NetApp ONTAP iSCSI configuration

To integrate NetApp ONTAP storage system with VMware Tanzu Kubernetes clusters for persistent volumes via iSCSI, the first step is to prepare the nodes by logging into each node and configuring the iSCSI utilities or packages to mount iSCSI volumes. To do so, follow the procedure laid out in this link.

Note NetApp does not recommend this procedure for NAT’ed deployments of VMware Tanzu Kubernetes clusters.
Note TKGI uses Bosh VMs as nodes for Tanzu Kubernetes clusters that run immutable configuration images, and any manual changes of iSCSI packages on Bosh VMs do not remain persistent across reboots. Therefore, NetApp recommends using NFS volumes for persistent storage for Tanzu Kubernetes clusters deployed and operated by TKGI.

After the cluster nodes are prepared for iSCSI volumes, you must create a backend that enables communication with the storage system. We configured a basic backend in this solution, but, if you are looking for more customized options, visit the documentation here.

Create an SVM in ONTAP

To create an SVM in ONTAP, complete the following steps:

  1. Log into ONTAP System Manager, navigate to Storage > Storage VMs, and click Add.

  2. Enter a name for the SVM, enable the iSCSI protocol, and then provide details for the data LIFs.

    iSCSI SVM Data LIFs
  3. Enter the details for the SVM administration account, and then click Save.

    iSCSI SVM administration
  4. To assign the aggregates to the SVM, navigate to Storage > Storage VMs, click the ellipsis next to the newly created SVM, and then click Edit. Check the Limit Volume Creation to Preferred Local Tiers checkbox, and attach the required aggregates to it.

    SVM aggregate allocation

Create backends and StorageClasses

  1. For NetApp ONTAP systems serving NFS, create a backend config file on the jumphost with the backendName, managementLIF, dataLIF, svm, username, password, and other details.

      "version": 1,
      "storageDriverName": "ontap-san",
      "backendName": "ontap-san+",
      "managementLIF": "",
      "dataLIF": "",
      "svm": "trident_svm_iscsi",
      "username": "admin",
      "password": "password"
  2. Create the Trident backend by running the following command.

    [netapp-user@rhel7 trident-installer]$ ./tridentctl -n trident create backend -f backend-ontap-san.json
    |          NAME          | STORAGE DRIVER |                 UUID                 | STATE  | VOLUMES |
    | ontap-san+ | ontap-san      | 6788533c-7fea-4a35-b797-fb9bb3322b91 | online |       0 |
  3. After you create a backend, you must next create a storage class. The following sample storage class definition highlights the required and basic fields. The parameter backendType should reflect the storage driver from the newly created Trident backend. Also note the name-field value, which must be referenced in a later step.

    kind: StorageClass
      name: ontap-iscsi
      backendType: "ontap-san"
    Note There is an optional field called fsType that is defined in this file. In iSCSI backends, this value can be set to a specific Linux filesystem type (XFS, ext4, and so on) or can be deleted to allow Tanzu Kubernetes clusters to decide what filesystem to use.
  4. Create the storage class by running the kubectl command.

    [netapp-user@rhel7 trident-installer]$ kubectl create -f storage-class-iscsi.yaml created
  5. With the storage class created, you must then create the first persistent volume claim (PVC). A sample PVC definition is given below. Make sure that the storageClassName field matches the name of the storage class just created. The PVC definition can be further customized as required depending upon the workload to be provisioned.

    kind: PersistentVolumeClaim
    apiVersion: v1
      name: basic
        - ReadWriteOnce
          storage: 1Gi
      storageClassName: ontap-iscsi
  6. Create the PVC by issuing the kubectl command. Creation can take some time depending on the size of the backing volume being created, so you can watch the process as it completes.

    [netapp-user@rhel7 trident-installer]$ kubectl create -f pvc-basic.yaml
    persistentvolumeclaim/basic created
    [netapp-user@rhel7 trident-installer]$ kubectl get pvc
    NAME    STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    basic   Bound    pvc-7ceac1ba-0189-43c7-8f98-094719f7956c   1Gi        RWO            ontap-iscsi      3s