Tech ONTAP Blogs

NetApp Volumes unifies File and Object data access in Google Cloud Platform

rarvind
NetApp
108 Views

In the modern cloud landscape, organizations often struggle with "protocol silos". Traditional enterprise applications have relied on file-based storage (NFS or SMB) organized under directories, while cloud-native applications and analytics engines typically utilize object storage.

 

Accessing the same data across these disparate environments requires complex data transfer mechanisms, leading to increased costs, governance challenges, and significant latency. These data silos often force IT teams to maintain redundant copies of data, which complicates synchronization and increases the risk of data inconsistency. Furthermore, the lack of unified access hinders the ability of organizations to leverage their existing enterprise data for modern, object-friendly cloud services like AI training and big data analytics.

 

Google Cloud NetApp Volumes transforms data management through its ONTAP-Mode service level in Google Cloud Platform. By introducing NAS and S3 Duality, NetApp Volumes enables the unification of data access, allowing you to present the same underlying data as both a traditional file system and a modern object store simultaneously. This duality effectively eliminates protocol silos, enabling legacy applications using NFS or SMB to coexist seamlessly with cloud-native applications and analytics engines that require S3-compatible object storage.

 

 

Why It Is a Game Changer?

 

NAS/S3 Duality is more than just protocol support; it is a fundamental shift in how data is consumed.

 

  • Zero-Copy Efficiency: Eliminate the need to copy data between NAS folders and S3 buckets for analytics. Reducing storage costs and time to readiness.
  • Unified Security and Governance: S3 access mapping conforms to existing NAS security configurations. It observes file and directory permissions while writing to the standard security audit trail, ensuring compliance across all access methods.
  • Accelerated Innovation: Developers can write files using standard NFS/SMB clients and immediately subject that data to S3-powered analytics or AI agents without any reformatting.

 

Accelerated Use Cases

 

The ability to concurrently access storage as files or objects unlocks several high-value workflows:

 

  1. Modern Analytics: A legacy application can output log files or data via NFS/ SMB to a GCNV volume. Analytics tools can then ingest that same data directly via the S3 interface for further processing.
  2. Media & Entertainment: Media editing and rendering farms require high IOPS, shared read/write access, and low latency access to AV footage which is delivered by enterprise file protocols while long term hosting, rendering and scalable object store archive are delivered by S3.
  3. AI Frameworks: In situations where adopted AI tools are object friendly and lack support for enterprise file storage protocols, the data duality feature helps extend the same data into AI tooling with minimal effort.

 

How to Configure NAS S3 duality?

 

S3 Duality can be configured with both NFS and SMB protocols allowing users to extend their data in traditional file systems across Windows and UNIX environments to object native applications.

 

Prerequisites

  1. Setting up data duality requires a Flex Unified storage pool created with the ONTAP-Mode flag. While storage pool management is handled via the Google Cloud Console, the granular protocol configurations can be performed directly through a combination of ONTAP CLI, ONTAP REST APIs or the gcloud CLI.

  2. Obtain the name of the Storage Virtual Machine by running the below command.
    vserver show

    Vserver Type Subtype State Volume Aggregate
    ----------- ------- ---------- ---------- ---------- ----------
    gcnv-031ca5 data default running gcnv_ aggr1
    9f552fcec-s 031ca59f55
    vm-01 2fcec_svm_
    01_root
  3. Configure the DNS settings on the Storage Virtual Machine.
    vserver services name-service dns create -vserver gcnv-031ca59f552fcec-svm-01 -domains cvsdemo.internal -name-servers 10.70.0.2 -state enabled


Configure duality using NFS and S3

 

Follow the steps below to set up data duality between NFS and S3 protocols -

 

  1. Create a volume using the ONTAP-Mode storage pool that was created earlier.
    volume create -vserver gcnv-031ca59f552fcec-svm-01 -volume nfs_s3_data -size 10G -aggregate aggr1 -junction-path /nfs_s3_data
  2. Create an export-policy to provide client access to the volume.
    vserver export-policy rule create -vserver gcnv-031ca59f552fcec-svm-01 -policyname default -ruleindex 1 -protocol any -clientmatch <client_ip_cidr> -rorule sys -rwrule sys -superuser sys -anon 65534
  3. Create an Object Store Server to serve S3.
    vserver object-store-server create -vserver gcnv-031ca59f552fcec-svm-01 -object-store-server dataduality.cvsdemo.internal -is-http-enabled true -is-https-enabled false -status-admin up -listener-port 80
    Note: This example uses HTTP however you can use HTTPS as well by including a certificate.

  4. Create a Bucket that maps to the volume’s junction path.
    vserver object-store-server bucket create -bucket nfs-s3-duality -type nas -nas-path /nfs_s3_data -vserver gcnv-031ca59f552fcec-svm-01
  5. Create a Bucket Policy to set allowed permissions on the Bucket.
    vserver object-store-server bucket policy add-statement -bucket nfs-s3-duality -effect allow -action GetObject,PutObject,DeleteObject,ListBucket,GetBucketAcl,GetObjectAcl,GetBucketLocation,GetBucketPolicy,PutBucketPolicy,DeleteBucketPolicy -principal - -resource nfs-s3-duality,nfs-s3-duality/
  6. Create a user for Bucket access.
    vserver object-store-server user create -vserver gcnv-031ca59f552fcec-svm-01 -user nfss3user
    Note: Record the Access Code and Secret Key.

  7. Create a group and add the user with a desired policy.
    vserver object-store-server group create -name nfss3usergroup -users nfss3user -vserver gcnv-031ca59f552fcec-svm-01 -policies FullAccess
  8. Create a local UNIX user that will map to the bucket user for the audit trail and event logs.
    vserver services name-service unix-user create -vserver gcnv-031ca59f552fcec-svm-01 -user nfsuser1 -id 1 -primary-gid 1001 -full-name "NFS User for S3 Duality"
  9. Create a name mapping between the UNIX user and the Bucket user.
    vserver name-mapping create -vserver gcnv-031ca59f552fcec-svm-01 -direction s3-unix -position 1 -pattern nfss3user -replacement nfsuser1

 

Verification

  1. From a VM mount the volume over NFS.

    Screenshot 2026-07-01 115933 - Copy.png

  2. Navigate to the mount path and create a file with some content.
    Screenshot 2026-07-01 115933.png

  3. Use an S3 client e.g. S3 Browser, enter the S3 API endpoint - dataduality.cvsdemo.internal which is the object store server name and provide the Access Key ID and Secret Access Key.
    Screenshot 2026-07-01 120733.png

  4. The bucket should be listed and the file should be seen as an object. The content of the file can be viewed by downloading it.
    Screenshot 2026-07-01 131427.png
  5. The reverse workflow is supported as well i.e. start by creating an object in the bucket and access it from a client through the volume over NFS.

 

Configure duality using SMB and S3


Follow the steps below to set up data duality between SMB and S3 protocols.

 

In this example, an SMB user from an Active Directory that is part of the cvsdemo.internal domain will be used to showcase duality.

 

  1. Create the CIFS server on the Storage Virtual Machine.
    This operation will be executed using the ONTAP REST APIs and the below command serves as a reference.
    curl --request POST \
    --url https://netapp.googleapis.com/v1beta1/projects/<<project_number>>/locations/asia-south1-b/storagePools/nass3duality/ontap/api/name-services/name-mappings \
    --header "authorization: Bearer $(gcloud auth print-access-token)" \
    --include \
    --header "Content-Type: application/json" \
    --header "Accept: */*" \
    --header "Authorization: Basic $BASIC_AUTH" \
    --data @cifscreate.json
    The data block for @cifscreate.json should include the following attributes -
    {
    "body": {
    "svm.name" : "gcnv-031ca59f552fcec-svm-01",
    "name": "nass3duality",
    "ad_domain.user": "<<user_with_domain_join_permissions",
    "ad_domain.fqdn": "cvsdemo.internal",
    "ad_domain.password": "<<password>>"
    }
    }
    
  2. Create a volume using the ONTAP-Mode storage pool that was created earlier.
    volume create -vserver gcnv-031ca59f552fcec-svm-01 -volume smb_s3_data -size 10G -aggregate aggr1 -security-style ntfs -junction-path /smb_s3_data
  3. Create a CIFS Share using the volume.
    vserver cifs share create -vserver gcnv-031ca59f552fcec-svm-01 -share-name smb_s3_data -path /smb_s3_data
  4. Create an Object Store Server to serve S3.
    vserver object-store-server create -vserver gcnv-031ca59f552fcec-svm-01 -object-store-server dataduality.cvsdemo.internal -is-http-enabled true -is-https-enabled false -status-admin up -listener-port 80
    Note: This example uses HTTP however you can use HTTPS as well by including a certificate.

  5. Create a Bucket that maps to the share path.
    vserver object-store-server bucket create -bucket smb-s3-duality -type nas -nas-path /smb_s3_data -vserver gcnv-031ca59f552fcec-svm-01
  6. Create a Bucket Policy to set allowed permissions on the Bucket.
    vserver object-store-server bucket policy add-statement -bucket smb-s3-duality -effect allow -action GetObject,PutObject,DeleteObject,ListBucket,GetBucketAcl,GetObjectAcl,GetBucketLocation,GetBucketPolicy,PutBucketPolicy,DeleteBucketPolicy -principal - -resource smb-s3-duality,smb-s3-duality/*
  7. Create a user for Bucket access.
    vserver object-store-server user create -vserver gcnv-031ca59f552fcec-svm-01 -user smbs3user
    Note: Record the Access Code and Secret Key.

  8. Create a group and add the user with a desired policy.
    vserver object-store-server group create -name smbs3usergroup -users smbs3user -vserver gcnv-031ca59f552fcec-svm-01 -policies FullAccess
  9. Create a name mapping between the AD user 'CVSDEMO\rarvind' and the Bucket user 'smbs3user'.
    This operation will be executed using the ONTAP REST APIs and the below command  serves as a reference.
    curl --request POST \
    --url https://netapp.googleapis.com/v1beta1/projects/<<project_number>>/locations/asia-south1-b/storagePools/nass3duality/ontap/api/name-services/name-mappings \
    --header "authorization: Bearer $(gcloud auth print-access-token)" \
    --include \
    --header "Content-Type: application/json" \
    --header "Accept: */*" \
    --header "Authorization: Basic $BASIC_AUTH" \
    --data @namemappings.json
    The data block for @namemappings.json should include the following attributes.
    {
    "body": {
    "svm.name": "gcnv-031ca59f552fcec-svm-01",
    "index": 1,
    "direction": "s3-win",
    "pattern": "smbs3user",
    "replacement": "CVSDEMO\\\\rarvind"
    }
    }
    

Verification

 

  1. From a VM mount the SMB share created earlier.
    Screenshot 2026-07-01 133240.png

  2. Create a file within the share.
    Screenshot 2026-07-01 133347.png

  3. Use an S3 client e.g. S3 Browser, enter the S3 API endpoint - dataduality.cvsdemo.internal which is the object store server name and provide the Access Key ID and Secret Access Key.
    Screenshot 2026-07-01 133713.png
  4. The bucket should be listed and the file should be seen as an object. The content of the file can be viewed by downloading it.
    Screenshot 2026-07-01 134017.png
  5. The reverse workflow is supported as well i.e. start by creating an object in the bucket and access it from a client through the SMB share.

 

Conclusion

 

The integration of ONTAP-Mode within Google Cloud NetApp Volumes represents a significant advancement in cloud storage, offering the robust data management capabilities of ONTAP as a native Google Cloud service. By implementing NAS/S3 Duality, organizations can move beyond the inefficient "copy-and-paste" data management model that creates redundant silos.

 

This technology facilitates a unified data strategy where the same datasets are simultaneously accessible via traditional file protocols like NFS and SMB, as well as S3 object storage. This duality not only simplifies infrastructure but also enables seamless transitions between legacy enterprise workloads and cloud-native analytics or AI applications without the need for data migration or reformatting. 

 

Ultimately, Google Cloud NetApp Volumes empowers users to maximize the value of their data with increased agility and lower operational overhead.

 

Ready to transform your data strategy?

Contact your Google Cloud or NetApp representative today to learn how Google Cloud NetApp Volumes can unify your file and object data management.

Public