Object Storage Creation on Netapp ONETAP
Home > Storage server > NetApp OneTap > Object Storage Creation on Netapp ONETAP
Object Storage Configuration on NetApp ONTAP AFF_c30
a) SVM Creation
1. Login to the NetApp management console using the admin credentials.
2. Navigate to Storage → Storage VM.
File:Object storage svm creation.png
3. Click on +Add to create a new SVM if one does not already exist.
4. Provide a name for the SVM and check Enable S3 under Access Protocol.
5. Provide the object server FQDN (e.g., s3.example.com).
6. Select Enable TLS and specify the desired port.
7. If you have a CA certificate, uncheck Use system-generated certificate and select Use external-CA signed certificate.
8. Set the default language as c.utf_8.
9. Select the Network Interfaces as needed.
File:Select network interfaces for SVM.png
10. Once all configurations are complete, click on Save.
b) Bucket Creation
1. Login to the ONTAP management console using the admin credentials.
2. Navigate to Storage → Buckets, and click on +Add to create a new bucket.
File:Bucket creation on netapp storage.png
3. Provide a name for the bucket, select the SVM created in the previous step, and define the bucket size (minimum: 95 GB).
File:Bucket creation on netapp storage - specify name and storage.png
4. To enable tiering and versioning, click on More options, and based on the IOPS, select the appropriate performance service level.
File:Bucket creation on netapp storage - enable Tiering and versioning.png
5. Once the configuration is complete, click on Save to create the bucket.
c) S3 User Creation
6. Access the NetApp CLI via SSH.
7. Create an S3 user using the following command and safely copy the access and secret keys:
vserver object-store-server user create -vserver <SVM-NAME> -user <USER_NAME> -keep-time-to-live P1W
Example:
vserver object-store-server user create -vserver svm_s3 -user test_user -keep-time-to-live P1W
File:S3 user creation in netapp storage.png
8. Once the user is created, assign the required permissions to the user for accessing the bucket.
9. Navigate to Storage → Buckets, select the bucket created previously, and go to the Permissions section.
File:Assigning permission fo bucket to S3 user.png
10. Click on Edit, then scroll down to the Permissions section.
File:Assigning permission fo bucket to S3 user2.png
11. Click on +Add to add new permissions.
File:Assigning permission fo bucket to S3 user3.png
12. In the new window:
a) In Principal, select the S3 user created earlier.
File:Assigning permission fo bucket to S3 user4.png
b) Set Effect to Allow.
c) In Action, select the required actions for the user (e.g., read, write, delete).
13. Leave the Resource section as default.
File:Assigning permission fo bucket to S3 user5.png
14. (Optional) Define conditions if needed.
15. Save the configuration and verify the permission list.
d) Client Setup
1. Verify the IP address of the SVM created in step (a), and ensure it resolves to the FQDN of the object store server via DNS or `/etc/hosts`.
2. Install the AWS CLI on the client machine.
3. From the NetApp CLI, retrieve the root certificate using:
security certificate show -vserver <SVM_NAME> -type root -instance
This command will display the certificate details including signed date and expiry.
4. Copy the public key certificate from the output and save it on the client machine.
5. Configure the AWS CLI with the credentials of the S3 user created earlier:
aws configure
You will be prompted to enter:
AWS Access Key ID [None]: <ACCESS_KEY> AWS Secret Access Key [None]: <SECRET_KEY> Default region name [None]: <PRESS ENTER> Default output format [None]: <PRESS ENTER>
6. To test the configuration, run the following command:
aws s3 ls s3://<BUCKET-NAME> --endpoint-url https://<FQDN-OF-S3-SERVER>
This confirms that the client can access the S3-compatible bucket via NetApp ONTAP.
Home > Storage server > NetApp OneTap > Object Storage Creation on Netapp ONETAP
