Release notes
Create an SVM for ONTAP S3
Suggest changes
-
PDF of this doc site
-
Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
-
Manage file access using SMB
-
-
-
Security and data encryption
-
Data protection and disaster recovery
-
Collection of separate PDF docs
Creating your file...
Although S3 can coexist with other protocols in an SVM, you might want to create a new SVM to isolate the namespace and workload.
If you are only providing S3 object storage from an SVM, the S3 server does not require any DNS configuration. However, you might want to configure DNS on the SVM if other protocols are used.
When you configure S3 access to a new storage VM using System Manager, you are prompted to enter certificate and networking information, and the storage VM and S3 object storage server are created in a single operation.
You should be prepared to enter the S3 server name as a Fully Qualified Domain Name (FQDN), which clients will use for S3 access. The S3 server FQDN must not begin with a bucket name.
You should be prepared to enter IP addresses for interface role Data.
If you are using an external-CA signed certificate, you will be prompted to enter it during this procedure; you also have the option to use a system-generated certificate.
-
Enable S3 on a storage VM.
-
Add a new storage VM: Click Storage > Storage VMs, then click Add.
If this is a new system with no existing storage VMs: Click Dashboard > Configure Protocols.
If you are adding an S3 server to an existing storage VM: Click Storage > Storage VMs, select a storage VM, click Settings, and then click
under S3. -
Click Enable S3, then enter the S3 Server Name.
-
Select the certificate type.
Whether you select system-generated certificate or one of your own, it will be required for client access.
-
Enter the network interfaces.
-
-
If you selected the system-generated certificate, you see the certificate information when the new storage VM creation is confirmed. Click Download and save it for client access.
-
The secret key will not be displayed again.
-
If you need the certificate information again: Click Storage > Storage VMs, select the storage VM, and click Settings.
-
-
Verify that S3 is licensed on your cluster:
system license show -package s3CliIf it is not, contact your sales representative.
-
Create an SVM:
vserver create -vserver <svm_name> -subtype default -rootvolume <root_volume_name> -aggregate <aggregate_name> -rootvolume-security-style unix -language C.UTF-8 -data-services <data-s3-server> -ipspace <ipspace_name>Cli-
Use the UNIX setting for the
-rootvolume-security-styleoption. -
Use the default C.UTF-8
-languageoption. -
The
ipspacesetting is optional.
-
-
Verify the configuration and status of the newly created SVM:
vserver show -vserver <svm_name>CliThe
Vserver Operational Statefield must display therunningstate. If it displays theinitializingstate, it means that some intermediate operation such as root volume creation failed, and you must delete the SVM and re-create it.
The following command creates an SVM for data access in the IPspace ipspaceA:
cluster-1::> vserver create -vserver svm1.example.com -rootvolume root_svm1 -aggregate aggr1 -rootvolume-security-style unix -language C.UTF-8 -data-services _data-s3-server_ -ipspace ipspaceA [Job 2059] Job succeeded: Vserver creation completed
The following command shows that an SVM was created with a root volume of 1 GB, and it was started automatically and is in running state. The root volume has a default export policy that does not include any rules, so the root volume is not exported upon creation. By default, the vsadmin user account is created and is in the locked state. The vsadmin role is assigned to the default vsadmin user account.
cluster-1::> vserver show -vserver svm1.example.com
Vserver: svm1.example.com
Vserver Type: data
Vserver Subtype: default
Vserver UUID: b8375669-19b0-11e5-b9d1-00a0983d9736
Root Volume: root_svm1
Aggregate: aggr1
NIS Domain: -
Root Volume Security Style: unix
LDAP Client: -
Default Volume Language Code: C.UTF-8
Snapshot Policy: default
Comment:
Quota Policy: default
List of Aggregates Assigned: -
Limit on Maximum Number of Volumes allowed: unlimited
Vserver Admin State: running
Vserver Operational State: running
Vserver Operational State Stopped Reason: -
Allowed Protocols: nfs, cifs
Disallowed Protocols: -
QoS Policy Group: -
Config Lock: false
IPspace Name: ipspaceA
