Skip to main content

Set up Amazon S3 as the ONTAP FabricPool cloud tier

Contributors netapp-lenida johnlantz netapp-aaron-holt netapp-aherbin

If you are running ONTAP 9.2 or later, you can set up Amazon S3 as the cloud tier for FabricPool. If you are running ONTAP 9.5 or later, you can set up Amazon Commercial Cloud Services (C2S) for FabricPool.

Considerations for using Amazon S3 with FabricPool
  • A BlueXP tiering license is required when tiering to Amazon S3.

  • It is recommended that the LIF that ONTAP uses to connect with the Amazon S3 object server be on a 10 Gbps port.

  • On AFF and FAS systems and ONTAP Select, FabricPool supports the following Amazon S3 storage classes:

    • Amazon S3 Standard

    • Amazon S3 Standard - Infrequent Access (Standard - IA)

    • Amazon S3 One Zone - Infrequent Access (One Zone - IA)

    • Amazon S3 Intelligent-Tiering

    • Amazon Commercial Cloud Services

    • Beginning with ONTAP 9.11.1, Amazon S3 Glacier Instant Retrieval (FabricPool does not support Glacier Flexible Retrieval or Glacier Deep Archive)

    Contact your sales representative for information about storage classes not listed.

  • On Cloud Volumes ONTAP, FabricPool supports tiering from General Purpose SSD (gp2) and Throughput Optimized HDD (st1) volumes of Amazon Elastic Block Store (EBS).

Steps
  1. Specify the Amazon S3 configuration information by using the storage aggregate object-store config create command with the -provider-type AWS_S3 parameter.

    • You use the -auth-type CAP parameter to obtain credentials for C2S access.

      When you use the -auth-type CAP parameter, you must use the -cap-url parameter to specify the full URL to request temporary credentials for C2S access.

    • The storage aggregate object-store config create command fails if ONTAP cannot access Amazon S3 with the provided information.

    • You use the -access-key parameter to specify the access key for authorizing requests to the Amazon S3 object store.

    • You use the -secret-password parameter to specify the password (secret access key) for authenticating requests to the Amazon S3 object store.

    • If the Amazon S3 password is changed, you should update the corresponding password stored in ONTAP immediately.

      Doing so enables ONTAP to access the data in Amazon S3 without interruption.

      cluster1::> storage aggregate object-store config create
      -object-store-name my_aws_store -provider-type AWS_S3
      -server s3.amazonaws.com -container-name my-aws-bucket
      -access-key DXJRXHPXHYXA9X31X3JX
      cluster1::> storage aggregate object-store config create -object-store-name my_c2s_store -provider-type AWS_S3 -auth-type CAP -cap-url https://123.45.67.89/api/v1/credentials?agency=XYZ&mission=TESTACCT&role=S3FULLACCESS -server my-c2s-s3server-fqdn -container my-c2s-s3-bucket
  2. Display and verify the Amazon S3 configuration information by using the storage aggregate object-store config show command.

    The storage aggregate object-store config modify command enables you to modify the Amazon S3 configuration information for FabricPool.