ONTAP tools for VMware vSphere requirements and configuration limits

11/03/2025 Contributors

Before deploying the ONTAP tools for VMware vSphere, you should be familiar with the space requirements for the deployment package and some basic host system requirements.

You can use ONTAP tools for VMware vSphere with VMware vCenter Server Virtual Appliance (vCSA). You should deploy ONTAP tools for VMware vSphere on a supported vSphere client that includes ESXi system.

System requirements

Installation package space requirements per node
- 15 GB for thin provisioned installations
- 348 GB for thick provisioned installations
Host system sizing requirements The table below shows the recommended memory for each deployment size. For high availability (HA) deployments, you need three times the appliance size listed.

Type of deployment	CPUs per node	Memory (GB) per node	Disk space (GB) thick provisioned per node
Small	9	18	350
Medium	13	26	350
Large NOTE: The large deployment is only for HA configuration.	17	34	350

When backup is enabled, each ONTAP tools cluster needs another 50 GB of space on the datastore where VMs are deployed. Therefore, non-HA requires 400 GB, and HA requires 1100 GB of space in total.

Minimum storage and application requirements

Storage, host, and applications	Version requirements
ONTAP	9.15.1, 9.16.0, 9.16.1, 9.17.0, and 9.17.1
ONTAP tools supported ESXi hosts	7.0.3 onwards
ONTAP tools supported vCenter Server	7.0U3 onwards
VASA Provider	3.0
OVA Application	10.5
ESXi host to deploy ONTAP tools virtual machine	7.0U3 and 8.0U3
vCenter Server to deploy ONTAP tools virtual machine	7.0 and 8.0

Storage, host, and applications

Version requirements

ONTAP

9.15.1, 9.16.0, 9.16.1, 9.17.0, and 9.17.1

ONTAP tools supported ESXi hosts

7.0.3 onwards

ONTAP tools supported vCenter Server

7.0U3 onwards

VASA Provider

3.0

OVA Application

10.5

ESXi host to deploy ONTAP tools virtual machine

7.0U3 and 8.0U3

vCenter Server to deploy ONTAP tools virtual machine

7.0 and 8.0

Beginning with ONTAP tools for VMware vSphere 10.4, the virtual machine hardware is changed from version 10 to 17.

The Interoperability Matrix Tool (IMT) contains the latest information about the supported versions of ONTAP, vCenter Server, ESXi hosts, and plug-in applications.

Interoperability Matrix Tool

Port requirements

The following table outlines the network ports that NetApp uses and their purposes. There are three different types of ports:

External ports: These ports are accessible from outside the Kubernetes cluster or node. They allow services to communicate with external networks or users, enabling integration with systems outside the cluster environment.
Inter-node ports: These ports enable communication between nodes within the Kubernetes cluster. They are needed for cluster tasks like sharing data and working together. For single-node deployments, inter-node ports are used only within the node and do not need external access. Inter-node ports can accept traffic from outside the cluster. Block inter-node ports from internet access with firewall rules.
Internal ports: These ports communicate within the Kubernetes cluster using ClusterIP addresses. They are not exposed externally and do not need to be added to firewall rules.

Ensure that all ONTAP tools nodes reside on the same subnet to maintain uninterrupted communication with each other.

Click to expand port requirements table

Service/Component name	Port	Protocol	Port Type	Description
ntv-gateway-svc (LB)	443, 8443	TCP	External	Pass through port for incoming communication for the VASA Provider service. VASA Provider self-signed certificate and custom CA certificate are hosted on this port.
SSH	22	TCP	External	Secure Shell for remote server login and command execution.
rke2 server	9345	TCP	Inter-node	RKE2 supervisor API (Restrict to trusted networks).
kube-apiserver	6443	TCP	Inter-node	Kubernetes API server port (Restrict to trusted networks).
rpcbind/portmapper	111	TCP/UDP	Inter-node	Used for RPC communication between services.
coredns (DNS)	53	TCP/UDP	Inter-node	Domain Name System (DNS) service for name resolution within the cluster.
NTP	123	UDP	Inter-node	Network Time Protocol (NTP) for time synchronization.
etcd	2379, 2380, 2381	TCP	Inter-node	Key-value store for cluster data.
kube-vip	2112	TCP	Inter-node	Kubernetes API server port.
kubelet	10248, 10250	TCP	Inter-node	Kubernetes component
kube-controller	10257	TCP	Inter-node	Kubernetes component
cloud-controller	10258	TCP	Inter-node	Kubernetes component
kube-scheduler	10259	TCP	Inter-node	Kubernetes component
kube-proxy	10249, 10256	TCP	Inter-node	Kubernetes component
calico-node	9091, 9099	TCP	Inter-node	Calico networking component.
containerd	10010	TCP	Inter-node	Container daemon service.
VXLAN (Flannel)	8472	UDP	Inter-node	Overlay network for pod communication.

Service/Component name

Port

Protocol

Port Type

Description

ntv-gateway-svc (LB)

443, 8443

TCP

External

Pass through port for incoming communication for the VASA Provider service. VASA Provider self-signed certificate and custom CA certificate are hosted on this port.

SSH

TCP

External

Secure Shell for remote server login and command execution.

rke2 server

9345

TCP

Inter-node

RKE2 supervisor API (Restrict to trusted networks).

kube-apiserver

6443

TCP

Inter-node

Kubernetes API server port (Restrict to trusted networks).

rpcbind/portmapper

111

TCP/UDP

Inter-node

Used for RPC communication between services.

coredns (DNS)

TCP/UDP

Inter-node

Domain Name System (DNS) service for name resolution within the cluster.

NTP

123

UDP

Inter-node

Network Time Protocol (NTP) for time synchronization.

etcd

2379, 2380, 2381

TCP

Inter-node

Key-value store for cluster data.

kube-vip

2112

TCP

Inter-node

Kubernetes API server port.

kubelet

10248, 10250

TCP

Inter-node

Kubernetes component

kube-controller

10257

TCP

Inter-node

Kubernetes component

cloud-controller

10258

TCP

Inter-node

Kubernetes component

kube-scheduler

10259

TCP

Inter-node

Kubernetes component

kube-proxy

10249, 10256

TCP

Inter-node

Kubernetes component

calico-node

9091, 9099

TCP

Inter-node

Calico networking component.

containerd

10010

TCP

Inter-node

Container daemon service.

VXLAN (Flannel)

8472

UDP

Inter-node

Overlay network for pod communication.

For HA deployments, ensure UDP port 8472 is open between all nodes. This port enables pod-to-pod communication across nodes; blocking it will interrupt inter-node networking.

Configuration limits to deploy ONTAP tools for VMware vSphere

You can use the following table as a guide to configure ONTAP tools for VMware vSphere.

Deployment

Type

Number of vVols

Number of hosts

Non-HA

Small (S)

~12K

Non-HA

Medium (M)

~24K

High-Availability

Small (S)

~24K

High-Availability

Medium (M)

~50k

128

High-Availability

Large (L)

~100k

256 [NOTE] The host counts in the table represent the combined total across all connected vCenters.

ONTAP tools for VMware vSphere - Storage Replication Adapter (SRA)

The following table shows the numbers supported per VMware Live Site Recovery instance using ONTAP tools for VMware vSphere.

vCenter Deployment size	Small	Medium
Total number of virtual machines configured for protection using array-based replication	2000	5000
Total number of array-based replication protection groups	250	250
Total number of protection groups per recovery plan	50	50
Number of replicated datastores	255	255
Number of VMs	4000	7000

The following table shows the number of VMware Live Site Recovery and the corresponding ONTAP tools for VMware vSphere deployment size.

Number of VMware Live Site Recovery instances

ONTAP tools deployment Size

Upto 4

Small

4 to 8

Medium

More than 8

Large

For more information, refer to Operational Limits of VMware Live Site Recovery.

ONTAP tools for VMware vSphere requirements and configuration limits

Creating your file...

System requirements

Minimum storage and application requirements

Port requirements

Configuration limits to deploy ONTAP tools for VMware vSphere

ONTAP tools for VMware vSphere - Storage Replication Adapter (SRA)