Deploy the Console agent in private mode
Suggest changes
PDFs
Deploy the NetApp Console in private mode so that you can use it with no outbound connectivity. To get started, install a Console agent, set up the NetApp Console by accessing the user interface that's running on the Console agent, and then provide the cloud permissions that you previously set up.
Step 1: Install the Console agent
Download the product installer from the NetApp Support Site and then manually install the Console on your own Linux host.
To use the NetApp Console in the AWS Secret Cloud or the AWS Top Secret Cloud, then you should follow separate instructions to get started in those environments. Learn how to get started with Cloud Volumes ONTAP in the AWS Secret Cloud or Top Secret Cloud
-
Root privileges are required to install the Console agent.
-
Depending on your operating system, either Podman or Docker Engine is required before you install the Console agent.
-
Download the Console agent software from the NetApp Support Site
Be sure to download the offline installer for private networks without internet access.
-
Copy the installer to the Linux host.
-
Assign permissions to run the script.
chmod +x /path/NetApp-Console-Private-Mode-<version>Where <version> is the version of the Console agent that you downloaded.
-
Run the installation script:
sudo /path/NetApp-Console-Private-Mode-<version>Where <version> is the version of the Console agent that you downloaded.
The Console agent is installed. You can now set up the NetApp Console.
Step 2: Set up NetApp Console
When you access the NetApp Console for the first time, you'll be prompted to set up NetApp Console.
-
Open a web browser and enter the IP address of the Linux host where you installed the Console agent.
-
Select Set Up New Console agent and follow the prompts to set up the system.
-
System Details: Enter a name for the Console agent and your company name.
-
Create an Admin User: Create the admin user for the system.
-
Review: Review the details, accept the license agreement, and then select Set Up.
-
-
Log in to NetApp Console using the admin user that you just created.
The Console agent is now installed. Access its IP address in a web browser to access the NetApp Console in private mode.
When new versions of the Console software are available, they'll be posted to the NetApp Support Site. Learn how to upgrade the Console agent.
Provide the Console agent with the cloud provider permissions that you previously set up.
Step 3: Provide permissions to Console agent
If you want to create Cloud Volumes ONTAP working environments, you'll need to provide the Console agent with the cloud provider permissions that you previously set up.
Attach the IAM role that you previously created to the Console agent EC2 instance.
-
Go to the Amazon EC2 console.
-
Select Instances.
-
Select the Console agent instance.
-
Select Actions > Security > Modify IAM role.
-
Select the IAM role and select Update IAM role.
Provide the Console agent with the AWS access key for an IAM user that has the required permissions.
-
Select Administration > Credentials.
-
Select Organization credentials.
-
Select Add Credentials and follow the steps in the wizard.
-
Credentials Location: Select *Amazon Web Services > Agent.
-
Define Credentials: Enter an AWS access key and secret key.
-
Marketplace Subscription: Associate a Marketplace subscription with these credentials by subscribing now or by selecting an existing subscription.
-
Review: Confirm the details about the new credentials and select Add.
-
Go to the Azure portal and assign the Azure custom role to the Console agent virtual machine for one or more subscriptions.
-
From the Azure Portal, open the Subscriptions service and select your subscription.
It's important to assign the role from the Subscriptions service because this specifies the scope of the role assignment at the subscription level. The scope defines the set of resources that the access applies to. If you specify a scope at a different level (for example, at the virtual machine level), your ability to complete actions from within the NetApp Console will be affected.
-
Select Access control (IAM) > Add > Add role assignment.
-
In the Role tab, select the Console Operator role and select Next.
Console Operator is the default name provided in the policy. If you chose a different name for the role, then select that name instead. -
In the Members tab, complete the following steps:
-
Assign access to a Managed identity.
-
Select Select members, select the subscription in which the Console agent virtual machine was created, under Managed identity, choose Virtual machine, and then select the Console agent virtual machine.
-
Select Select.
-
Select Next.
-
Select Review + assign.
-
If you want to manage resources in additional Azure subscriptions, switch to that subscription and then repeat these steps.
-
Provide the Console agent with the credentials for the Azure service principal that you previously setup.
-
Select Administration > Credentials.
-
Select Add Credentials and follow the steps in the wizard.
-
Credentials Location: Select Microsoft Azure > Agent.
-
Define Credentials: Enter information about the Microsoft Entra service principal that grants the required permissions:
-
Application (client) ID
-
Directory (tenant) ID
-
Client Secret
-
-
Marketplace Subscription: Associate a Marketplace subscription with these credentials by subscribing now or by selecting an existing subscription.
-
Review: Confirm the details about the new credentials and select Add.
-
Associate the service account with the Console agent VM.
-
Go to the Google Cloud portal and assign the service account to the Console agent VM instance.
-
If you want to manage resources in other projects, grant access by adding the service account with the Console agent role to that project. You'll need to repeat this step for each project.