BlueXP workload factory is an intelligent automation, management, and optimization service that implements industry best practices in the design, setu ...read more
CrowdStrike Outage: A wake-up call
The unexpected can swiftly become the new normal in today's digital landscape. On July 19, 2024, there was a widespread IT outage across on-premises and public cloud resources due to a CrowdStrike Falcon sensor update. The incident profoundly impacted Microsoft Windows-based VMs and services worldwide, causing them to crash. The repercussions were felt across various industries, including airlines and hospitals, serving as a stark reminder of the paramount importance of robust and reliable backup and recovery solutions like NetApp SnapCenter to ensure business resilience.
Customers who had implemented Netapp SnapCenter could weather the disruption with remarkable resilience. By leveraging the power of point-in-time snapshots captured by SnapCenter, these organizations successfully performed instant VM or bulk restores, minimizing their downtime and swiftly bringing critical systems back online.
If you are new to SnapCenter, please visit this page to learn more about the product.
What's new in SnapCenter 6.0
Data is the lifeblood of any business, and securing and protecting workloads and hypervisor environments is paramount. As an IT professional, you're acutely aware of the critical role of snapshots and backups in ensuring business resilience. I'm thrilled to share the new features in SnapCenter 6.0.
Let's dive into the benefits of installing or upgrading to SnapCenter 6.0 and how it can enhance your data protection strategy:
SnapCenter allows you to protect more workloads within your data center.
Modernizing outdated applications is a significant aspect of contemporary database management. Customers who migrate some of their traditional databases to modern databases for speed and flexibility stumble while designing an efficient data protection strategy. SnapCenter addresses these challenges by providing a dedicated plugin that automates all the critical tasks for DBAs. With the 6.0 release, SnapCenter introduces three new plugins for the most popular workloads, such as PostgreSQL, MySQL, and MongoDB. These plugins enable quick backup & restore in seconds. It also supports instant cloning with 100% storage efficiency for development and testing environments both on-premises and in the cloud (Cloud volumes ONTAP, Azure NetApp files, and Amazon FSxN storage)
In the increasingly complex and dynamic landscape of information technology, SAP has been a pioneering force for over 5 decades. Until 5.0, SnapCenter could support S/4 HANA and SAP on Oracle and SQL servers; however, the protection story was incomplete without the support for SAP ASE, SAP on IBM DB2, and SAP maxDB. This 6.0 SnapCenter will offer comprehensive protection for the entire SAP landscape (6 databases) in on-premises and cloud (Azure NetApp Files and Amazon FSxN ) storage.
SnapCenter is introducing a new plugin for Oracle titled “ Oracle applications.” Similar to the one in Snap Creator, this plugin can flexibly protect and manage Oracle databases and application volumes running on Windows or Linux operating systems.
Lastly, Customers with home-grown applications or other databases like Milvus for AI/ML use cases can now use SnapCenter’s Storage plugin. It empowers them to embed their business logic for database/application quiescing while SnapCenter handles storage tasks like snapshots, restores, and FlexClone. The plugin offers all the knobs to automate, pass pre- and post-scripts for quiescing, umounting, or mounting the workload.
SnapCenter can now be deployed on Linux VMs apart from Windows
Traditional and modern databases deployed mainly on Unix/Linux environments prefer a backup solution that runs on Linux environments. The new, redesigned SnapCenter 6.0 helps accommodate the protection needs of both Linux and Windows-based customers with separate binaries. The 6.0 version will have separate SnapCenter packages for Redhat and SLES operating systems.
Modern Datacenter Future-proofing
NVMe/TCP: Customers who have modernized their storage infrastructure using the NVMe/TCP protocol for better performance and throughput can now use SnapCenter 6.0 to seamlessly backup, restore, and clone databases, filesystems, VMware datastores, and virtual machines.
VMware vVols simplifies operations through policy-driven automation, enabling more agile storage consumption for virtual machines and real-time dynamic adjustments for customers. Customers who have deployed databases and filesystems on vVols can use SnapCenter 6.0 to backup, restore, and clone their workloads.
SnapCenter offers transparent protection of workloads in synchronously replicated storage environments (RPO=0, RTO=0)
Customers who are using NetApp SnapMirror® active sync in a symmetric active-active architecture across two sites with a zero-recovery time objective (RTO) and a zero-recovery point objective (RPO) for continuous business operations can now back up and recover their applications and virtual machines (VMs) by using snapshots created through SnapCenter. So, if a failure occurs, they can continue to operate backups, restores, and clones from the remaining active site.
Backup, Restore, and Clone Support for Microsoft SQL Server Over SMB3
Customers with Microsoft SQL Server databases on CIFS shares using the SMB 3.0 protocol in ONTAP, Cloud Volumes ONTAP, Amazon FSxN, and Azure NetApp Files can now perform backup, restore, and clone operations using SnapCenter 6.0. Customers can utilize our extensive features to manage and safeguard SQL databases in the CIFS environment, regardless of the SQL deployment type. This unblocks our Azure and ONTAP customers using SQL server over SMB.
Removal of SnapCenter License Enforcements for CVO
Protecting applications on Cloud Volumes ONTAP is a crucial task for customers, but previous SnapCenter required a standard capacity license to protect data on Cloud Volumes ONTAP platforms. With the new SnapCenter 6.0, customers can protect applications on CVO without a standard capacity license. CVO can now be added to SnapCenter like FAS and AFF ONTAP systems without needing a SnapCenter Standard capacity license. This dramatically enhances the database/filesystem backup & restore experience for our Cloud Volumes ONTAP customers.
In conclusion, SnapCenter offers comprehensive data protection and incorporates the powerful SnapLock capabilities within its arsenal. With SnapLock, organizations can establish immutable snapshots, safeguarding them against tampering and ensuring the integrity of critical data. Whether facing malicious attacks, natural disasters, or disruptive incidents like the recent Crowdstrike outage, SnapCenter stands ready to protect snapshots and provide a secure and resilient backup solution, enabling swift recovery of critical data. SnapCenter empowers businesses to proactively mitigate risks and maintain data integrity in an ever-evolving threat landscape.
Get in Touch
If you have any feedback or concerns, write to ng-snapcenter-feedback@netapp.com. For Demos or POC requests, scan the QR code or click below to fill out the form.
Clickable Link
Additional resources:
Click Here for Documentation. Click Here to Download SnapCenter 6.0
... View more
Overview
Customers are on a fast-paced journey to constantly evolve, refine and optimize their virtualization and Hybrid Multi-cloud strategy. An integral part of the solution is to efficiently manage storage requirements across different workloads. ONTAP tools for VMware vSphere provides end-to-end life cycle management capabilities for virtual machine storage in VMware environments that use NetApp storage systems.
With the release of ONTAP tools for VMware vSphere 10.0, we made a significant pivot to deliver a next generation micro services-based appliance that enables storage consumption at scale in a vSphere-backed environment. With a focus on helping customers on their journey to build an agile virtualization platform, we are delighted to announce the general availability of ONTAP tools for VMware vSphere (OTV) 10.1.
In the initial release of OTV 10.0, we focused on demonstrating scale and availability with vVols and adapting an API-first approach. This positioned us with a strong future-proof foundational architecture to build out advanced integration capabilities. In this release, we have expanded the lifecycle management capabilities to traditional NFS, and VMFS-based datastores, introducing support for VMware Live Site Recovery (VLSR, formerly Site Recovery Manager[SRM]), and simple-to-use vCenter UI enhancements suitable for every vCenter administrator. Lastly, the administration of ONTAP tools itself has been greatly improved. This blog is aimed at providing an overview of the key product capabilities and its benefits.
Enhanced protocol coverage with NFS and VMFS Datastore Support
Based on various factors such as workload requirements, existing hardware and network topology in your datacenters; you may require file or block-based storage. To accommodate these requirements, customers can leverage ONTAP tools for VMware vSphere to provision and manage vVols, NFS, and VMFS datastore types through NFS and iSCSI protocols. Does your environment require different protocols? There's no need to worry, we will be adding more protocols in the upcoming versions.
Storage Replication Adapter (SRA) integration
Storage Replication Adapter (SRA) is now integrated as part of ONTAP tools 10 and conforms to VMware Site Recovery Manager (SRM) specifications. This release includes support for NFS datastores and iSCSI-based VMFS datastores. SRA workflows include failover, reprotect, and test failover commands invoked from VMware SRM. Also new is the support for VLSR shared site configurations which allow you to fan-in or fan-out your VLSR servers. You can read more about VLSR shared site configurations here https://docs.vmware.com/en/VMware-Live-Recovery/services/vmware-live-site-recovery/GUID-BC46053B-644C-420B-BC68-B71D450711A5.html
Rich vCenter User Interface (UI) Integration Support for All Workflows
ONTAP tools for VMware vSphere 10.1 provide a rich user experience and interface for the most common workflows. You can now seamlessly manage Day-0 to Day-2 operations and extensively benefit from the following capabilities:
Manageability and Monitoring of NFS, VMFS, and vVols datastores
Storage Replication Adapter for NFS and VMFS datastores
VASA provider registration and unregistration
VAAI plug-in installation
Optimize host configuration
Enhanced Appliance Management and Administrative Operations
ONTAP tools 10.1 introduces a new and enhanced appliance administration interface called ONTAP tools Manager UI. This helps provide better control and manageability, specifically for a large fleet of vCenters, ONTAP platforms, and multi-tenant environments.
You can now leverage the ONTAP tools Manager UI page for:
Storage backend management: Add and manage ONTAP storage clusters to ONTAP tools for VMware vSphere and map them to onboarded vCenters globally.
vCenter management: Add and manage vCenters to ONTAP tools for VMware vSphere.
Analyse and troubleshoot: Collect log bundles for ONTAP tools for VMware vSphere.
Certificate management: Change the self-signed certificate to a custom CA certificate and renew or refresh all certificates.
Password management: Reset the OVA application password for the user.
Easy Deploy mode
ONTAP tools for VMware vSphere 10.1 supports a simplified deployment mode called “Easy Deploy”. In this mode, there are fewer user inputs and prerequisites needed to kick-start the deployment. This helps in quickly provisioning a single instance (without high availability) to experience a wide array of features of ONTAP tools for VMware vSphere 10.1 release.
Summary
OTV provides a unified management plane for storage lifecycle management capabilities such as provisioning, monitoring and disaster recovery capabilities. This helps you to efficiently manage the evolving storage needs in a large environments. With the newest release, ONTAP tools 10 introduces a plethora of features that simplifies Day-0-N operations. Enhanced integrations with VMware vSphere enable you to manage multiple VMware vCenters, ONTAP storage platforms and unparalleled levels of automation capabilities.
Call to action
Explore our documentation set to gain a deeper understanding of the rich capabilities
Download ONTAP tools 10.1 now and see for yourself how it can simplify storage management for vSphere, tear down silos, and boost your operational efficiency.
Best of all, there’s no cost. Full functionality is included in your ONTAP One license
... View more
NetApp volumes added support to manage the local Administrators group of the SMB server. This article will explain what local groups are, what they are good for and how to manage them.
... View more
StorageGRID provides several ways to encrypt your data at rest including the use of external key management servers. We have partnered with Entrust to add their KeyControl product to the lineup of supported Key management solutions for StorageGRID node encryption. KeyControl provides a highly available decentralized vault-based solution that is compliant with the Key Management Interoperability Protocol (KMIP). This makes KeyControl an excellent option for StorageGRID. For more information on KeyControl and to try it for yourself, please visit their website. For installation and configuration instructions please read the KeyControl online documentation. You should also read through the StorageGRID documentation relating to encryption and KMS configuration.
Let’s walk through a basic implementation with a single site StorageGRID solution containing a mix of virtual appliances and a physical appliance. Only the physical appliance will be encrypted with a key from two KeyControl servers.
Once you have chosen your KeyControl deployment method and have the desired number of clustered KeyControl server installed, it is time to create a new vault.
In KeyControl, this is as simple as clicking the “Create Vault” button
Fill in the details for the vault.
Choose “KMIP” for the Type of vault
Give the vault a name
Add an optional description
Provide an admin name and email (the Email address will be the login name)
Click on the create vault button and when the vault has been created, a window will pop up containing the link to the Vault URL, username, and a randomly generated temporary password. Make sure you copy out these items as you will need them for the remaining steps.
Open the Vault URL and login with the provided credentials. You will be prompted to set a new password and log in with the new password.
Once logged into the vault click on the large Security icon in the middle. And then on Client Certificates to create the certificate bundle required to authenticate StorageGRID to the KMS.
In the Client certificate window, click on the “+” to create a new certificate.
In the Certificate creation window, provide a name for the certificate, and an expiration date. We will not have a CSR to upload and do not check the boxes for Authentication or Encryption. Click the Create button and the new certificate will be generated and appear in the Manage Client Certificate list.
Select the new certificate and click on the download button. Unzip the certificate package and you will have two .pem files: cacert.pem and certificate_name.pem. The named certificate file is a combined certificate and key that will need to be separated out into individual files with the Key text (highlighted in blue) as a new file named certificate_name.key. The “Bag Attributes” and “Key Attributes” sections are optional.
We are now ready for the StorageGRID configuration. For an appliance to use node encryption with an external KMS, it must be set at the time the appliance is installed. From inside the installer UI, select the Node Encryption menu item under the Configure Hardware Tab, check the box to enable node encryption and save. Repeat this step for all nodes to be encrypted. The node is now ready to be joined to the StorageGRID solution.
Once the node or nodes are all installed and part of the grid, you can now configure StorageGRID to use the KeyControl cluster for kms.
On the StorageGRID management UI under the Configuration tab, click on the Key management server menu item in the Security column.
Click the Create button to add the new KeyControl KMS.
Under the details for the new KMS configuration. Provide a name to identify the KMS, an encryption key name (If one exists already in the KeyControl Vault that you wish to use, or this will be the name of the new key created by this process), what site should be managed by this KMS or all sites not managed by another configured KMS, the port should remain the default, and the hostnames or IP’s on the KeyControl servers in the cluster.
After the details have been entered click the continue button to get to the next page to upload the server certificate. This is the cacert.pem file that was provided by the KeyControl client certificate creation.
Once the certificate is successfully uploaded, click the continue button for the next page where we upload the client certificate and key files.
The final step is to click the Test and save button. If all went well you should be greeted with a final window that informs you there is no existing key in the vault and a new key will be created.
Once the key is created you will see the new KMS in the list with a certificate status unknown. After a few minutes this will update to show the certificates are valid.
Clicking on the KMS name will bring up the information on the KMS. This is also where you can choose to rotate the keys.
You can click on the Encrypted nodes tab and verify the nodes encrypted and the keys used.
If we look in the KeyControl vault Objects, we see the keys in the vault and can compare to the StorageGRID keys in use.
... View more