $ASTRA_REGISTRY/$image $AZ_ACR_REGISTRY/$image"
        root_image=${image%:*}
        echo $root_image
        docker pull $ASTRA_REGISTRY/$image
        docker tag $ASTRA_REGISTRY/$image $AZ_ACR_REGISTRYY/$image
        docker push $AZ_ACR_REGISTRY/$image
    done < astra-control-center-22.04.41.manifest
  10. Set up DNS zones.

Configure NetApp Cloud Manager

Using Cloud Manager, create a workspace, add a connector to Azure, create a working environment, and import the cluster.

Follow the Cloud Manager documentation to complete the following steps. See Getting started with Cloud Manager in Azure.

What you’ll need

Access to the Azure account with the required IAM permissions and roles

Steps
  1. Add your credentials to Cloud Manager.

  2. Add a connector for Azure. See Cloud Manager policies.

    1. Choose Azure as the Provider.

    2. Enter Azure credentials, including the application ID, client secret, and directory (tenant) ID.

  3. Ensure that the connector is running and switch to that connector.

    Switching connectors in Cloud Manager

  4. Create a working environment for your cloud environment.

    1. Location: "Microsoft Azure".

    2. Type: "Cloud Volumes ONTAP HA".

    Creating a working environment in Cloud Manager

  5. Import the OpenShift cluster. The cluster will connect to the working environment you just created.

    1. View the NetApp cluster details by selecting K8s > Cluster list > Cluster Details.

      Imported cluster in Cloud Manager

    2. In the upper right corner, note the Trident version.

    3. Note the Cloud Volumes ONTAP cluster storage classes showing NetApp as the provisioner.

    This imports your Red Hat OpenShift cluster and assigns a default storage class. You select the storage class.
    Trident is automatically installed as part of the import and discovery process.

  6. Note all the persistent volumes and volumes in this Cloud Volumes ONTAP deployment.

  7. Cloud Volumes ONTAP can operate as a single node or in High Availability. If HA is enabled, note the HA status and node deployment status running in Azure.

Install and configure Astra Control Center

Install Astra Control Center with the standard installation instructions.

Using Astra Control Center, add an Azure bucket. See Set up Astra Control Center and add buckets.