In this blog post I will go through how to use the NetApp ONTAP storage to enable Immutable S3 repository in Veeam.

I’ve tested this with ONTAP 9.17.1 and Veeam v12.3.2

The basics steps to enable Immutable repository in Veeam with ONTAP S3 is

1. Create the bucket in System Manager

2. Enable Object lock & ensure all permissions on object lock are enabled for the user that access the bucket, I’ve noticed that after you enable object lock more permissions options are available.

A couple of years ago I did a post on how to use Packer to build Ubuntu 20.04 VM on vSphere. You can find it here. It go a lot of reads and now I’ve made an update focused on 24.04 and also changed from yaml to hcl code. I did this because I’m on a mission to move VM’s from an old KVM host to vSphere, instead of using some shady migration tool I will rebuild the VM’s and move the configuration files. I want to free the KVM host to install Proxmox instead, more on that in a later post.

YouTube Shorts is an annoying, addictive video service that my kids love. I’ve been looking for a way to disable just the shorts feature as they are allowed to view “classic videos”. In my search I stumbled upon this guide, which I’ve extended on https://dealancer.medium.com/blocking-youyube-shorts-with-nginx-and-nextdns-c2ccb0ff5452 

What I learned is that the requests to YouTube have the parameter &ctier=SH so you need to intersect the traffic to YouTube and block these specific request, while allowing the rest.

Welcome to my blog post on the security hardening guide for NetApp ONTAP! In this post, we will provide you with all the information you need to ensure the security of your NetApp ONTAP deployment. We will cover topics such as image validation, local storage administrator accounts, authentication methods, and more. So let’s dive in!

Image validation is an essential security measure that helps verify the authenticity and integrity of ONTAP images installed on your system. It ensures that the images have not been tampered with and are produced by NetApp. Upgrade image validation, introduced in ONTAP 9.3, allows you to validate images installed through image updates or automated updates. Boot-time image validation, available in ONTAP 9.4 and later versions, enables secure booting by validating the bootloader and preventing unauthorized modifications.

In early 2023 NetApp released the new licensing model ONTAP One which made it possible for everyone with active support to get use of premium-priced features such as SnapLock and Anti Ransomware. In this post, I will cover how you download and enable the new license on your system

The license change is non-disruptive and you can enable the new unlocked features in a safe manner when you wish.

Before you start you need;

Trident provides Prometheus metrics endpoints that you can use to monitor Trident, its performance, and understand your environment. In this blog, we’ll deep dive into how to install and configure Prometheus to monitor Trident.

I’ve set up my Kubernetes cluster with kubeadm, and it consists of four nodes, one master node, and three worker nodes. As Kubernetes has no built-in storage, I’ve deployed the software-defined version of NetApp ONTAP called ONTAP Select. I’ve deployed the CSI-compliant storage orchestrator, Trident. I will not go into detail on setting up K8s or Trident in this post.

This was a new discovery for me! Maybe everyone already knows about the ONTAP Select vCenter Plug-in - but for me, it’s a new acquaintance. With the plug-in, you quickly deploy and manage ONTAP clusters on your VMware environment, all from vCenter.

Let us start with what ONTAP Select is and go through the architecture of the ONTAP Select deployment process.

ONTAP Select is the software-defined version of NetApp’s storage operating system ONTAP. Essentially it’s the same operating system that runs in the appliances AFF & FAS. With ONTAP Select, you can choose to deploy it on custom hardware, KVM, or VMware.

I’m on my way to deploying Kubernetes the hard way, following Kelsey Hightowers GitHub tutorial. The guide uses GCP for compute resources, but I want to utilize my home lab based on VMware, and I want to do it in a cloud fashion, with Infrastructure as Code. For this, I leverage tools like Packer and Terraform. In my previous post, I showed you how to build a VM template on vSphere with Packer. In this post, I’ll show you how to provision VMs from that template with Terraform.

I have a home lab in my basement for learning purposes and to be able to create useful content on this blog. My next mission is to learn more about Kubernetes and advance my knowledge of IaC and Linux. For this, I need a consistent way to build and deploy Ubuntu VM’s. In this post, I’ll show you how I use Packer to create VM templates on vSphere.

Let’s hear it from the source:

We all know Kubernetes is winning the container orchestration battle. We’ve seen a shift in application development and operations. Historically, software vendors shipped .EXE files to customers, small and large. The update cycle meant a new .EXE release every 6-12 months, or something similar.

Now, the reality is that more and more software vendors turn to containers as shipping their products. Containers provide the ability to re-create the application regardless of the environment, both in development and production. No more need to install the correct dependencies on each development machine and production environment; just run docker, and you’re ready to go.