Difference between revisions of "Object Storage Creation on Netapp ONETAP"

From Notes_Wiki
(Created page with "Home > Storage server > NetApp OneTap > Object Storage Creation on Netapp ONETAP = '''Object Storage Configuration on NetApp ONTAP AFF_c30''' = == '''a) SVM Creation''' == 1. Login to the NetApp management console using the '''admin''' credentials. 2. Navigate to '''Storage''' → '''Storage VM'''. File:Object storage svm creation.png 3. Click on '''+Add''' to create a new SVM if one does not already exist. 4. Provide a name for the S...")
 
Line 5: Line 5:
== '''a) SVM Creation''' ==
== '''a) SVM Creation''' ==


1. Login to the NetApp management console using the '''admin''' credentials.
#Login to the NetApp management console using the '''admin''' credentials.
 
#Navigate to '''Storage''' → '''Storage VM'''.
2. Navigate to '''Storage''' → '''Storage VM'''.
#Click on '''+Add''' to create a new SVM if one does not already exist.
 
#Provide a name for the SVM and check '''Enable S3''' under Access Protocol.
[[File:Object storage svm creation.png]]
#Provide the object server FQDN (e.g., '''s3.example.com''').
 
#Select '''Enable TLS''' and specify the desired port.
3. Click on '''+Add''' to create a new SVM if one does not already exist.
#If you have a CA certificate, uncheck '''Use system-generated certificate''' and select '''Use external-CA signed certificate'''.
 
#Set the default language as '''c.utf_8'''.
4. Provide a name for the SVM and check '''Enable S3''' under Access Protocol.
#Select the '''Network Interfaces''' as needed.
 
#Once all configurations are complete, click on '''Save'''.
[[File:SVM configuration.png]]
 
5. Provide the object server FQDN (e.g., '''s3.example.com''').
 
6. Select '''Enable TLS''' and specify the desired port.
 
7. If you have a CA certificate, uncheck '''Use system-generated certificate''' and select '''Use external-CA signed certificate'''.
 
[[File:Svm configuration2.png]]
 
8. Set the default language as '''c.utf_8'''.
 
9. Select the '''Network Interfaces''' as needed.
 
[[File:Select network interfaces for SVM.png]]
 
10. Once all configurations are complete, click on '''Save'''.
 


== '''b) Bucket Creation''' ==
== '''b) Bucket Creation''' ==


1. Login to the ONTAP management console using the '''admin''' credentials.
#Login to the ONTAP management console using the '''admin''' credentials.
 
#Navigate to '''Storage''' → '''Buckets''', and click on '''+Add''' to create a new bucket.
2. Navigate to '''Storage''' → '''Buckets''', and click on '''+Add''' to create a new bucket.
#Provide a name for the bucket, select the SVM created in the previous step, and define the bucket size (minimum: 95 GB).
 
#To enable tiering and versioning, click on '''More options''', and based on the IOPS, select the appropriate performance service level.
[[File:Bucket creation on netapp storage.png]]
#Once the configuration is complete, click on '''Save''' to create the bucket.
 
3. Provide a name for the bucket, select the SVM created in the previous step, and define the bucket size (minimum: 95 GB).
 
[[File:Bucket creation on netapp storage - specify name and storage.png]]
 
4. To enable tiering and versioning, click on '''More options''', and based on the IOPS, select the appropriate performance service level.
 
[[File:Bucket creation on netapp storage - enable Tiering and versioning.png]]
 
5. Once the configuration is complete, click on '''Save''' to create the bucket.
 


== '''c) S3 User Creation''' ==
== '''c) S3 User Creation''' ==


6. Access the NetApp CLI via SSH.
#Access the NetApp CLI via SSH.
 
#Create an S3 user using the following command and safely copy the access and secret keys:
7. Create an S3 user using the following command and safely copy the access and secret keys:
 
<pre>
<pre>
vserver object-store-server user create -vserver &lt;SVM-NAME&gt; -user &lt;USER_NAME&gt; -keep-time-to-live P1W
vserver object-store-server user create -vserver &lt;SVM-NAME&gt; -user &lt;USER_NAME&gt; -keep-time-to-live P1W
</pre>
</pre>
'''Example:'''
'''Example:'''
<pre>
<pre>
vserver object-store-server user create -vserver svm_s3 -user test_user -keep-time-to-live P1W
vserver object-store-server user create -vserver svm_s3 -user test_user -keep-time-to-live P1W
</pre>
</pre>
[[File:S3 user creation in netapp storage.png]]
#Once the user is created, assign the required permissions to the user for accessing the bucket.
 
8. Once the user is created, assign the required permissions to the user for accessing the bucket.
 
9. Navigate to '''Storage''' → '''Buckets''', select the bucket created previously, and go to the '''Permissions''' section.
 
[[File:Assigning permission fo bucket to S3 user.png]]
 
10. Click on '''Edit''', then scroll down to the '''Permissions''' section.
 
[[File:Assigning permission fo bucket to S3 user2.png]]
 
11. Click on '''+Add''' to add new permissions.
 
[[File:Assigning permission fo bucket to S3 user3.png]]
 
12. In the new window:
 
a) In '''Principal''', select the S3 user created earlier.
 
[[File:Assigning permission fo bucket to S3 user4.png]]
 
b) Set '''Effect''' to '''Allow'''.
 
c)  In '''Action''', select the required actions for the user (e.g., read, write, delete).
 
13. Leave the '''Resource''' section as default.
 
[[File:Assigning permission fo bucket to S3 user5.png]]
 
14. (Optional) Define conditions if needed.
 
15. Save the configuration and verify the permission list.


#Navigate to '''Storage''' → '''Buckets''', select the bucket created previously, and go to the '''Permissions''' section.
#Click on '''Edit''', then scroll down to the '''Permissions''' section.
#Click on '''+Add''' to add new permissions.
#In the new window:
##In '''Principal''', select the S3 user created earlier.
##Set '''Effect''' to '''Allow'''.
##In '''Action''', select the required actions for the user (e.g., read, write, delete).
#Leave the '''Resource''' section as default.
#(Optional) Define conditions if needed.
#Save the configuration and verify the permission list.


== '''d) Client Setup''' ==
== '''d) Client Setup''' ==


1. Verify the IP address of the SVM created in step (a), and ensure it resolves to the FQDN of the object store server via DNS or `/etc/hosts`.
#Verify the IP address of the SVM created in step (a), and ensure it resolves to the FQDN of the object store server via DNS or `/etc/hosts`.
 
#Install the AWS CLI on the client machine.
2. Install the AWS CLI on the client machine.
#From the NetApp CLI, retrieve the root certificate using:
 
3. From the NetApp CLI, retrieve the root certificate using:
 
<pre>
<pre>
security certificate show -vserver &lt;SVM_NAME&gt; -type root -instance
security certificate show -vserver &lt;SVM_NAME&gt; -type root -instance
</pre>
</pre>
This command will display the certificate details including signed date and expiry.
This command will display the certificate details including signed date and expiry.
 
#Copy the public key certificate from the output and save it on the client machine.
4. Copy the public key certificate from the output and save it on the client machine.
#Configure the AWS CLI with the credentials of the S3 user created earlier:
 
5. Configure the AWS CLI with the credentials of the S3 user created earlier:
<pre>
<pre>
aws configure
aws configure
Line 129: Line 69:
Default output format [None]: &lt;PRESS ENTER&gt;
Default output format [None]: &lt;PRESS ENTER&gt;
</pre>
</pre>
 
#To test the configuration, run the following command:
6. To test the configuration, run the following command:
 
<pre>
<pre>
aws s3 ls s3://&lt;BUCKET-NAME&gt; --endpoint-url https://&lt;FQDN-OF-S3-SERVER&gt;
aws s3 ls s3://&lt;BUCKET-NAME&gt; --endpoint-url https://&lt;FQDN-OF-S3-SERVER&gt;
</pre>
</pre>
This confirms that the client can access the S3-compatible bucket via NetApp ONTAP.
This confirms that the client can access the S3-compatible bucket via NetApp ONTAP.
[[Main_Page|Home]] > [[Storage server]] > [[NetApp OneTap]] > [[Object Storage Creation on Netapp ONETAP]]

Revision as of 05:12, 30 July 2025

Home > Storage server > NetApp OneTap > Object Storage Creation on Netapp ONETAP

Object Storage Configuration on NetApp ONTAP AFF_c30

a) SVM Creation

  1. Login to the NetApp management console using the admin credentials.
  2. Navigate to StorageStorage VM.
  3. Click on +Add to create a new SVM if one does not already exist.
  4. Provide a name for the SVM and check Enable S3 under Access Protocol.
  5. Provide the object server FQDN (e.g., s3.example.com).
  6. Select Enable TLS and specify the desired port.
  7. If you have a CA certificate, uncheck Use system-generated certificate and select Use external-CA signed certificate.
  8. Set the default language as c.utf_8.
  9. Select the Network Interfaces as needed.
  10. Once all configurations are complete, click on Save.

b) Bucket Creation

  1. Login to the ONTAP management console using the admin credentials.
  2. Navigate to StorageBuckets, and click on +Add to create a new bucket.
  3. Provide a name for the bucket, select the SVM created in the previous step, and define the bucket size (minimum: 95 GB).
  4. To enable tiering and versioning, click on More options, and based on the IOPS, select the appropriate performance service level.
  5. Once the configuration is complete, click on Save to create the bucket.

c) S3 User Creation

  1. Access the NetApp CLI via SSH.
  2. Create an S3 user using the following command and safely copy the access and secret keys:
vserver object-store-server user create -vserver <SVM-NAME> -user <USER_NAME> -keep-time-to-live P1W

Example: 

vserver object-store-server user create -vserver svm_s3 -user test_user -keep-time-to-live P1W
  1. Once the user is created, assign the required permissions to the user for accessing the bucket.
  1. Navigate to StorageBuckets, select the bucket created previously, and go to the Permissions section.
  2. Click on Edit, then scroll down to the Permissions section.
  3. Click on +Add to add new permissions.
  4. In the new window:
    1. In Principal, select the S3 user created earlier.
    2. Set Effect to Allow.
    3. In Action, select the required actions for the user (e.g., read, write, delete).
  5. Leave the Resource section as default.
  6. (Optional) Define conditions if needed.
  7. Save the configuration and verify the permission list.

d) Client Setup

  1. Verify the IP address of the SVM created in step (a), and ensure it resolves to the FQDN of the object store server via DNS or `/etc/hosts`.
  2. Install the AWS CLI on the client machine.
  3. From the NetApp CLI, retrieve the root certificate using:
security certificate show -vserver <SVM_NAME> -type root -instance

This command will display the certificate details including signed date and expiry.

  1. Copy the public key certificate from the output and save it on the client machine.
  2. Configure the AWS CLI with the credentials of the S3 user created earlier:
aws configure

You will be prompted to enter: 

AWS Access Key ID     [None]: <ACCESS_KEY>
AWS Secret Access Key [None]: <SECRET_KEY>
Default region name   [None]: <PRESS ENTER>
Default output format [None]: <PRESS ENTER>
  1. To test the configuration, run the following command:
aws s3 ls s3://<BUCKET-NAME> --endpoint-url https://<FQDN-OF-S3-SERVER>

This confirms that the client can access the S3-compatible bucket via NetApp ONTAP.

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Object_Storage_Creation_on_Netapp_ONETAP&oldid=9327"