ONTAP tools for VMware vSphere 9.13
Considerations for deploying ONTAP tools
Before you deploy ONTAP tools for VMware vSphere, it is good practice to plan your deployment and decide how you want to configure ONTAP tools in your environment.
The following table presents an overview of what you should consider before you deploy ONTAP tools.
Considerations |
Description |
First-time deployment of ONTAP tools |
The deployment of the ONTAP tools automatically installs the ONTAP tools features. |
Upgrading from an existing deployment of ONTAP tools |
The upgrade procedure from an existing deployment of ONTAP tools to ONTAP tools depends on the version of ONTAP tools, and whether you have deployed ONTAP tools. The deployment workflows and upgrade section has more information. Best practices before an upgrade:
|
Regenerating an SSL certificate for ONTAP tools |
The SSL certificate is automatically generated when you deploy the ONTAP tools. You might have to regenerate the SSL certificate to create a site-specific certificate. |
Setting ESXi server values |
Although most of your ESXi server values are set by default, it is a good practice to check the values. These values are based on internal testing. Depending on your environment, you might have to change some of the values to improve performance. |
Guest operating system timeout values |
The guest operating system (guest OS) timeout scripts set the SCSI I/O timeout values for supported Linux, Solaris, and Windows guest operating systems to provide correct failover behavior. |
The following table presents an overview of what you require to configure the ONTAP tools.
Considerations |
Description |
Requirements of role-based access control (RBAC) |
ONTAP tools supports both vCenter Server RBAC and ONTAP RBAC. The account used to register ONTAP tools to vCenter Server ( If your company requires that you restrict access to vSphere objects, you can create and assign standard ONTAP tools roles to users to meet the vCenter Server requirements. You can create the recommended ONTAP roles by using ONTAP System Manager using the JSON file provided with the ONTAP tools. If a user attempts to perform a task without the correct privileges and permissions, the task options are grayed out. |
ONTAP version |
Your storage systems must be running ONTAP 9.7, 9.8P1 or later. |
Storage capability profiles |
To use storage capability profiles or to set up alarms, you must enable VASA Provider for ONTAP. After you enable VASA Provider, you can configure VMware Virtual Volumes (vVols) datastores, and you can create and manage storage capability profiles and alarms. The alarms warn you when a volume or an aggregate is at nearly full capacity or when a datastore is no longer in compliance with the associated storage capability profile. |
Additional deployment considerations
You must consider few requirements while customizing the deployment ONTAP tools.
Application user password
This is the password assigned to the administrator account. For security reasons, it is recommended that the password length is eight to thirty characters long and contains a minimum of one upper, one lower, one digit, and one special character. Password expires after 90 days.
Appliance maintenance console credentials
You must access the maintenance console by using the “maint” user name. You can set the password for the “maint” user during deployment. You can use the Application Configuration menu of the maintenance console of your ONTAP tools to change the password.
vCenter Server administrator credentials
You can set the administrator credentials for the vCenter Server while deploying ONTAP tools.
If the password for the vCenter Server changes, then you can update the password for the administrator by using the following URL: https://<IP>:8143/Register.html
where the IP address is of ONTAP tools that you provide during deployment.
Derby database password
For security reasons, it is recommended that the password length is eight to thirty characters long and contains a minimum of one upper, one lower, one digit, and one special character. Password expires after 90 days.
vCenter Server IP address
-
You should provide the IP address (IPv4 or IPv6) of the vCenter Server instance to which you want to register ONTAP tools.
The type of ONTAP tools and VASA certificates generated depends on the IP address (IPv4 or IPv6) that you have provided during deployment. While deploying ONTAP tools, if you have not entered any static IP details and your DHCP then the network provides both IPv4 and IPv6 addresses.
-
The ONTAP tools IP address used to register with vCenter Server depends on the type of vCenter Server IP address (IPv4 or IPv6) entered in the deployment wizard.
Both the ONTAP tools and VASA certificates will be generated using the same type of IP address used during vCenter Server registration.
IPv6 is supported only with vCenter Server 6.7 and later.
Appliance network properties
If you are not using DHCP, specify a valid DNS hostname (unqualified) as well as the static IP address for the ONTAP tools and the other network parameters. All of these parameters are required for proper installation and operation.