Astra Control Center requirements

Contributors netapp-mwallis netapp-dbagwell Download PDF of this page

Get started by verifying support for your Kubernetes clusters, apps, licenses, and web browser.

Kubernetes cluster general requirements

A Kubernetes cluster must meet the following general requirements so you can discover and manage it from Astra Control Center.

  • Image registry: You must have an existing private Docker image registry to which you can push Astra Control Center build images. You must have the URL of the image registry where you will upload the images, and you must have tagged the images for the private container registry.

  • Trident / ONTAP storage configuration: Astra Control Center requires that Trident version 21.01 or 21.04 already be installed and configured to work with NetApp ONTAP version 9.5 or newer as the storage backend. Astra Control Center requires that a storage class be created and set as the default storage class. Astra Control Center supports the following ONTAP drivers provided by Trident:

    • ontap-nas

    • ontap-nas-flexgroup

    • ontap-san

    • ontap-san-economy

If you are planning to manage the Kubernetes cluster from Astra Control Center as well as use the cluster to host the Astra Control Center installation, the cluster has the following additional requirements:

OpenShift clusters

Astra Control Center requires a Red Hat OpenShift Container Platform 4.6.8 or 4.7 cluster that has Trident storage classes backed by ONTAP 9.5 or newer, with the following attributes:

  • At least 300GB of available ONTAP storage capacity

  • 3 controller nodes with 4 CPU cores, 16GB RAM, and 120GB of available storage each

  • 3 worker nodes with at least 8 CPU cores, 16GB RAM, and 50GB of available storage each

  • A load balancer which exposes a reachable IP address

  • A method for pointing the FQDN of Astra Control Center to the load balanced IP address

  • Kubernetes version 1.19 or 1.20

Make sure that your cluster meets the minimum requirements and that you follow Kubernetes best practices so that Astra Control Center is highly available in your Kubernetes cluster.

Note OpenShift 4.8 is not supported.

During app cloning, Astra Control Center needs to allow OpenShift to mount volumes and change the ownership of files. Because of this, ONTAP needs to be configured to allow volume operations to complete successfully using the following commands:

  1. export-policy rule modify -vserver svm0 -policyname default -ruleindex 1 -superuser sys

  2. export-policy rule modify -policyname default -ruleindex 1 -anon 65534

Note If you plan to add a second OpenShift 4.6 or 4.7 cluster as a managed compute resource, you need to ensure that the Trident Volume Snapshot feature is enabled. See the official Trident instructions to enable and test Volume Snapshots with Trident.

App management requirements

Astra Control Center has the following app management requirements:

  • Licensing: You need an Astra Control Center license to manage apps using Astra Control Center.

  • Helm 3: If you use Helm to deploy apps, Astra Control Center requires Helm version 3. Managing and cloning apps deployed with Helm 3 (or upgraded from Helm 2 to Helm 3) are fully supported. Apps deployed with Helm 2 are not supported.

  • Operator management: Astra Control Center does not support apps that are deployed with Operator Lifecycle Manager (OLM)-enabled operators or cluster-scoped operators.

Access to the internet

You should determine whether you have outside access to the internet. If you do not, some functionality might be limited, such as receiving monitoring and metrics data from NetApp Cloud Insights, or sending support bundles to the NetApp Support Site.


Astra Control Center requires an Astra Control Center license for full functionality. Obtain an evaluation license or full license from NetApp. Without a license, you will be unable to:

  • Define custom apps

  • Create snapshots or clones of existing apps

  • Configure data protection policies

If you want to try Astra Control Center, you can use a 90-day evaluation license.

Load balancing

Astra Control Center requires the Kubernetes cluster to have a load balancer installed and configured with an accessible external IP address. In the internal DNS server configuration, you should point the chosen DNS name for Astra Control Center to the load-balanced IP address.

Networking requirements

The cluster that hosts Astra Control Center communicates using the following TCP ports. You should ensure that these ports are allowed through any firewalls, and configure firewalls to allow any HTTPS egress traffic originating from the Astra network. Some ports require connectivity both ways between the cluster hosting Astra Control Center and each managed cluster (noted where applicable).

Product Port Protocol Direction Purpose

Astra Control Center




UI / API access - Ensure this port is open both ways between the cluster hosting Astra Control Center and each managed cluster

Astra Control Center



  • Ingress (to cluster hosting Astra Control Center)

  • Egress (random port from the node IP address of each worker node of each managed cluster)

Metrics data to metrics consumer - ensure each managed cluster can access this port on the cluster hosting Astra Control Center





Node pod communication





Metrics endpoint

Supported web browsers

Astra Control Center supports recent versions of Firefox, Safari, and Chrome with a minimum resolution of 1280 x 720.

What’s next

View the quick start overview.