Cloud Volumes ONTAP

GCP CVO single node network security


Hello Team,

I am working to setup a new CVO instance on GCP so I am going to create a single node instance via BlueXP console.

At this moment I have some concerns about the network, I see that only one VPC is required 


then I will have ONTAP mgmt interfaces AND data interface on the same network subnet.

How this sound for you?

Does it may be better to have the management interfaces on a different subnet?



The default deployment for Single Node from Blue XP creates both Mgmt Interfaces (Node-mgmt, Cluster-mgmt) and the data interfaces ( NAS and ISCSI lif ) all on same subnet and single VPC and on port e0a.

If different subnets and VPCs required - Kindly either create a HA pair or file a Feature Policy Variation request (FPVR) via the account teams as the current design for single node supports only single VPC and subnet.


  • Single node
    BlueXP allocates 4 IP addresses to a single node system:

    • Node management LIF

    • Cluster management LIF

    • iSCSI data LIF


      An iSCSI LIF provides client access over the iSCSI protocol and is used by the system for other important networking workflows. These LIFs are required and should not be deleted.
    • NAS LIF

      You can skip creation of the storage VM (SVM) management LIF if you deploy Cloud Volumes ONTAP using the API and specify the following flag:

      skipSvmManagementLif: true