We run a backup service like this on one cluster for multiple customers.  

Sebastian's advice is basically what we do.  The one thing I can add is be aware of

cluster name collisions for cluster peering.  We ran into a situation where some of the customer's

clusters were set up by the same PS resource and as a result the clusters all were named 

the same.  That caused issues for peering.


And we've arranged for all customers to use separate VLAN ids.



From: Toasters <toasters-bounces@teaparty.net> on behalf of Heino Walther <hw@beardmann.dk>
Sent: Tuesday, March 9, 2021 4:32 AM
To: Sebastian Goetze; Markus Nödl; toasters@teaparty.net
Subject: SV: Remote backup hosting with ONTAP...
 

Hi there

 

Ahh I’m stupid 😉. Sorry…

I’m not sure why I thought that I would need the cluster mgmt lif. In order to create the cluster peering… of cause you only need the IC LIFs here… and they will be running in an ipspace inside a vlan.

Easy 😉

 

Now NetApp only needs to enable web management for each separate SVM…. I have not tested 9.8 yet, but I’m pretty sure you still need to manage your SVM via ssh/rest?

 

/Heino

 

 

Fra: Sebastian Goetze <spgoetze@gmail.com>
Dato: tirsdag, 9. marts 2021 kl. 13.27
Til: Markus Nödl <mnoedl@anexia-it.com>, Heino Walther <hw@beardmann.dk>, toasters@teaparty.net <toasters@teaparty.net>
Emne: Re: Remote backup hosting with ONTAP...

Yep,

  • IPSpaces for every Source-Cluster (or every customer)
  • InterCluster LIFs "in" those IPSpaces
    • These are the LIFs, that will be used for Cluster Peering
  • SVM Management LIFs for control, if necessary (not the Cluster Mgmt LIFs you (Heino) mentioned)
  • I can't think of a reason, why you would need to give access to the Cluster Mgmt LIF to your customers
    • Firewall rules probably unnecessary

my 2c

 

Sebastian

On 09.03.2021 13:19, Markus Nödl wrote:

Keep in mind that cluster peering involves the intercluster lifs as well as the snapmirror/vault traffic is passing through those lifs. AFAIK you will have to have ipspaces for your intercluster lifs (at least on the destination) to peer all those source machines

 

Markus Nödl

Senior Storage Architect

 

ANEXIA Internetdienstleistungs GmbH

 

Telefon: +43-50-556-3410

Mobil: +43 664 88241622

 

E-Mail: MNoedl@anexia-it.com

Web: http://www.anexia.com/

 

Anschrift Hauptsitz Klagenfurt: Feldkirchnerstraße 140, 9020 Klagenfurt

Geschäftsführer: Alexander Windbichler

Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601

 

 

 

From: Toasters <toasters-bounces@teaparty.net> on behalf of Heino Walther <hw@beardmann.dk>
Date: Tuesday, 9. March 2021 at 13:03
To: "toasters@teaparty.net" <toasters@teaparty.net>
Subject: Remote backup hosting with ONTAP...

 

Hi there

 

I need some suggestions to a setup where we will be hosing remote backup of other ONTAP clusters  on one ONTAP FAS cluster.

The clusters that needs to be backed up should be backed up are on separate VLANS and should be kept separate.

So the plan is to create a SVM per system in its own VLAN.

Trouble is that in order to setup a SVM-Peer you first need to setup a cluster peer…

So I guess there are several ways to do this…

 

  1. Create several cluster mgmt. LIFs (one for each VLAN)
    1. Could this cause issues?
  1. Create a firewall rule for the existing cluster mgmt. LIF so is can be reached from all the VLANs.

 

I will also be using ipspaces for this because of security, and because there are two systems using the same IP range…

 

Suggestions are welcome..  I somewhat lean towards option 1.

 

/Heino

 

Heino Walther

Beardmann ApS

Jellingvej 9 - 7100 Vejle

 

D: 7199 9060 M: 2075 7501

-- 

 



_______________________________________________
Toasters mailing list
Toasters@teaparty.net
https://www.teaparty.net/mailman/listinfo/toasters