This lab was developed with our partner, NetApp. Your personal information may be shared with NetApp, the lab sponsor, if you have opted-in to receive product updates, announcements, and offers in your Account Profile.

GSP931

Overview

In this lab, you will learn how to leverage additional management tools available with Cloud Volumes ONTAP for Google Cloud. You will get practical experience using Cloud Volumes ONTAP's builtin GUI and CLI, known as ONTAP System Manager and the clustershell respectively. During the lab you will use these built in tools to get familiar with additional, commonly used, capabilities available in Cloud Volumes ONTAP, that are not yet available in NetApp BlueXP, such as resizing a NetApp volume, create customized snapshot policy, provision a NetApp FlexGroup volume, and access the same volume using NFS and SMB. This lab is derived from BlueXP's and ONTAP 9 documentation published by NetApp.

Objectives

In this lab, you will learn how to perform the following tasks:

• Access and use Cloud Volumes ONTAP's built-in GUI and CLI.
• Resize a NetApp Volume.
• Create and use a customized snapshot policy.
• Provision a NetApp FlexGroup volume.
• Enable multi-protocol access to a NetApp volume.

Prerequisites

This is an advanced lab and some knowledge of NetApp is recommended. It is encouraged to be familiar with using NetApp BlueXP and knowing how to perform foundational tasks in Google Cloud. The labs Getting Started with NetApp BlueXP & Cloud Volumes ONTAP for Google Cloud and Managing SMB Workloads and Optimizing Storage Usage with NetApp BlueXP are good introductions.

RDP requirements

You will need to use RDP to log into a Windows VM. You can either use the Chrome RDP for Google Cloud extension or Microsoft Remote Desktop. If you are on a Windows machine, it is highly recommended to use Microsoft Remote Desktop as it will be a much better user experience.

Note: If you choose to use the Chrome extension, using an Incognito or Guest window will not work. Please make sure you are logged in to your project with a regular Chrome window and proceed with the lab.

Setup and requirements

Before you click the Start Lab button

Read these instructions. Labs are timed and you cannot pause them. The timer, which starts when you click Start Lab, shows how long Google Cloud resources are made available to you.

This hands-on lab lets you do the lab activities in a real cloud environment, not in a simulation or demo environment. It does so by giving you new, temporary credentials you use to sign in and access Google Cloud for the duration of the lab.

To complete this lab, you need:

• Access to a standard internet browser (Chrome browser recommended).

Note: Use an Incognito (recommended) or private browser window to run this lab. This prevents conflicts between your personal account and the student account, which may cause extra charges incurred to your personal account.

• Time to complete the lab—remember, once you start, you cannot pause a lab.

Note: Use only the student account for this lab. If you use a different Google Cloud account, you may incur charges to that account.

How to start your lab and sign in to the Google Cloud console

1. Click the Start Lab button. If you need to pay for the lab, a dialog opens for you to select your payment method. On the left is the Lab Details pane with the following:

   • The Open Google Cloud console button
   • Time remaining
   • The temporary credentials that you must use for this lab
   • Other information, if needed, to step through this lab

2. Click Open Google Cloud console (or right-click and select Open Link in Incognito Window if you are running the Chrome browser).

   The lab spins up resources, and then opens another tab that shows the Sign in page.

   Tip: Arrange the tabs in separate windows, side-by-side.

   Note: If you see the Choose an account dialog, click Use Another Account.

3. If necessary, copy the Username below and paste it into the Sign in dialog.

   {{{user_0.username | "Username"}}}

   You can also find the Username in the Lab Details pane.

4. Click Next.

5. Copy the Password below and paste it into the Welcome dialog.

   {{{user_0.password | "Password"}}}

   You can also find the Password in the Lab Details pane.

6. Click Next.

   Important: You must use the credentials the lab provides you. Do not use your Google Cloud account credentials. Note: Using your own Google Cloud account for this lab may incur extra charges.

7. Click through the subsequent pages:

   • Accept the terms and conditions.
   • Do not add recovery options or two-factor authentication (because this is a temporary account).
   • Do not sign up for free trials.

After a few moments, the Google Cloud console opens in this tab.

Note: To access Google Cloud products and services, click the Navigation menu or type the service or product name in the Search field.

Activate Cloud Shell

Cloud Shell is a virtual machine that is loaded with development tools. It offers a persistent 5GB home directory and runs on the Google Cloud. Cloud Shell provides command-line access to your Google Cloud resources.

1. Click Activate Cloud Shell at the top of the Google Cloud console.

2. Click through the following windows:

   • Continue through the Cloud Shell information window.
   • Authorize Cloud Shell to use your credentials to make Google Cloud API calls.

When you are connected, you are already authenticated, and the project is set to your Project_ID, . The output contains a line that declares the Project_ID for this session:

Your Cloud Platform project in this session is set to {{{project_0.project_id | "PROJECT_ID"}}}

gcloud is the command-line tool for Google Cloud. It comes pre-installed on Cloud Shell and supports tab-completion.

3. (Optional) You can list the active account name with this command:

gcloud auth list

4. Click Authorize.

Output:

ACTIVE: * ACCOUNT: {{{user_0.username | "ACCOUNT"}}} To set the active account, run: $ gcloud config set account `ACCOUNT`

5. (Optional) You can list the project ID with this command:

gcloud config list project

Output:

[core] project = {{{project_0.project_id | "PROJECT_ID"}}} Note: For full documentation of gcloud, in Google Cloud, refer to the gcloud CLI overview guide.

Task 1. Set up service accounts

1. To start, in your Cloud Shell window, run the following commands to set some environment variables:

export PROJECT_ID=$(gcloud config get-value project) export serviceAccount="netapp-cloud-manager@"$PROJECT_ID".iam.gserviceaccount.com" export serviceAccount2="netapp-cvo@"$PROJECT_ID".iam.gserviceaccount.com"

2. Next, run the following commands to assign roles to the pre-created netapp-cloud-manager service account:

# assign roles to the netapp-cloud-manager service account gcloud projects add-iam-policy-binding $PROJECT_ID \ --member="serviceAccount:${serviceAccount}" \ --role='roles/iam.serviceAccountAdmin' gcloud projects add-iam-policy-binding $PROJECT_ID \ --member="serviceAccount:${serviceAccount}" \ --role='roles/storage.objectAdmin' gcloud projects add-iam-policy-binding $PROJECT_ID \ --member="serviceAccount:${serviceAccount}" \ --role='roles/deploymentmanager.editor' gcloud projects add-iam-policy-binding $PROJECT_ID \ --member="serviceAccount:${serviceAccount}" \ --role='roles/logging.admin' gcloud projects add-iam-policy-binding $PROJECT_ID \ --member="serviceAccount:${serviceAccount}" \ --role='roles/compute.admin' gcloud projects add-iam-policy-binding $PROJECT_ID \ --member="serviceAccount:${serviceAccount}" \ --role='roles/cloudkms.admin' gcloud projects add-iam-policy-binding $PROJECT_ID \ --member="serviceAccount:${serviceAccount}" \ --role='roles/storage.admin'

Click Check my progress to verify that you've performed the above task.

Assign roles to service account

3. Lastly, create the netapp-cvo service account and assign it the relevant roles:

# create netapp-cvo service account gcloud iam service-accounts create netapp-cvo --display-name=netapp-cvo gcloud projects add-iam-policy-binding $PROJECT_ID \ --member="serviceAccount:${serviceAccount2}" \ --role='roles/storage.objectAdmin' gcloud projects add-iam-policy-binding $PROJECT_ID \ --member="serviceAccount:${serviceAccount2}" \ --role='roles/storage.admin' gcloud iam service-accounts add-iam-policy-binding ${serviceAccount2} --member="serviceAccount:${serviceAccount}" --role='roles/iam.serviceAccountUser'

Click Check my progress to verify that you've performed the above task.

Set up Service Accounts

Task 2. Set up new ONTAP storage environment

In this section you will log in to NetApp BlueXP, NetApp’s data lifecycle management platform, and create a new Cloud Volumes ONTAP storage environment on Google Cloud infrastructure.

1. From the Navigation Menu, go to Compute Engine > VM instances. You should see the cloudmanager VM already deployed for you.

2. Click the External IP to connect to the VM in a new window. Use http://<IP Address>/.

Note: If Chrome gives you a privacy error, you can still continue by clicking Advanced, then Proceed.

3. Once you are on the BlueXP SaaS setup page, you can set up your NetApp Account. First click Sign Up, then enter in an email address and password. Fill out the rest of the fields to authenticate yourself with NetApp’s Cloud Central and click Sign Up to log in to BlueXP.

4. Next, you will be prompted to create an Account Name and a BlueXP name. For these, you can just use user. Click Let's Start. You should now be redirected to the BlueXP SaaS page.

5. Before you add a working environment, navigate to the gear icon on the top-right of the page then click Connector Settings > General.

Note: It may take a couple minutes for your connector to set up.

6. For Automatic Cloud Volumes ONTAP update during deployment, click the box and then uncheck the Automatically update Cloud Volumes ONTAP box to turn the updates off. Click Save. Your configuration settings should resemble the following:

7. Click BlueXP on the top left to navigate to the home page. Click Add Working Environment.

Note: If you happen to run into any issues adding a Working Environment (i.e server fault), this can be due to BlueXP automatically updating. If this happens, please wait a few minutes, refresh the page, and try again.

8. Choose a Location: select Google Cloud Platform.

9. Define Your Working Environment: choose Cloud Volumes ONTAP and click on Add new.

10. Specify a cluster name, optionally add labels, and then specify a password for the default admin account. Click Continue.

Note: The service account netapp-cvo has been pre-created for you with the Storage Admin role.

11. On the Services page, toggle off Backup to Cloud and click Continue.

12. Location & Connectivity: For the Google Cloud Region and Google Cloud Zone, use and , respectively.

13. Cloud Volumes ONTAP Charging Methods & NSS Account: Select Freemium (Up to 500 GiB) and click on Continue.

14. Preconfigured Packages: click Change Configuration.

15. On the Licensing section, first click Change version and select ONTAP-9.7P5 version from the drop down. Click Apply. Next, from the Machine Type dropdown list select n1-highmem-4. Click Continue.

16. Underlying Storage Resources: Choose Standard and for the Google Cloud Disk Size select 100 GB. Click Continue.

17. WORM (write once, read many): keep the settings as default and click Continue.

18. On the Create Volume page, you will create a NetApp volume that will be used in the next sections. Use the following details:

• Name your volume data1
• Set size to 10 (size set in GB)
• Set Snapshot Policy to default
• Select NFS as protocol
• Verify Access Control is set to Custom export policy
• Verify Custom export policy is set with the VPC's CIDR range
• Click Continue

Your configuration settings should resemble the following:

19. For Usage Profile, Disk Type & Tiering Policy, use the following configurations:

• Verify the Storage Efficiency is marked (to enable NetApp's data footprint reduction technologies).
• Verify the Disk Type is set to Standard (volume will be created in Standard-backed PD).
• Leave Tiering data to object storage with default settings.
• Click Continue.

20. Review & Approve: Review and confirm your selections:

• Review details about the configuration.
• Click More information to review details about support and the Google Cloud resources that BlueXP will purchase.
• Select both checkboxes.
• Click Go.

Great! You're done with your working environment setup. Now, sit back and relax while BlueXP deploys your Cloud Volumes ONTAP system (this should take around ten minutes to complete) and your Active Directory (deployed for you upon lab startup) is being created.

Click Check my progress to verify that you've performed the above task.

Set up a new ONTAP storage environment

Task 3. Accessing ONTAP System Manager and Clustershell

Every ONTAP system, whether deployed on-premise on top of engineered hardware or on public cloud infrastructure, has a built-in GUI, known as ONTAP System Manager, and a CLI, known as the clustershell. In this section you'll be accessing both of these management tools and in the following ones you'll execute some common advanced operations. Essentially, through clustershell any ONTAP operation can be performed, while ONTAP System Manager contains all the ongoing management operations. It is important to note that operations available through BlueXP should be performed through BlueXP, since some operations require interfacing and orchestrating Google Cloud infrastructure services.

RDP into the Windows VM

1. On the Cloud Console, navigate to Compute Engine → VM Instances and locate your windows-vm.

2. Set Windows password from the Connect/RDP menu, Copy and Save the password.

Note: If you are using the Google Chrome RDP Extension, simply click RDP to connect. The next few steps are used for a desktop RDP client. You can skip these and log in to the VM and continue on to step 5.

3. Download the RDP file from the Connect/RDP menu or copy windows-vm External IP address.

4. Next, open a remote desktop connection and log in to the windows virtual machine. To do this, locate the downloaded RDP file and double click it. When prompted for password, enter the password copied on step 2.

5. Once you have logged into your Windows instance, open up a new Google Chrome window and proceed to the next section.

ONTAP System Manager access

1. Once your Cloud Volumes ONTAP system has deployed, from the Storage Canvas click on the Cloud Volumes ONTAP system.

2. On the opened right panel, locate and click the information button and copy the Cluster management IP.

3. Back in the windows-vm RDP window, paste your following URL https://<cluster_management_ip> into Google Chrome.

4. When the Chrome warning appears, click on Advanced and then on Proceed to cluster_management_ip (unsafe).

ONTAP System Manager login screen will appear shortly after.

5. On the login screen, enter the following credentials:

• Username: admin (ONTAP's default superuser and initial user)
• Password: the password enter when created CVO

Welcome to ONTAP System Manager! Here's a quick orientation:

• Top left - Main navigation menu for all ONTAP related operations. You're currently on the DASHBOARD (default) where you get a general overview on Cloud Volumes ONTAP's capacity, performance and network.
• Top middle - Search box for actions, objects and pages.
• Top right - Links to documentation, API log viewer, user account and the NetApp Cloud Central widget.

Now, you'll disable the INACTIVITY TIMEOUT so you won't have to log in again throughout the lab.

6. Go to CLUSTER > Settings > UI Settings and click on the pen icon

7. In the INACTIVITY TIMEOUT field enter 0 (zero) to specify no timeout and click Update. Your screen should look like this:

You're all set! In just a few minutes you'll get back to ONTAP System Manager and perform some operations.

ONTAP Clustershell access

1. On the Cloud Console go to the VM instances page (Compute > Compute Engine > VM instances), locate the cloudmanager instance and connect to it by clicking on SSH.

2. In order to maintain continuous SSH connectivity to the cloudmanager instance run the following command:

sudo /sbin/sysctl -w net.ipv4.tcp_keepalive_time=60 net.ipv4.tcp_keepalive_intvl=60 net.ipv4.tcp_keepalive_probes=5

3. Next, do the following to SSH into Cloud Volumes ONTAP clustershell:

• Enter the command ssh admin@<cluster_management_ip> (replacing with your actual Cluster Management IP address)
• Answer "yes" when asked "Are you sure you want to continue connecting?"
• Enter CVO's admin user password (the password enter when created CVO)

Your screen should now look like this:

Welcome to ONTAP Clustershell! Here are the basic rules:

• Commands are organized in directories and you're situated at the root directory or / (default).
• Press ? or Tab for help and to list the available directories/commands.
• Use man <directory/command> to view its manual page.
• Type a name of a directory or cd <directory> to change directory.
• Use the top command to go to the root directory and up or cd .. to go one level up.
• Use the tab key to autocomplete directories, commands, parameters and values.
• Remember that ONTAP CLI is case sensitive.
• Press Ctrl+L to clear the screen.

4. To disable the CLI session timeout, so you won't have to log in again throughout the lab, run the following command:

system timeout modify -timeout 0

You're CLI ready! It's time to put these built-in tools into action. In each of the following sections you will perform operations using the UI, then have a description of how to perform the same operation with the other.

Task 4. Resizing a NetApp volume non-disruptively

The provisioning of a Cloud Volumes ONTAP volume, also known as a Flexible Volume (FlexVol) is done through BlueXP's GUI or API. By default, the volume is associated with a policy allowing it to grow automatically, whenever more capacity is needed (this policy can be adjusted to automatically shrink the volume too). In situations where you would need to manually change the volume's size you will use ONTAP System Manager or clustershell. In this section you'll learn how to perform resize operations through the clustershell and verify them through your linux-vm (Instructions on how to do it from ONTAP System Manager are at the end of this section).

1. Back on NetApp BlueXP, double-click on your Cloud Volumes ONTAP working environment located on the Storage Canvas to access the Volumes page.

2. On the Volumes page, locate the data1 volume and click on its Manage Volume.

3. From the list of operations revealed, click on Mount Command:

4. Then click on Copy to copy the command to your clipboard:

   

5. Back in the Cloud Console, from the Navigation Menu, navigate to Compute Engine > VM instances.

6. On the VM instances page, locate the linux-vm instance and connect to it by clicking on SSH.

7. In the linux VM SSH window, create a local directory under /mnt named data1 that would serve as a mount point:

sudo mkdir /mnt/data1

8. Next, paste the Mount Command (copied on step 2) and replace <dest_dir> with the /mnt/data1 directory created. Press Enter to mount Cloud Volumes ONTAP volume using NFS.

# The command pasted should look like this but with your IP. sudo mount 10.142.0.36:/data1 /mnt/data1

9. Verify that your volume is properly mounted using the df -h command and note the Size column. Should show 9.5G since 5% are allocated by default for NetApp snapshots.

Click Check my progress to verify that you've performed the above task.

Resize a NetApp Volume Non-Disruptively

10. Go back to the cloudmanager SSH tab, where you have established an SSH session to Cloud Volumes ONTAP CLI. Run either of the following commands to increase the volume's size to 20GiB:

volume size -volume data1 -new-size 20g volume size -volume data1 +10g

11. Back to your linux-vm SSH tab, run the df -h command again and verify that the size change is reflected in it. You should now see it's 19G, since 5% are allocated by default for NetApp snapshots.

If you'll go back to BlueXP's Volumes page you can see the size change is reflected there as well (you might need to refresh the page)

How about shrinking a volume? Yes, that can be done and non-disruptively as well. Go back to the cloudmanager SSH tab, where you have established an SSH session to Cloud Volumes ONTAP CLI.

12. Run either of the following commands to shrink the volume's size to 15GiB:

volume size -volume data1 -new-size 15g volume size -volume data1 -5g

13. Back to your linux-vm SSH tab, run the df -h command again and verify that the size change is reflected in it. You should now see it's 15G (since the 5% reserve for snapshots is 0.75G it does not reflect in the output).

Alternatively

A volume resize operation can also be performed through ONTAP System Manager. To change the volume's capacity from ONTAP System Manager do the following:

1. Navigate to STORAGE > Volumes.

2. Hover over the volume's name and click on the ellipsis that appears and then Edit.

3. On the opened Edit Volume under the Storage and Optimization section, enter the new CAPACITY.

4. Scroll all the way down and click Save. Back on the Volumes page you can verify the change.

Great job! By changing the volume's size you can easily update its capacity, based on your workloads' requirements. Remember that volumes created are set to grow automatically, when needed. Through Cloud Volumes ONTAP's built-in tools, it is possible to adjust these settings and adjust the volume's autosize policy to shrink. Most importantly, these types of operations are done instantly and non-disruptively.

Task 5. Customizing snapshots policies

On fresh deployments of Cloud Volumes ONTAP, volumes provisioned can be associated with one of the three snapshot policies available by default - default, default-1weekly or none. With the default snapshot policies, snapshots are created and retained based on three predefined schedules, while the None policy is an empty one and does not create any snapshots.

None is primarily used with volumes containing structured data (MySQL, Oracle, etc.), where snapshots must be application-aware and managed through NetApp SnapCenter Server for example. Whenever you need to create additional snapshot policies, with different schedules and retention, you will use ONTAP System Manager or clustershell.

In this section, you will use the clustershell to create new schedules upon which your snapshots will be created and use them in a new snapshot policy. In addition you will define your snapshots retention for each schedule and put it to work. (Instructions on how to do it from ONTAP System Manager are at the end of this section).

1. Go back to the cloudmanager SSH tab, where you have established an SSH session to Cloud Volumes ONTAP CLI.

2. Now create a couple of new schedules with the following details:

• Schedule 1 - For snapshots created every 4 hours, at specified hours, on the hour

  • Name: Every4Hours
  • Hours: 1am, 5am, 9am, 1pm, 5pm and 9pm

• Schedule 2 - For snapshots created on a daily basis at 3am

  • Name: Daily3am
  • Hours: 3am

3. Run the following commands on the clustershell to create the two policies:

job schedule cron create -name Every4Hours -hour 1,5,9,13,17,21 -minute 0 job schedule cron create -name Daily3am -hour 3 -minute 0

4. Use the following command to verify your schedules:

job schedule cron show

The command output should look like this:

5. Next, create a new snapshot policy. In the snapshot policy you will use the two new schedules and a predefined one (5min) to automatically create snapshots, and define for each schedule the amount of snapshots to retain. Use the following command to create the policy:

volume snapshot policy create -policy my-qwiklabs-policy -schedule1 Daily3am -count1 30 -schedule2 Every4Hours -count2 12 -schedule3 5min -count3 12 -enabled true Note: The new policy will automatically create snapshots based on the defined schedules. It would retain the 30 most recent snapshots created based on the Daily3am schedule, the 12 most recent Every4Hours snapshots and the 6 most recent 5min snapshots.

6. Run the following command to verify the snapshot policy was properly created:

volume snapshot policy show -policy my-qwiklabs-policy

The command output should look like this:

The new snapshot policy is now available for use and you will be able to use it when creating and editing a volume through BlueXP. Since you're already on the clustershell, why not do it from here?

7. To put the policy to work, run the following command to modify the associated snapshot policy of the data1 volume:

volume modify -volume data1 -snapshot-policy my-qwiklabs-policy

A warning message appears when changing the snapshot policy to emphasize that existing snapshots may not be automatically deleted.

8. To the "Do you want to continue?" question, answer with "y".

Manually deleting residual snapshots can be done with the commands:

• For specific snapshots:

volume snapshot delete -volume data1 -snapshot <snapshot_name>

• For all snapshots:

volume snapshot delete -volume data1 -snapshot *

9. To verify that the policy was associated with the data1 volume, run the following command:

volume show -volume data1 -fields snapshot-policy

The command output should look like this:

Want to see the 5min snapshots piling up?

10. In the linux-vm SSH window, run the following command to list the snapshots within the data1 volume:

ls -lu /mnt/data1/.snapshot

After waiting 5 minutes, you should see a 5min snapshot was created:

Click Check my progress to verify that you've performed the above task.

Customize snapshots policies

Alternatively

Schedules and snapshot management can also be performed through ONTAP System Manager.

To manage schedules

1. Navigate to PROTECTION > Overview and expand Local Policy Setting.
2. On the opened Schedules box all existing schedules are displayed.
3. Click and a schedule to get more information and to edit it.
4. Click on the right arrow to enter the Schedules page.
5. Click on the Add button and fill the required fields to create a new schedule.

To manage snapshot policies

1. Navigate to PROTECTION → Overview and expand Local Policy Setting.
2. On the opened Snapshot Policies box all existing policies are displayed.
3. Click and a policy to get more information and to edit it.
4. Click on the right arrow to enter the Policies page.
5. Click on the Add button and fill the required fields to create a new Snapshot Policy.

Well done! Snapshots are the groundwork for Cloud Volumes ONTAP data protection. Through ONTAP System Manager and clustershell you can take full advantage of the NetApp Snapshot technology and customize it to each and every workload based on your established best practices.

Task 6. Creating a NetApp FlexGroup volume

Cloud Volumes ONTAP has multiple volume types. As mentioned earlier, when you create a volume, the type used by default, and the recommended one, is FlexVol. A FlexVol is hosted on a single collection of persistent disks (up to 6), grouped together to a single storage pool, known as a NetApp Aggregate, and can scale up to 100 TiB in size. What if you need more capacity than a 100 TiB in a single volume? What if you need better performance than what a single FlexVol (or aggregate) provides? If that's the case, you need a FlexGroup volume.

A FlexGroup volume is a scale-out NAS container that provides high performance along with automatic load distribution and scalability. A FlexGroup contains several FlexVol constituents that automatically and transparently share the traffic.

In this section you will learn how to create and access a FlexGroup volume. This section will be performed through ONTAP System Manager (Instructions on how to do it through the clustershell is located at the end of this section).

1. First, create another aggregate on our Cloud Volumes ONTAP storage environment. Since this operation requires Google Cloud resources you'll use BlueXP. Back on BlueXP, double click your Cloud Volumes ONTAP working environment.

2. Click on the triple-bar () on the right side of the screen, then Advanced, and finally on Advanced Allocation to open the Aggregates page.

3. On the Aggregates page, click on the Add Aggregate button located at the top right side of the page.

4. Use the following details on the Create new aggregate wizard:

• Aggregate Name: aggr2
• Aggregate Tier: Standard
• Cloud Storage Tiering: Enabled (default)
• GCP Disk Size: 100 GB (default)
• Number of Disks: 1

5. Click the Go button at the end, and on the pop-up message box, click Approve & Purchase.

When the creation of the aggregate is complete, you should have two aggregates and the aggregates page should look like this:

6. Go back to the SSH window where you've opened and logged into ONTAP clustershell CLI.

7. On the ONTAP CLI, run the following command to automatically create an 800 GiB, thin-provisioned, FlexGroup volume named data2fg, that would span both aggregates and would be accessible through the /data2fg path on Cloud Volumes ONTAP:

volume create -volume data2fg -auto-provision-as flexgroup -support-tiering true -junction-path /data2fg -unix-permissions 777

8. Answer with "y" to both "Do you want to continue?" questions. Your output should look like the following:

9. Use the following command to verify the volume's creation and size:

volume show

10. You can run the following command to see the volume constituents, their size and hosting aggregate:

volume show -is-constituent true

Your output should look like this:

11. Before mounting the FlexGroup volume, you will need to create and assign a proper NFS Export Policy. Run the following ONTAP CLI commands:

vserver export-policy rule create -policyname default -clientmatch 10.128.0.0/20 -rorule any -rwrule any -superuser any Note: For simplicity no authentication is required ("any" value) for read-only, read-write or root access.

12. Next, you'll extract the Cloud Volumes ONTAP IP address for file level access. Use the following command:

network interface show

The command's output should look like this:

13. Copy and Save the IP address of the svm_default_data_lif up/upoutput output.

14. Navigate back to the SSH session opened on the linux-vm.

15. In the linux VM SSH window, create a local directory under /mnt named data2fg that would serve as a mount point for the FlexGroup volume:

sudo mkdir /mnt/data2fg

16. Next, run the following command to mount the flexgroup volume to your linux-vm:

# Note that the command should look like this but with your IP. sudo mount 10.128.0.9:/data2fg /mnt/data2fg

17. Last thing would be to run the df -h command to verify the volume was mounted and its capacity from the client perspective.

Your output should look like this:

Note: Since 5% of an ONTAP volume is reserved by default for NetApp Snapshots, the FlexGroup size shown is 760G.

Click Check my progress to verify that you've performed the above task.

Create a NetApp FlexGroup Volume

Alternatively

Although the recommended method for creating a FlexGroup volume is through ONTAP CLI, FlexGroup volumes can also be created from ONTAP System Manager:

1. Go back to the windows-vm to the Chrome tab where you've opened and logged into ONTAP System Manager and navigate to STORAGE > Volumes.

2. Click on the Add button and then on More Options.

3. Fill in the volume's Name and CAPACITY.

4. Select the Distribute Volume Data Across the Cluster box, to ensure the volume's style would be FlexGroup, and click Save.

A few short moments later the new FlexGroup appears in the volumes list.

That's it, however, there are some caveats to consider when deploying FlexGroups with System Manager that make using the CLI a better choice in that case (you can check out the link at the section's summary below for more information).

Congratulations! You've just created a scale-out NAS container, made up from multiple volume constituents, that is managed and acts like a NetApp FlexVol. With FlexGroups your workloads are provided with many benefits such as massive capacity, low-latency for high metadata workloads, efficient use of Cloud Volumes ONTAP resources and more. For more information on FlexGroup volumes check out the NetApp ONTAP FlexGroup Volumes - Best Practices and Implementation Guide.

Task 7. Getting multiprotocol access to NetApp volumes

In this section you will be introduced to the basics of unified file-level access, aka multiprotocol access. Multiprotocol file-level access allows storage systems to provide access to clients running both Linux and Windows-based operating systems through the NFS and CIFS/SMB protocols, respectively. In this section you will configure Cloud Volumes ONTAP to provide SMB/CIFS service, create a SMB/CIFS share to a NetApp volume already configured with NFS access, and access the volume from both your Windows and Linux VMs.

Join Windows VM to Active Directory domain

Note: This section can only be started after the Active Directory deployment is complete. Please verify these have been completed before starting this section. From the Cloud Console navigation menu Security > Managed Microsoft AD to check the status of your AD domain.

tart wSith setting up your windows-vm as a member server in an Active Directory Domain.

1. Go back to the Cloud Console. Under Security, go to Managed Microsoft AD and click on the qwiklabs.netapp.local active directory domain that was created for you upon lab startup.

2. Scroll down to the Access details section and click SET PASSWORD. Click Confirm. Copy and Save the password.

3. Go back to the Windows VM. On the Start screen, click the Control Panel.

4. Navigate to System and Security, and then click System.

5. Under Computer name, domain, and workgroup settings, click Change settings.

6. On the Computer Name tab, click Change.

7. Under Member of, click Domain, and type qwiklabs.netapp.local, and then click OK.

8. When prompted for User name and Password use the following:

• User name: setupadmin
• Password: <the password copied on step 2>. Click OK.

After a few seconds a Welcome message to the domain would appear. Once acknowledged, another message will appear specifying the computer must be restarted to apply the changes.

9. Click OK and Close System Properties. Finally, click Restart Now to restart the virtual machine.

10. Once your Windows server is up and running, log in as the setupadmin user (with the password copied on step 8) and verify it has joined the domain.

11. Verify it has joined the domain. From the Windows Start screen > Control Panel > System and Security > System, check the Windows Computer name, domain, and workgroup settings. It should be similar to the image below:

That's that! Your Windows virtual machine was restarted and configured as a member server in the qwiklabs.netapp.local domain. Moving on...

Join Cloud Volumes ONTAP to Active Directory domain

Continue with setting up your Cloud Volumes ONTAP system as a member server too in the same Active Directory Domain.

1. First get the DNS IP address you need to use later on. Back on the Cloud console, under Networking, go to VPC Network > VPC Networks.

2. Under the default VPC, Copy and Save the Gateway IP for the us-central1 region.

3. Next, go to NetApp BlueXP Storage Canvas page and double-click on your Cloud Volumes ONTAP working environment to access the Volumes page.

4. From the top right triple-bar menu above Add Volume select Advanced > CIFS Setup and use the following details to create a CIFS server:

• DNS Primary IP Address: <your network's gateway, copied in step 1>
• Active Directory Domain to join: qwiklabs.netapp.local
• Credentials authorized to join the domain:
  • User name: setupadmin
  • Password: <password copied on step 2 in the previous sub section>
• Click on Advanced

5. On the Advanced section of Create a CIFS server use the following:

• CIFS server NetBIOS name: use default name
• Organizational Unit: OU=Cloud
• DNS Domain: check the Use Active Directory Domain
• NTP Server: use default / unchecked
• Click Save, when done.

Great! You have added your Cloud Volumes ONTAP system as a member server in the qwiklabs.netapp.local domain. Moving on to create an SMB/CIFS share on your data1 volume.

Sharing a Cloud Volumes ONTAP volume

Any style of NetApp volume can be accessed using NFS, SMB/CIFS or both. To enable NFS access to a volume, an NFS export policy must be associated with it. To enable SMB/CIFS access to a volume, an SMB/CIFS share must be created for it. And to enable access for both protocols, both an NFS export policy and an SMB/CIFS share need to be associated with a volume. In this subsection, you will create an SMB/CIFS share for the data1 volume, initially created in the lab, that already has an export policy associated with and can be accessed by NFS.

1. Back on your windows-vm RDP session, and log into ONTAP System Manager, as you did in the ONTAP System Manager Access subsection earlier in the lab.

2. On ONTAP System Manager, navigate to STORAGE > Shares, and click on the Add button, and select Share to create a new share.

3. On the opened Add Share dialog box fill in the following information:

• SHARE NAME: data1_share
• FOLDER NAME: /data1 (you can use the Browse button)
• DESCRIPTION: Share for multiprotocol access
• ACCESS PERMISSION: blank (default)
• Click Save when done.

Back on the Shares page, you should be able to see the new share you just created.

4. Use the down arrow to expand its view to get more information. Copy and Save the SMB/CIFS ACCESS (the UNC path).

Accessing the volume from Windows and Linux

Now that the volume has an export policy associated with and an SMB/CIFS share. It's time to access the volume both ways.

1. On your Windows VM, open File Explorer from the taskbar or the Start menu, or press the Windows logo key + E.

2. Select This PC from the left pane. Then, on the Computer tab, select Map network drive.

3. On the Map Network Drive window use the following details:

• Drive: Z: (the first available drive letter)
• Folder box: <SMB/CIFS ACCESS copied on step 4>

Your screen should look like this:

4. Click Finish to execute the Map Network Drive operation.

Upon completion of the operation a new window will appear showing the mapped network drive. If you expand This PC, you can see it listed as one of the available drives.

5. On your windows-vm, create a file on the new mapped network drive (Z:\\). Right click within the opened (Z:) drive window, select New and then Text Document, and name SMB_file (a .txt extension is added by default).

6. In the linux VM SSH window, list the /mnt/data1 and to view the file created and its attributes. Use the following command:

ls -l /mnt/data1

The command's output should look like this:

Note: The nobody user is set as the owner due to ONTAP's default username mapping.

ONTAP is not unique in the concept of user mapping, but it is still a concept that gets people confused on occasion. Essentially, to get the proper permissions on a NetApp storage system, a client must first pass a "test" in the form of initial authentication. The storage system needs to know that the user you are claiming to be is actually you.

There are varying degrees of how secure this test is, mostly dependent on the protocol you're using, but the bottom line is this: authentication helps ONTAP get a username. That user name allows ONTAP to map to another user name, depending on the volume security style (defines the type of permissions used in the volume. Can be set to either Unix or NTFS). In that case, we accessed a Unix configured volume with the setupadmin Windows user, which ONTAP has mapped to a Unix user named nobody or UID 65534.

8. Now create a file from the linux VM under the /mnt/data1 directory. Use the following command:

touch /mnt/data1/NFS\_file.txt

9. Then, list the /mnt/data1 directory again using the following command:

ls -l /mnt/data1

The command's output should look like this:

Note: Your Google Cloud user is set as the owner of the new file. When you create a file on a unix configured volume through an NFS client no username mapping is involved.

10. Back on your Windows VM, note that the file you've created from the linux VM can be accessed on the mapped network drive (Z:\).

Click Check my progress to verify that you've performed the above task.

Access the Volume from Windows and Linux

Alternatively

Managing SMB/CIFS share can also be done through ONTAP CLI:

1. To create the data1_share use the following command:

vserver cifs share create -share-name data1\_share -path /data1

2. To view the data1_share and its basic information use the following commands:

vserver cifs share show -share-name data1\_share

3. To view the data1_share with all of its details use the same command with -instance at the end:

vserver cifs share show -share-name data1\_share -instance

That was the basics of multiprotocol file-level access! By leveraging Cloud Volumes ONTAP builtin management tools you can set up volume access to NFS and SMB/CIFS clients used on Linux and Windows-based operating systems. It is important to remember that part of the access process requires username mapping and it must be configured properly for secured access. For more information on multiprotocol access and name mapping check out this guide: Multiprotocol NAS in NetApp ONTAP Overview and Best Practices.

Congratulations!

You took a deep dive into Cloud Volumes ONTAP and got to use its built-in management tools that together with BlueXP provides you three levels of administration. While with BlueXP you provision Cloud Volumes ONTAP and use it to perform daily-basis tasks, with the built-in tools you can perform advanced management operations such as:

• Instantly resize a NetApp volume, without taking your applications offline.
• Customize your snapshots lifecycle to adhere to your best practices.
• Create a scaleout file system, known as a FlexGroup volume, to address capacity and performance needs.
• Easily enable NFS and SMB clients' access to the same volume, a capability often required in a mixed environment.

As previously mentioned, note that operations available through BlueXP should be performed through BlueXP, since some operations require provisioning and management of Google Cloud infrastructure services.

Next steps / Learn more

• Subscribe to BlueXP for Cloud Volumes ONTAP through this link to receive more hands-on practice with NetApp.
• You can get a free trial of Cloud Volumes ONTAP for 30-days here.

Google Cloud training and certification

...helps you make the most of Google Cloud technologies. Our classes include technical skills and best practices to help you get up to speed quickly and continue your learning journey. We offer fundamental to advanced level training, with on-demand, live, and virtual options to suit your busy schedule. Certifications help you validate and prove your skill and expertise in Google Cloud technologies.

Manual Last Updated March 28, 2023

Lab Last Tested March 28, 2023

Copyright 2025 Google LLC. All rights reserved. Google and the Google logo are trademarks of Google LLC. All other company and product names may be trademarks of the respective companies with which they are associated.