Skip to main content
NetApp Solutions

Getting Started with AWS public cloud

Contributors kevin-hoke

This section describes the process of deploying Cloud Manager and Cloud Volumes ONTAP in AWS.

AWS public cloud

Note To make things easier to follow, we have created this document based on a deployment in AWS. However, the process is very similar for Azure and GCP.

1. Pre-flight check

Before deployment, make sure that the infrastructure is in place to allow for the deployment in the next stage. This includes the following:

  • AWS account

  • VPC in your region of choice

  • Subnet with access to the public internet

  • Permissions to add IAM roles into your AWS account

  • A secret key and access key for your AWS user

2. Steps to deploy Cloud Manager and Cloud Volumes ONTAP in AWS

Note There are many methods for deploying Cloud Manager and Cloud Volumes ONTAP; this method is the simplest but requires the most permissions. If this method is not appropriate for your AWS environment, please consult the NetApp Cloud Documentation.

Deploy the Cloud Manager connector

  1. Navigate to NetApp Cloud Central and log in or sign up.

    Figure showing input/output dialog or representing written content

  2. After you log in, you should be taken to the Canvas.

    Figure showing input/output dialog or representing written content

  3. Click "Add Working Environment" and choose Cloud Volumes ONTAP in AWS. Here, you also choose whether you want to deploy a single node system or a high availability pair. I have chosen to deploy a high availability pair.

    Figure showing input/output dialog or representing written content

  4. If no connector has been created, a pop-up appears asking you to create a connector.

    Figure showing input/output dialog or representing written content

  5. Click Lets Start, and then choose AWS.

    Figure showing input/output dialog or representing written content

  6. Enter your secret key and access key. Make sure that your user has the correct permissions outlined on the NetApp policies page.

    Figure showing input/output dialog or representing written content

  7. Give the connector a name and either use a predefined role as described on the NetApp policies page or ask Cloud Manager to create the role for you.

    Figure showing input/output dialog or representing written content

  8. Give the networking information needed to deploy the connector. Verify that outbound internet access is enabled by:

    1. Giving the connector a public IP address

    2. Giving the connector a proxy to work through

    3. Giving the connector a route to the public internet through an Internet Gateway

      Figure showing input/output dialog or representing written content

  9. Provide communication with the connector via SSH, HTTP, and HTTPs by either providing a security group or creating a new security group. I have enabled access to the connector from my IP address only.

    Figure showing input/output dialog or representing written content

  10. Review the information on the summary page and click Add to deploy the connector.

    Figure showing input/output dialog or representing written content

  11. The connector now deploys using a cloud formation stack. You can monitor its progress from Cloud Manager or through AWS.

    Figure showing input/output dialog or representing written content

  12. When the deployment is complete, a success page appears.

    Figure showing input/output dialog or representing written content

Deploy Cloud Volumes ONTAP

  1. Select AWS and the type of deployment based on your requirements.

    Figure showing input/output dialog or representing written content

  2. If no subscription has been assigned and you wish to purchase with PAYGO, choose Edit Credentials.

    Figure showing input/output dialog or representing written content

  3. Choose Add Subscription.

    Figure showing input/output dialog or representing written content

  4. Choose the type of contract that you wish to subscribe to. I chose Pay-as-you-go.

    Figure showing input/output dialog or representing written content

  5. You are redirected to AWS; choose Continue to Subscribe.

    Figure showing input/output dialog or representing written content

  6. Subscribe and you are redirected back to NetApp Cloud Central. If you have already subscribed and don't get redirected, choose the "Click here" link.

    Figure showing input/output dialog or representing written content

  7. You are redirected to Cloud Central where you must name your subscription and assign it to your Cloud Central account.

    Figure showing input/output dialog or representing written content

  8. When successful, a check mark page appears. Navigate back to your Cloud Manager tab.

    Figure showing input/output dialog or representing written content

  9. The subscription now appears in Cloud Central. Click Apply to continue.

    Figure showing input/output dialog or representing written content

  10. Enter the working environment details such as:

    1. Cluster name

    2. Cluster password

    3. AWS tags (Optional)

      Figure showing input/output dialog or representing written content

  11. Choose which additional services you would like to deploy. To discover more about these services, visit the NetApp Cloud Homepage.

    Figure showing input/output dialog or representing written content

  12. Choose whether to deploy in multiple availability zones (reguires three subnets, each in a different AZ), or a single availability zone. I chose multiple AZs.

    Figure showing input/output dialog or representing written content

  13. Choose the region, VPC, and security group for the cluster to be deployed into. In this section, you also assign the availability zones per node (and mediator) as well as the subnets that they occupy.

    Figure showing input/output dialog or representing written content

  14. Choose the connection methods for the nodes as well as the mediator.

    Figure showing input/output dialog or representing written content

Tip The mediator requires communication with the AWS APIs. A public IP address is not required so long as the APIs are reachable after the mediator EC2 instance has been deployed.
  1. Floating IP addresses are used to allow access to the various IP addresses that Cloud Volumes ONTAP uses, including cluster management and data serving IPs. These must be addresses that are not already routable within your network and are added to route tables in your AWS environment. These are required to enable consistent IP addresses for an HA pair during failover. More information about floating IP addresses can be found in the NetApp Cloud Documenation.

    Figure showing input/output dialog or representing written content

  2. Select which route tables the floating IP addresses are added to. These route tables are used by clients to communicate with Cloud Volumes ONTAP.

    Figure showing input/output dialog or representing written content

  3. Choose whether to enable AWS managed encryption or AWS KMS to encrypt the ONTAP root, boot, and data disks.

    Figure showing input/output dialog or representing written content

  4. Choose your licensing model. If you don't know which to choose, contact your NetApp representative.

    Figure showing input/output dialog or representing written content

  5. Select which configuration best suits your use case. This is related to the sizing considerations covered in the prerequisites page.

    Figure showing input/output dialog or representing written content

  6. Optionally, create a volume. This is not required, because the next steps use SnapMirror, which creates the volumes for us.

    Figure showing input/output dialog or representing written content

  7. Review the selections made and tick the boxes to verify that you understand that Cloud Manager deploys resources into your AWS environment. When ready, click Go.

    Figure showing input/output dialog or representing written content

  8. Cloud Volumes ONTAP now starts its deployment process. Cloud Manager uses AWS APIs and cloud formation stacks to deploy Cloud Volumes ONTAP. It then configures the system to your specifications, giving you a ready-to-go system that can be instantly utilized. The timing for this process varies depending on the selections made.

    Figure showing input/output dialog or representing written content

  9. You can monitor the progress by navigating to the Timeline.

    Figure showing input/output dialog or representing written content

  10. The Timeline acts as an audit of all actions performed in Cloud Manager. You can view all of the API calls that are made by Cloud Manager during setup to both AWS as well as the ONTAP cluster. This can also be effectively used to troubleshoot any issues that you face.

    Figure showing input/output dialog or representing written content

  11. After deployment is complete, the CVO cluster appears on the Canvas, which the current capacity. The ONTAP cluster in its current state is fully configured to allow a true, out-of-the-box experience.

    Figure showing input/output dialog or representing written content

Configure SnapMirror from on-premises to cloud

Now that you have a source ONTAP system and a destination ONTAP system deployed, you can replicate volumes containing database data into the cloud.

For a guide on compatible ONTAP versions for SnapMirror, see the SnapMirror Compatibility Matrix.

  1. Click the source ONTAP system (on-premises) and either drag and drop it to the destination, select Replication > Enable, or select Replication > Menu > Replicate.

    Figure showing input/output dialog or representing written content

    Select Enable.

    Figure showing input/output dialog or representing written content

    Or Options.

    Figure showing input/output dialog or representing written content

    Replicate.

    Figure showing input/output dialog or representing written content

  2. If you did not drag and drop, choose the destination cluster to replicate to.

    Figure showing input/output dialog or representing written content

  3. Choose the volume that you'd like to replicate. We replicated the data and all log volumes.

    Figure showing input/output dialog or representing written content

  4. Choose the destination disk type and tiering policy. For disaster recovery, we recommend an SSD as the disk type and to maintain data tiering. Data tiering tiers the mirrored data into low-cost object storage and saves you money on local disks. When you break the relationship or clone the volume, the data uses the fast, local storage.

    Figure showing input/output dialog or representing written content

  5. Select the destination volume name: we chose [source_volume_name]_dr.

    Figure showing input/output dialog or representing written content

  6. Select the maximum transfer rate for the replication. This enables you to save bandwidth if you have a low bandwidth connection to the cloud such as a VPN.

    Figure showing input/output dialog or representing written content

  7. Define the replication policy. We chose a Mirror, which takes the most recent dataset and replicates that into the destination volume. You could also choose a different policy based on your requirements.

    Figure showing input/output dialog or representing written content

  8. Choose the schedule for triggering replication. NetApp recommends setting a "daily" schedule of for the data volume and an "hourly" schedule for the log volumes, although this can be changed based on requirements.

    Figure showing input/output dialog or representing written content

  9. Review the information entered, click Go to trigger the cluster peer and SVM peer (if this is your first time replicating between the two clusters), and then implement and initialize the SnapMirror relationship.

    Figure showing input/output dialog or representing written content

  10. Continue this process for data volumes and log volumes.

  11. To check all of your relationships, navigate to the Replication tab inside Cloud Manager. Here you can manage your relationships and check on their status.

    Figure showing input/output dialog or representing written content

  12. After all the volumes have been replicated, you are in a steady state and ready to move on to the disaster recovery and dev/test workflows.

3. Deploy EC2 compute instance for database workload

AWS has preconfigured EC2 compute instances for various workloads. The choice of instance type determines the number of CPU cores, memory capacity, storage type and capacity, and network performance. For the use cases, with the exception of the OS partition, the main storage to run database workload is allocated from CVO or the FSx ONTAP storage engine. Therefore, the main factors to consider are the choice of CPU cores, memory, and network performance level. Typical AWS EC2 instance types can be found here: EC2 Instance Type.

Sizing the compute instance

  1. Select the right instance type based on the required workload. Factors to consider include the number of business transactions to be supported, the number of concurrent users, data set sizing, and so on.

  2. EC2 instance deployment can be launched through the EC2 Dashboard. The exact deployment procedures are beyond the scope of this solution. See Amazon EC2 for details.

Linux instance configuration for Oracle workload

This section contain additional configuration steps after an EC2 Linux instance is deployed.

  1. Add an Oracle standby instance to the DNS server for name resolution within the SnapCenter management domain.

  2. Add a Linux management user ID as the SnapCenter OS credentials with sudo permissions without a password. Enable the ID with SSH password authentication on the EC2 instance. (By default, SSH password authentication and passwordless sudo is turned off on EC2 instances.)

  3. Configure Oracle installation to match with on-premises Oracle installation such as OS patches, Oracle versions and patches, and so on.

  4. NetApp Ansible DB automation roles can be leveraged to configure EC2 instances for database dev/test and disaster recovery use cases. The automation code can be download from the NetApp public GitHub site: Oracle 19c Automated Deployment. The goal is to install and configure a database software stack on an EC2 instance to match on-premises OS and database configurations.

Windows instance configuration for SQL Server workload

This section lists additional configuration steps after an EC2 Windows instance is initially deployed.

  1. Retrieve the Windows administrator password to log in to an instance via RDP.

  2. Disable the Windows firewall, join the host to Windows SnapCenter domain, and add the instance to the DNS server for name resolution.

  3. Provision a SnapCenter log volume to store SQL Server log files.

  4. Configure iSCSI on the Windows host to mount the volume and format the disk drive.

  5. Again, many of the previous tasks can be automated with the NetApp automation solution for SQL Server. Check the NetApp automation public GitHub site for newly published roles and solutions: NetApp Automation.