= Manage Amazon FSx for NetApp ONTAP resources :toc: :icons: :linkattrs: :imagesdir: ../resources/images == Summary This section will help you become familiar with using the Amazon FSx console and ONTAP CLI to manage your Amazon FSx for NetApp ONTAP file systems. You can use the Amazon FSx console, AWS CLI or FSx API to create a new file system. In addition to these AWS management tools you can also use NetApp management tools like NetApp Cloud Manager, ONTAP CLI and ONTAP REST API to manage the file system. == Duration NOTE: It will take approximately 20 minutes to complete this section. == Manage FSx for ONTAP resources from the Amazon FSx console === Examine the file system . Go to the link:https://console.aws.amazon.com/fsx/[Amazon FSx] console, *_Click_* the *File system ID* of your Amazon FSx for NetApp ONTAP file system. . *_Examine_* the *Summary* section of the file system. *_Find_* the values of the following file system attributes: * File system ID * Lifecycle state * Deployment type * SSD Storage capacity * Throughput capacity * Provisioned IOPS * Availability Zones * Creation time . *_Examine_* the *Network & security* section of the file system. *_Click_* the *Network & security* tab. *_Find_* the values of the following file system attributes: * VPC * Endpoint IP address range * KMS key ID * Route tables * Management endpoint - DNS name and IP address * Inter-cluster endpoint - DNS name and IP address . *_Examine_* the subnet attributes of the file system. *_Find_* the values of preferred and standby subnets: * Subnets * Availability Zones * Network interfaces * How would you find the VPC security groups associated to the file system? * Hint: *_Click_* the Network interface link of the preferred subnet. From the *Details* tab of the preferred file server's ENI, *_click_* the *view inbound rules* link within the *Security groups* attribute. *_Close_* the browser tab of the *Network interface* console. . *Return* to the link:https://console.aws.amazon.com/fsx/[Amazon FSx] console. . *_Examine_* the *Administration* section of the file system. *_Click_* the *Administration* tab. *_Find_* the values of the following file system attributes: * Service account username * Management endpoint - DNS name and IP address * Inter-cluster endpoint - DNS name IP address * Weekly maintenance window ==== Connect to the Linux Instance //image::.gif[align="left", width=600] . Open the link:https://console.aws.amazon.com/ec2/[Amazon EC2] console. + TIP: *_Context-click (right-click)_* the link above and open the link in a new tab or window to make it easy to navigate between this GitHub workshop and AWS console. + . Make sure you are in the same *AWS Region* as the workshop environment. If you need to change the *AWS Region* of the Amazon EC2 console, in the top right corner of the browser window *_click_* the region name next to *Support* and *_click_* the appropriate *AWS Region* from the drop-down menu. . *_Click_* *Instances (running)*. . *_Click_* the radio button next to the instance with the name *FSx for ONTAP Workshop Linux Instance*. . *_Click_* the Connect button. * Connect using AWS Systems Manager - *_Select_* *Session Manager* tab and *_click_* the Connect button to open a session in your browser. (*recommended*) * SSH using Terminal client - *_Select_* *SSH client* tab and *_Copy_* the Example SSH command shown and *_click_* Close. ** *_Open_* your terminal application and *_paste_* the SSH command in a terminal window. ** *_Follow_* the prompts to SSH into the instance. + TIP: For a smooth experience to toggle between multiple sessions connecting to: + 1) FSx for ONTAP Workshop Linux Instance + 2) ONTAP CLI session to your FSx for NetApp ONTAP file system and + we recommend you create 2 x SSH terminal or Session Manager sessions (tabs) to the Linux Instance. + . From the SSH connection of your *FSx for ONTAP Workshop Linux instance* and export the below values. Replace the IP with IP address of your file system management endpoint. + [source,bash] ---- ADMINUSER="fsxadmin" MGMTENDPOINT="x.x.x.x" ---- + . *Return* to the link:https://console.aws.amazon.com/fsx/[Amazon FSx] console. === Create a storage virtual machine (SVM) joined to Active Directory . *_Click_* on the *Storage virtual machines* tab of your file system. *_Click_* *Create storage virtual machine* and input the values shown here: + [cols="2,13"] |=== | *File system* a| Select the file system ID for your FSx for NetApp ONTAP file system | *Storage virtual machine name* a| svm01 | *SVM administrative password* a| Accept the default | *Active Directory* a| Select - Join an Active Directory | *Net BIOS name* a| svm01 | *Active Directory domain name* a| example.com | *DNS server IP addresses* a| Enter the Active Directory DNS server IP addresses. You can retrieve the DNS addresses using link:https://console.aws.amazon.com/directoryservice[Directory Service]. *_click_* Directory ID with Directory name *example.com*. Under *Networking & Security* tab you will find two DNS addresses | *Service account username* a| Enter the Active Directory username created by the workshop resource. You can retrieve the username using link:https://console.aws.amazon.com/secretsmanager[AWS Secrets Manager]. *_Select_* Secret name *Password-GUID* and *_Click_* on *Retrieve Secret value* to get the username | *Service account password* a| Enter the Active Directory user password created by the workshop resource. You can retrieve the password using link:https://console.aws.amazon.com/secretsmanager[AWS Secrets Manager]. *_Select_* Secret name *Password-GUID* and *_Click_* on *Retrieve Secret value* to get the password | *Confirm password* a| Re-Enter the Active Directory user password | *Organizational Unit (OU) within which you want to join your file system* a| Input *OU=Computers,OU=example,DC=example,DC=com* | *Delegated file system administrators group - optional* a| Accept the default | *SVM root volume security style* a| Accept the default |=== + . After you have entered or accepted values for all parameters, *_click_* *Confirm* . It will take approximately *5 minutes* to create the new SVM. You can proceed to *Create a volume* step without waiting for the SVM to be fully available. === Create a volume . *_Click_* on the *volumes* tab of your file system. *_Click_* *Create volume* and input the values shown here: + [cols="2,7"] |=== | *File system* a| Select the file system ID for your FSx for NetApp ONTAP file system | *Storage virtual machine name* a| Select the Storage virtual machine you created | *Volume name* a| Input vol1 | *Junction path* a| Input /vol1 | *Volume Size* a| Input 100000 | *Storage efficiency* a| Select Enabled | *Capacity pool tiering policy* a| Select *None* |=== + . After you have entered or accepted values for all parameters, *_click_* *Confirm* . It will take approximately *2 minutes* to create the new volume. === Examine new resources from the Amazon FSx Console . *_Return_* to the link:https://console.aws.amazon.com/fsx/[Amazon FSx] console. . *_Examine_* the *Storage virtual machines(SVMs)* section of the file system. *_Click_* the *Storage virtual machines* tab. *_Find_* the values of the following file system attributes: * SVM Name * SVM ID * Is the SVM joined to an Active Directory? . *_Examine_* the *Volumes* section of the file system. *_Click_* the *Volumes* tab. *_Find_* the values of the following file system attributes: * Volume Name * Which SVM does the volume belong to? * What is the junction path for the volume? + TIP: Each SVM has a unique namespace with the SVM root volume being the entry point to the namespace. Do you see */* as Junction Path for the root? You add volumes to this namespace by creating a junction path. The *vol1* volume uses */* as the entry point and has junction path */vol1*. You can create junction points directly below the parent volume or on a directory withn the volume. Ex: /vol1/vol2. You will use the junction path to mount your volume. + * What is the size of your volume? * Does the volume have a Tiering Policy configured? . *_Examine_* the *Backups* section of the file system. *_Click_* the *Backups* tab. * Are daily automatic backups enabled? * *_Click_* *Update* to Change backup window and retention period. Accept default values and *_Click_* *Save*. . *_Examine_* the *Tags* section of the file system. *_Click_* the *Tags* tab. * What tags (key/value) pairs are assigned to the file system? * Add a new tag (key/value) pair. *_Click_* the *[Add]* button and enter a *key* / *value* of your choice (e.g. Tag Key=Name, Value=FSxOntap-workshop). *_Click_* the *Save* button. == Manage FSx for ONTAP resources from the ONTAP CLI === Connect to the ONTAP CLI session . *_Return_* to the SSH connection of your *FSx for ONTAP Workshop Linux instance* and SSH to the file system management endpoint. + [source,bash] ---- ssh ${ADMINUSER}@${MGMTENDPOINT} ---- + . *_Enter_* *yes*, if you get the authenticity warning to trust the host on the SSH connection. At the *_Password_* prompt, Enter the password for your file system. You can retrieve the password using link:https://console.aws.amazon.com/secretsmanager[AWS Secrets Manager]. *_Select_* Secret name *FSxPassword-* and *_Click_* on *Retrieve Secret value* to get the fsxadmin user password. Upon successful login you will see the prompt as shown below: + [source,bash] ---- FsxId08361928e949c6b55::> ---- + === Examine the available ONTAP CLI commands . *_Type_* *?* to get a list of available ONTAP CLI commands. + [source,bash] ---- FsxId08361928e949c6b55::> ? cluster> Manage clusters event> Manage system events exit Quit the CLI session history Show the history of commands for this CLI session job> Manage jobs and job schedules lun> Manage LUNs man Display the on-line manual pages network> Manage physical and virtual network connections qos> QoS settings redo Execute a previous command rows Show/Set the rows for this CLI session security> The security directory set Display/Set CLI session settings snaplock> Manages SnapLock attributes in the system snapmirror> Manage SnapMirror statistics> Display operational statistics statistics-v1> The statistics-v1 directory storage> Manage physical storage, including disks, aggregates, and failover system> The system directory top Go to the top-level directory up Go up one directory volume> Manage virtual storage, including volumes, snapshots, and mirrors vserver> Manage Vservers ---- + === Examine the file system . *_Run_* the following command to get a list of available volumes. Does this match the volumes you reviewed in the Amazon FSx console? + [source,bash] ---- vol show ---- + . *_Run_* the following command to list all the Logical Interfaces (LIFs). How many LIFs do you see and what are they used for? + [source,bash] ---- network interface show ---- + . Note the IP address of the NFS Endpoint LIF of your SVM (_nfs_smb_management_1_). Type quit to exit the ONTAP CLI session and return to *FSx for ONTAP Workshop Linux instance*. Then export the IP address of the NFS Endpoint. + [source,bash] ---- NFSENDPOINT="x.x.x.x" ---- + == Next section Click the link below to go to the next section. image::multi-protocol-access.jpg[link=../04-multiprotocol-access/, align="left",width=420]