Skip to main content
NetApp Solutions

Deployment Guide for VMFS

Contributors kevin-hoke

NetApp's storage solutions and offerings empower customers to fully capitalize on the advantages of a virtualized infrastructure. With NetApp solutions, customers can efficiently implement comprehensive data management software ensuring automation, efficiency, data protection and security capabilities to effectively meet demanding performance requirements. Combining ONTAP software with VMware vSphere allows to reduce host hardware and VMware licensing expenses, make sure data is protected at lower cost, and provide consistent high performance.

Introduction

Virtualized workloads are mobile. Therefore, administrators use VMware Storage vMotion to move VMs across VMware Virtual Machine File System (VMFS), NFS, or vVols datastores, all residing on the same storage system and thus explore different storage approaches if using an All-Flash System or use the latest ASA models with SAN innovation for higher cost efficiency.

The key message here is that migrating to ONTAP improves customer experience and application performance while offering the flexibility to migrate data and applications between FCP, iSCSI, NVMe/FC and NVMe/TCP. For enterprises deeply invested in VMware vSphere, using ONTAP storage is a cost-effective option given the current market conditions, one that presents a unique opportunity. Enterprises today face new imperatives that a modern SAN approach can address simply and quickly. Here are some of the ways existing and new NetApp customers are adding value with ONTAP.

  • Cost efficiency - Integrated storage efficiency allows ONTAP to significantly reduce storage costs. NetApp ASA systems can run all storage efficiency capabilities in production with no performance impact. NetApp makes it simple to plan for these efficiency benefits with the most effective guarantee available.

  • Data Protection - SnapCenter software using snapshots provides advanced VM and application-level data protection for various enterprise applications deployed in a VM configuration.

  • Security - Use Snapshot copies to protect against malware and ransomware. Enhance protection by making Snapshot copies immutable using Snapshot locking and NetApp SnapLock® software.

  • Cloud - ONTAP provides a wide range of hybrid cloud options that enable enterprises to combine public and private clouds, offering flexibility and reducing infrastructure management overhead. Supplemental datastore support based on ONTAP offerings allow for the use of VMware Cloud on Azure, AWS and Google for TCO optimized deployment, data protection, and business continuity while avoiding vendor lock-in.

  • Flexibility - ONTAP is well-equipped to meet the rapidly changing needs of modern organizations. With ONTAP One, all these capabilities come standard with an ONTAP system at no extra cost.

Rightsize and optimize

With impending licensing changes, organizations are proactively addressing the potential increase in Total Cost of Ownership (TCO). They are strategically optimizing their VMware infrastructure through aggressive resource management and right-sizing to enhance resource utilization and streamline capacity planning. Through the effective use of specialized tools, organizations can efficiently identify and reclaim wasted resources, subsequently reducing core counts and overall licensing expenses. It's important to highlight that many organizations are already integrating these practices into their cloud assessments, demonstrating how these processes and tools effectively mitigate cost concerns in on-premises environments and eliminate unnecessary migration expenses to alternative hypervisors.

TCO Estimator

NetApp has created a simple TCO estimator which would act as the stepping stone in starting this optimisation journey. The TCO estimator uses RVtools or manual input methods to easily project how many hosts are required for the given deployment and calculate the savings to optimize the deployment using NetApp ONTAP storage systems. Keep in mind, this is the stepping stone.

Note The TCO estimator is only accessible to NetApp field teams and partners. Work with NetApp account teams to assess your existing environment.

Here is a screenshot from the TCO estimator.

Figure showing input/output dialog or representing written content

Cloud Insights

Once the estimator shows the savings possible (which will be the case for any given organisation), then it’s time to dive deep into analysing the workload IO profiles across virtual machines using real-time metrics. For this, NetApp provides Cloud Insights. By providing detailed analysis and recommendations for VM reclamation, Cloud Insights can help businesses make informed decisions about optimizing their VM environment. It can identify where resources can be reclaimed or hosts decommissioned with minimal impact on production, helping businesses navigate the changes brought about by Broadcom's acquisition of VMware in a thoughtful, strategic manner. In other words, Cloud Insight help businesses take the emotion out of the decision. Instead of reacting to the changes with panic or frustration, they can use the insights provided by Cloud Insights tool to make rational, strategic decisions that balance cost optimization with operational efficiency and productivity.

Below are the screenshots from Cloud Insights.

Figure showing input/output dialog or representing written content

Figure showing input/output dialog or representing written content

Note Conduct regular assessments to pinpoint underutilized resources, increase virtual machine density, and utilization within VMware clusters to control rising costs associated with new subscription licenses. Consider reducing the number of cores per CPU to 16 for new server purchases to align with changes in VMware licensing models.

With NetApp, right-size your virtualized environments and introduce cost-effective flash storage performance along with simplified data management and ransomware solutions to ensure organisations are prepared for new subscription model while optimizing the IT resources that are currently in place.

NetApp ONTAP Tools for VMware vSphere

To further enhance and simplify VMware integration, NetApp offers several offtap tools that can be used with NetApp ONTAP and VMware vSphere to efficiently manage virtualized environments. This section will focus on the ONTAP tools for VMware. ONTAP tools for VMware vSphere 10 provide a comprehensive set of tools for virtual machine lifecycle management, simplifying storage management, enhancing efficiency features, improving availability, and reducing storage costs and operational overhead. These tools seamlessly integrate with the VMware ecosystem, facilitating datastore provisioning and offering basic protection for virtual machines. The 10.x release of ONTAP tools for VMware vSphere comprises horizontally scalable, event-driven microservices deployed as an Open Virtual Appliance (OVA), following best practices for provisioning datastores and optimizing ESXi host settings for both block and NFS storage environments. Considering these benefits, OTV is recommended as a best practice to use with systems running ONTAP software.

Getting Started

Before deploying and configuring ONTAP tools for VMware, ensure the pre-requisites are met. Once done, deploy a single node configuration.

Note Three IP addresses are required for deployment - one IP address for load balancer, one IP address for the Kubernetes control plane and one for the node.

Steps

  1. Log in to the vSphere server.

  2. Navigate to the cluster or the host where you want to deploy the OVA.

  3. Right-click the required location and select Deploy OVF template.

    1. Enter the URL for the .ova file or browse to the folder where the .ova file is saved, and then select Next.

  4. Select a name, folder, cluster / host for the virtual machine and select Next.

  5. In the Configuration window, select Easy deployment(S), Easy deployment(M), or Advanced deployment(S) or Advanced deployment(M) configuration.

    Note The easy deployment option is used in this walkthrough.

    Figure showing input/output dialog or representing written content

  6. Choose the datastore to deploy the OVA and the source and destination network. Once done, select Next.

  7. It’s time to customize template > system configuration window.

    Figure showing input/output dialog or representing written content

    Figure showing input/output dialog or representing written content

    Figure showing input/output dialog or representing written content

After successful installation, the web console shows the state of ONTAP tools for VMware vSphere.

Figure showing input/output dialog or representing written content

Figure showing input/output dialog or representing written content

Note The datastore creation wizard supports provisioning of VMFS, NFS and vVols datastores.

It’s time to provision ISCSI based VMFS datastores for this walkthrough.

  1. Log in to the vSphere client using https://<vcenterip>/ui

  2. Right-click a Host or a Host Cluster or a Datastore, and then select NetApp ONTAP tools > Create Datastore.

    Figure showing input/output dialog or representing written content

  3. In the Type pane, select VMFS in Datastore Type.

    Figure showing input/output dialog or representing written content

  4. In the Name and Protocol pane, enter the datastore name, size, and protocol information. In the Advanced options section of the pane, select the Datastore cluster if you want to add this datastore to.

    Figure showing input/output dialog or representing written content

  5. Select Platform and storage VM in the Storage pane. Provide the Custom initiator group name in the Advanced options section of the pane (optional). You can either choose an existing igroup for the datastore or create a new igroup with a custom name.

    Figure showing input/output dialog or representing written content

  6. From the storage attributes pane, select Aggregate from the drop-down menu. Select Space Reserve, volume option, and Enable QoS options as required from the Advanced options section.

    Figure showing input/output dialog or representing written content

  7. Review the datastore details in the Summary pane and click Finish. The VMFS datastore is created and mounted on all the hosts.

    Figure showing input/output dialog or representing written content

Refer to these links for vVol, FC, NVMe/TCP datastore provisioning.

VAAI Offloading

VAAI primitives are used in routine vSphere operations such as creating, cloning, migrating, starting, and stopping VMs. These operations can be executed through the vSphere client for simplicity or from the command line for scripting or to get more accurate timing. VAAI for SAN is natively supported by ESX. VAAI is always enabled on supported NetApp storage systems and provides native support for the following VAAI operations on SAN storage:

  • Copy offload

  • Atomic Test & Set (ATS) locking

  • Write Same

  • Out-of-space condition handling

  • Space reclamation

Figure showing input/output dialog or representing written content

Note Ensure that HardwareAcceleratedMove is enabled via the ESX advanced configuration options.
Note Ensure that the LUN has "space-allocation" enabled. If not enabled, enable the option and rescan all HBAs.

Figure showing input/output dialog or representing written content

Note These values are easily set using ONTAP tools for VMware vSphere. From the Overview dashboard, go to ESXi Host compliance card and Select Apply Recommended Settings option. In the Apply recommended host settings window, select the hosts and click Next to apply NetApp recommended host settings.

Figure showing input/output dialog or representing written content

Data Protection

Efficiently backing up VMs on VMFS datastore and rapidly recovering them are amongst the key advantages of ONTAP for vSphere. By integrating with vCenter, NetApp SnapCenter® software offers a wide range of backup and recovery features for VMs. It provides fast, space-efficient, crash-consistent, and VM-consistent backup and restore operations for VMs, Datastores, and VMDKs. It also works with SnapCenter Server to support application-based backup and restore operations in VMware environments using SnapCenter application-specific plug-ins. Leveraging Snapshot copies allows to make quick copies of the VM or datastore without any impact on performance and use NetApp SnapMirror® or NetApp SnapVault® technology for long-term, off-site data protection.

Figure showing input/output dialog or representing written content

The workflow is simple. Add primary storage systems and SVMs (and Secondary if SnapMirror/SnapVault is required).

High level steps for deployment and configuration:

  1. Download SnapCenter for VMware Plug-in OVA

  2. Log in with the vSphere Client credentials

  3. Deploy OVF Template to start the VMware deploy wizard and complete the installation

  4. To access the plug-in, select SnapCenter Plug-in for VMware vSphere from the Menu

  5. Add Storage

  6. Create backup policies

  7. Create resource groups

  8. Backup resource groups

  9. Restore Entire virtual machine or particular virtual disk

Setting up SnapCenter Plug-in for VMware for VMs

To protect VMs and iSCSI datastores hosting them, SnapCenter Plug-in for VMware must be deployed. It's a simple OVF import.

The steps to deploy is as follows:

  1. Download the Open Virtual Appliance (OVA) from NetApp Support Site.

  2. Log in to the vCenter.

  3. Within vCenter, right-click any inventory object such as a data center, folder, cluster, or host and select Deploy OVF template.

  4. Select the right settings including storage, network and customise the template to update the vCenter and its credentials. Once reviewed, click Finish.

  5. Wait for the OVF import and deployment tasks to complete.

  6. Once SnapCenter Plug-in for VMware is successfully deployed, it will be registered within vCenter. The same can be verified by accessing Administration > Client Plugins

    Figure showing input/output dialog or representing written content

  7. To access the plug-in, navigation to the left sidecar of the vCenter web client page, select SnapCenter Plug-in for VMware.

    Figure showing input/output dialog or representing written content

Add storage, create policy and resource group

Adding storage system

Next step is to add the storage system. Cluster management endpoint or Storage virtual machine (SVM) administration endpoint IP should be added as a storage system to backup or restore VMs. Adding storage enables SnapCenter Plug-in for VMware to recognize and manage backup and restore operations in vCenter.

The process is straight forward.

  1. From the left navigation, select SnapCenter Plug-in for VMware.

  2. Select Storage Systems.

  3. Select Add to add the “storage” details.

  4. Use Credentials as the Authentication method and enter the username & its password and then click Add to save the settings.

    Figure showing input/output dialog or representing written content

    Figure showing input/output dialog or representing written content

Create backup policy

A comprehensive backup strategy includes factors like when, what to back up and how long to keep backups. Snapshots can be trigged on an hourly or daily basis to back up entire datastores. This approach not only captures the datastores but also enables to back up and restore the VMs and VMDKs within those data stores.

Before backing up the VMs and datastores, a backup policy and resource group must be created. A backup policy includes settings such as the schedule and retention policy. Follow the below steps to create a backup policy.

  1. In the left Navigator pane of SnapCenter Plug-in for VMware, click Policies.

  2. On the Policies page, click Create to start the wizard.

    Figure showing input/output dialog or representing written content

  3. On the New Backup Policy page, enter the policy name.

  4. Specify the retention, frequency settings and replication.

    Note To replicate Snapshot copies to a mirror or vault secondary storage system, the relationships must be configured beforehand.
    Note To enable VM-consistent backups, VMware tools must be installed and running. When VM consistency box is checked, the VMs are first quiesced, then VMware performs a VM consistent snapshot (excluding memory), and then SnapCenter Plug-in for VMware performs its backup operation, and then VM operations are resumed.

    Figure showing input/output dialog or representing written content

    Once the policy is created, next step is to create the resource group which will define the appropriate iSCSI datastores and VMs that should be backed up. After resource group is created, it’s time for triggering backups.

Create Resource group

A resource group is the container for VMs and datastores that needs to be protected. The resources can be added or removed to resource groups at anytime.

Follow the below steps to create a resource group.

  1. In the left Navigator pane of SnapCenter Plug-in for VMware, click Resource Groups.

  2. On the Resource Groups page, click Create to start the wizard.

    Another option to create resource group is by selecting the individual VM or datastore and creating a resource group respectively.

    Figure showing input/output dialog or representing written content

  3. On the Resources page, select the scope (virtual machines or datastores) and the datacenter.

    Figure showing input/output dialog or representing written content

  4. On the Spanning disks page, select an option for Virtual Machines with multiple VMDKs across multiple datastores

  5. Next step is to associate a backup policy. Select an existing policy or create a new backup policy.

  6. On the Schedules page, configure the backup schedule for each selected policy.

    Figure showing input/output dialog or representing written content

  7. Once the appropriate selections are made, click Finish.

    This will create new resource group and add to the resource group list.

    Figure showing input/output dialog or representing written content

Back up resource groups

Now it’s time to trigger a backup. The backup operations are performed on all the resources defined in a resource group. If a resource group has a policy attached and a schedule configured, backups occur automatically according to the schedule.

  1. In the left navigation of the vCenter web client page, select SnapCenter Plug-in for VMware > Resource Groups, then select the designated resource group. Select Run Now to start the ad-hoc backup.

    Figure showing input/output dialog or representing written content

  2. If the resource group has multiple policies configured, select the policy for the backup operation in the Backup Now dialog box.

  3. Select OK to initiate the backup.

    Figure showing input/output dialog or representing written content

    Monitor the operation progress by selecting Recent Tasks at the bottom of the window or on the dashboard Job Monitor for more details.

Restore VMs from backup

SnapCenter Plug-in for VMware enables to restore virtual machines (VMs) to the vCenter. While restoring a VM, it can be restored to the original datastore mounted on the original ESXi host which will overwrite the existing content with the backup copy that is selected or a deleted/renamed VM can be restored from a backup copy (operation overwrites the data in the original virtual disks). To perform restore, follow the below steps:

  1. In the VMware vSphere web client GUI, select Menu in the toolbar. Select Inventory and then Virtual Machines and Templates.

  2. In the left navigation, Select the Virtual Machine, then select Configure tab, Select Backups under SnapCenter Plug-in for VMware. Click on the backup job from which the VM needs to be restored.

    Figure showing input/output dialog or representing written content

  3. Select the VM that needs to be restored from the backup.

    Figure showing input/output dialog or representing written content

  4. On the Select Scope page, select Entire Virtual Machine in the Restore scope field, then select Restore location, and then enter the destination ESXi information where the backup should be mounted. Enable Restart VM checkbox if the VM needs to be powered on after the restore operation.

    Figure showing input/output dialog or representing written content

  5. On the Select Location page, select the location for the primary location.

    Figure showing input/output dialog or representing written content

  6. Review the Summary page and then select Finish.

    Figure showing input/output dialog or representing written content

    Monitor the operation progress by selecting Recent Tasks at the bottom of the screen.

Note Although the VMs are restored, they're not automatically added to their former resource groups. Therefore, add the restored VMs to the appropriate resource groups manually if protection of those VMs is required.

Now what if the original VM was deleted. It’s a simple task with SnapCenter Plug-in for VMware. The restore operation for a deleted VM can be performed from the datastore level. Go to respective Datastore > Configure > Backups and select the deleted VM and select Restore.

Figure showing input/output dialog or representing written content

To summarize, when using ONTAP ASA storage to optimise TCO for a VMware deployment, use SnapCenter Plug-in for VMware as a simple and efficient method for backing up VMs. It enables to back up and restore VMs in a seamless and fast manner as snapshot backups take literally seconds to complete.

Refer to this solution guide and product documentation to learn about Snapcenter configuration, backup, restore from primary or secondary storage system or even from backups stored on object storage for long term retention.

To reduce storage costs, FabricPool volume tiering can be enabled to automatically move data for snapshot copies to a lower-cost storage tier. Snapshot copies typically use over 10% of allocated storage. While important for data protection and disaster recovery, these point-in-time copies are seldom used and are not an efficient use of high-performance storage. With the "Snapshot-Only" policy for FabricPool, you can easily free up space on high-performance storage. When this policy is enabled, inactive snapshot copy blocks in the volume that are not being used by the active file system are moved to the object tier and once read, the Snapshot copy is moved to the local tier to recover a VM or entire datastore. This object tier can be in the form of a private cloud (such as NetApp StorageGRID) or a public cloud (such as AWS or Azure).

Figure showing input/output dialog or representing written content

View detailed guidance for VMware vSphere with ONTAP.

Ransomware Protection

One of the most effective ways for ransomware attack protection is by implementing multi-layered security measures. Each virtual machine residing on a datastore hosts a standard operating system. Ensure enterprise server anti-malware product suites are installed and regularly updated on them which is an essential component of multi-layered ransomware protection strategy. Along with this, implement data protection leveraging NetApp snapshot technology to ensure rapid and reliable recovery from a ransomware attack.

Ransomware attacks are increasingly targeting backups and snapshot recovery points by trying to delete them before starting to encrypt files. However, with ONTAP this can be prevented by creating tamperproof snapshots on primary or secondary systems with NetApp Snapshot™ copy locking in ONTAP. These Snapshot copies can’t be deleted or changed by ransomware attackers or rogue administrators, so they’re available even after an attack. You can recover virtual machine data in seconds, minimizing organization’s downtime. Plus, you have the flexibility to choose the Snapshot schedule and lock duration that are right for your organization.

Figure showing input/output dialog or representing written content

As part of adding multiple layered approach, there is also a native built-in ONTAP solution for protecting unauthorized deletion of backup Snapshot copies. It is known as multiadmin verification or MAV which is available in ONTAP 9.11.1 and later. The ideal approach will be to use queries for MAV specific operations.

To learn more about MAV and how to configure its protection capabilities see the Multi-admin verification overview.

Migration

Many IT organizations are adopting a hybrid cloud-first approach as they undergo a transformation phase. Customers are assessing their current IT infrastructure and moving their workloads to the cloud based on this assessment and discovery. The reasons for migrating to the cloud vary and can include factors such as elasticity and burst, data center exit, data center consolidation, end-of-life scenarios, mergers, acquisitions, and more. Each organization's migration reasoning depends on their specific business priorities with cost optimization being the highest priority. Selecting the right cloud storage is crucial when moving to the hybrid cloud, as it unleashes the power of cloud deployment and elasticity.

By integrating with 1P services powered by NetApp on each hyperscalar, organizations can realize a vSphere-based cloud solution with a simple migration approach, with no re-platforming, no IP changes, and no architectural changes. Additionally, this optimization enables you to scale the storage footprint while keeping the host count to least amount required in vSphere, but no change to the storage hierarchy, security, or files made available.

Disaster Recovery

Disaster Recovery between on-premises sites

For more details, please visit DR using BlueXP DRaaS for VMFS Datastores

Disaster Recovery between on-premises and VMware Cloud in any hyperscalar

For those customers looking to use VMware Cloud on any hyperscalar as the disaster recovery target, ONTAP storage powered datastores (Azure NetApp Files, FSx ONTAP, Google Cloud NetApp volumes) can be used to replicate data from on-premises using any validated third-party solution that provides VM replication capability. By adding ONTAP storage powered datastores, it will enable cost optimised disaster recovery on the destination with fewer amount of ESXi hosts. This also enables to decommission secondary site in the on-premises environment thus enabling significant cost savings.

Conclusion

This solution demonstrates the optimal approach to using the ONTAP SAN technologies and Offtap tools to provide essential IT services for businesses both now and in the future. These advantages are particularly beneficial for virtualized environments running VMware vSphere in a SAN setup. With the flexibility and scalability of the NetApp storage systems, organizations can establish a foundation for updating and adjusting their infrastructure, allowing them to meet changing business needs over time. This system can handle current workloads and enhance infrastructure efficiency, thereby reducing operational costs and preparing for future workloads.