Tiering data from on-premises ONTAP clusters to Azure Blob storage
Contributors Download PDF of this page
Free space on your on-prem ONTAP clusters by tiering inactive data to Azure Blob storage.
Get started quickly by following these steps, or scroll down to the remaining sections for full details.
Prepare to tier data to Azure Blob storage
You need the following:
An AFF, or FAS system with all-SSD aggregates, that’s running ONTAP 9.4 or later and has an HTTPS connection to Azure Blob storage. Learn how to discover a cluster.
A Connector installed in an Azure VNet or on your premises.
Networking for a Connector that enables an outbound HTTPS connection to the ONTAP cluster in your data center, to Azure storage, and to the Cloud Tiering service.
Set up tiering
In Cloud Manager, select an on-prem working environment, click Enable for the Tiering service, and follow the prompts to tier data to Azure Blob storage.
Set up licensing
After your free trial ends, pay for Cloud Tiering through a pay-as-you-go subscription, an ONTAP Cloud Tiering BYOL license, or a combination of both:
To subscribe from the Azure Marketplace, go to the Cloud Manager Marketplace offering, click Subscribe, and then follow the prompts.
To pay using a Cloud Tiering BYOL license, contact us if you need to purchase one, and then add it to your account from the Cloud Manager Digital Wallet.
Verify support for your ONTAP cluster, set up your networking, and prepare your object storage.
The following image shows each component and the connections that you need to prepare between them:
|Communication between the Connector and Blob storage is for object storage setup only. The Connector can reside on your premises, instead of in the cloud.|
Preparing your ONTAP clusters
Your ONTAP clusters must meet the following requirements when tiering data to Azure Blob storage.
- Supported ONTAP platforms
Cloud Tiering supports AFF systems and FAS systems with all-SSD aggregates.
- Supported ONTAP version
ONTAP 9.4 or later
- Cluster networking requirements
The ONTAP cluster initiates an HTTPS connection over port 443 to Azure Blob storage.
ONTAP reads and writes data to and from object storage. The object storage never initiates, it just responds.
Although ExpressRoute provides better performance and lower data transfer charges, it’s not required between the ONTAP cluster and Azure Blob storage. But doing so is the recommended best practice.
An inbound connection is required from the Connector, which can reside in an Azure VNet or on your premises.
A connection between the cluster and the Cloud Tiering service is not required.
An intercluster LIF is required on each ONTAP node that hosts the volumes you want to tier. The LIF must be associated with the IPspace that ONTAP should use to connect to object storage.
- Supported volumes and aggregates
The total number of volumes that Cloud Tiering can tier might be less than the number of volumes on your ONTAP system. That’s because volumes can’t be tiered from some aggregates. Refer to ONTAP documentation for functionality or features not supported by FabricPool.
|Cloud Tiering supports FlexGroup volumes, starting with ONTAP 9.5. Setup works the same as any other volume.|
Discovering an ONTAP cluster
You need to create an on-prem ONTAP working environment in Cloud Manager before you can start tiering cold data.
Creating or switching Connectors
A Connector is required to tier data to the cloud. When tiering data to Azure Blob storage, you can use a Connector that’s in an Azure VNet or on your premises. You’ll either need to create a new Connector or make sure that the currently selected Connector resides in Azure or on-prem.
Verify that you have the necessary Connector permissions
If you created the Connector using Cloud Manager version 3.9.7 or greater, then you’re all set.
If you created the Connector using an earlier version of Cloud Manager, then you’ll need to edit the permission list to add 2 required permissions:
Preparing networking for the Connector
Ensure that the Connector has the required networking connections. A Connector can be installed on-prem or in Azure.
Ensure that the network where the Connector is installed enables the following connections:
An outbound internet connection to the Cloud Tiering service over port 443 (HTTPS)
An HTTPS connection over port 443 to Azure Blob storage
An HTTPS connection over port 443 to your ONTAP clusters
If needed, enable a VNet service endpoint to Azure storage.
A VNet service endpoint to Azure storage is recommended if you have an ExpressRoute or VPN connection from your ONTAP cluster to the VNet and you want communication between the Connector and Blob storage to stay in your virtual private network.
Preparing Azure Blob storage
When you set up tiering, you need to identify the resource group you want to use, and the storage account and Azure container that belong to the resource group. A storage account enables Cloud Tiering to authenticate and access the Blob container used for data tiering.
Cloud Tiering supports only the General Purpose v2 and Premium Block Blob types of storage accounts.
|If you are planning to configure Cloud Tiering to use a lower cost access tier where your tiered data will transition to after a certain number of days, you must not select any life cycle rules when setting up the container in your Azure account. Cloud Tiering manages the life cycle transitions.|
Tiering inactive data from your first cluster to Azure Blob storage
After you prepare your Azure environment, start tiering inactive data from your first cluster.
Select an on-prem cluster.
Click Enable for the Tiering service.
Choose your provider: This page appears only when using an on-prem Connector. Select Microsoft Azure and click Continue.
Complete the steps on the Tiering Setup page:
Resource Group: Select a resource group where an existing container is managed, or where you would like to create a new container for tiered data, and click Continue.
Azure Container: Add a new Blob container to a storage account, or select an existing container, and click Continue.
When using an on-prem Connector, you must enter the Azure Subscription that provides access to the existing container or new container that will be created.
The storage account and containers that appear in this step belong to the resource group that you selected in the previous step.
Access Tier Life Cycle: Cloud Tiering manages the life cycle transitions of your tiered data. Data starts in the Hot class, but you can create a rule to move the data to the Cool class after a certain number of days.
Select the access tier that you want to transition the tiered data to and the number of days before the data will be moved, and click Continue. For example, the screenshot below shows that tiered data is moved from the Hot class to the Cool class after 45 days in object storage.
If you choose Keep data in this access tier, then the data remains in the Hot access tier and no rules are applied. See supported access tiers.
Note that the life cycle rule is applied to all blob containers in the selected storage account.
Verify that you have the necessary Connector permissions for the life cycle management feature.
Cluster Network: Select the IPspace that ONTAP should use to connect to object storage, and click Continue.
Selecting the correct IPspace ensures that Cloud Tiering can set up a connection from ONTAP to your cloud provider’s object storage.
On the Tier Volumes page, select the volumes that you want to configure tiering for and launch the Tiering Policy page:
To select all volumes, check the box in the title row () and click Configure volumes.
To select multiple volumes, check the box for each volume () and click Configure volumes.
To select a single volume, click the row (or icon) for the volume.
In the Tiering Policy dialog, select a tiering policy, optionally adjust the cooling days for the selected volumes, and click Apply.
You’ve successfully set up data tiering from volumes on the cluster to Azure Blob object storage.
You can also add additional clusters or review information about the active and inactive data on the cluster. For details, see Managing data tiering from your clusters.