Trident Documentation NetApp Oct 15, 2020 Introduction 1 What is Trident? 3 2 Trident for Kubernetes 5 2.1 Upgrading/Downgrading Trident....................................6 2.2 Deploying................................................ 11 2.3 Common tasks.............................................. 18 2.4 Concepts................................................. 64 2.5 Known issues............................................... 75 2.6 Troubleshooting............................................. 75 3 Design and Architecture Guide 77 3.1 Introduction............................................... 77 3.2 Concepts and Definitions......................................... 78 3.3 NetApp Products and Integrations with Kubernetes........................... 82 3.4 Kubernetes Cluster Architecture and Considerations.......................... 83 3.5 Storage for Kubernetes Infrastructure Services............................. 87 3.6 Storage Configuration for Trident.................................... 92 3.7 Deploying Trident............................................ 98 3.8 Integrating Trident............................................ 101 3.9 Backup and Disaster Recovery...................................... 111 3.10 Security Recommendations....................................... 117 3.11 Frequently Asked Questions....................................... 117 4 Trident for Docker 127 4.1 Deploying................................................ 127 4.2 Host and storage configuration...................................... 128 4.3 Common tasks.............................................. 146 4.4 Known issues............................................... 154 4.5 Troubleshooting............................................. 154 5 Requirements 157 5.1 Supported frontends (orchestrators)................................... 157 5.2 Supported backends (storage)...................................... 157 5.3 Feature Gates............................................... 158 5.4 Supported host operating systems.................................... 158 5.5 Host configuration............................................ 158 5.6 Storage system configuration...................................... 159 i 6 Getting help 161 7 trident 163 7.1 Logging.................................................. 163 7.2 Kubernetes................................................ 163 7.3 Docker.................................................. 163 7.4 REST................................................... 164 8 tridentctl 165 8.1 create................................................... 165 8.2 delete................................................... 166 8.3 get.................................................... 166 8.4 import volume.............................................. 166 8.5 install................................................... 167 8.6 logs.................................................... 167 8.7 uninstall................................................. 167 8.8 update.................................................. 168 8.9 upgrade.................................................. 168 8.10 version.................................................. 168 9 REST API 169 10 Simple Kubernetes install 171 ii Trident Documentation Storage Orchestrator for Containers Introduction 1 Trident Documentation 2 Introduction CHAPTER 1 What is Trident? Trident is a fully supported open source project maintained by NetApp. It has been designed from the ground up to help you meet the sophisticated persistence demands of your containerized applications. Through its support for popular container platforms like Kubernetes and Docker, Trident understands the natural and evolving languages of those platforms, and translates requirements expressed or implied through them into an automated and orchestrated response from the infrastructure. Today, that includes our ONTAP (AFF/FAS/Select/Cloud), Element (HCI/SolidFire), and SANtricity (E/EF-Series) data management software, plus the Azure NetApp Files service in Azure, the Cloud Volumes Service for AWS in Amazon Web Services, and the Cloud Volumes Service for GCP in Google Cloud. That list continues to grow. 3 Trident Documentation 4 Chapter 1. What is Trident? CHAPTER 2 Trident for Kubernetes Trident integrates natively with Kubernetes and its Persistent Volume framework to seamlessly provision and manage volumes from systems running any combination of NetApp’s ONTAP (AFF/FAS/Select/Cloud), Element (HCI/SolidFire), and SANtricity (E/EF-Series) data management platforms, plus our Azure NetApp Files service in Azure, Cloud Volumes Service for AWS, and Cloud Volumes Service for GCP. Relative to other Kubernetes provisioners, Trident is novel in the following respects: 1. It is the first out-of-tree, out-of-process storage provisioner that works by watching events at the Kubernetes API Server, affording it levels of visibility and flexibility that cannot otherwise be achieved. 2. It is capable of orchestrating across multiple platforms at the same time through a unified interface. Rather than tying a request for a persistent volume to a particular system, Trident selects one from those it manages based on the higher-level qualities that the user is looking for in their volume. Trident tightly integrates with Kubernetes to allow your users to request and manage persistent volumes using native Kubernetes interfaces and constructs. It’s designed to work in such a way that your users can take advantage of the underlying capabilities of your storage infrastructure without having to know anything about it. It automates the rest for you, the Kubernetes administrator, based on policies that you define. A great way to get a feel for what we’re trying to accomplish is to see Trident in action from the perspective of an end user. This is a great demonstration of Kubernetes volume consumption when Trident is in the mix, through the lens of Red Hat’s OpenShift platform, which is itself built on Kubernetes. All of the concepts in the video apply to any Kubernetes deployment. While some details about Trident and NetApp storage systems are shown in the video to help you see what’s going on behind-the-scenes, in standard deployments Trident and the rest of the infrastructure is completely hidden from the user. Let’s lift up the covers a bit to better understand Trident and what it is doing. This introductory video is a good place to start. While based on an earlier version of Trident, it explains the core concepts involved and is a great way to get started on the Trident journey. 5 Trident Documentation 2.1 Upgrading/Downgrading Trident 2.1.1 Upgrading Trident This section walks you through the upgrade process to move to the latest release of Trident. Initiate the upgrade Note: Before upgrading Trident, ensure that the required feature gates are enabled. Warning: Trident 20.01 only supports the beta feature release of Volume Snapshots. When upgrading to Trident 20.01, all previous alpha snapshot CRs and CRDs (Volume Snapshot Classes, Volume Snapshots and Volume Snapshot Contents) must be removed before the upgrade is performed. Refer to this blog to understand the steps involved in migrating alpha snapshots to the beta spec. The best way to upgrade to the latest version of Trident is to download the latest installer bundle and run: ./tridentctl uninstall -n <namespace> ./tridentctl install -n <namespace> When upgrading to the latest release of Trident, there are a few items to consider: 1. Previous releases of Trident may have supported alpha Volume Snapshots. The 20.01 release moves forward to only support beta Volume Snapshots. Kubernetes admins must take care to safely backup or convert the alpha snapshot objects to the beta feature set if they would like to retain the legacy alpha snapshots. 2. The beta feature release of Volume Snapshots introduces a modified set of CRDs and a snapshot controller, both of which should be set up before installing Trident. This blog discusses the steps involved in migrating alpha Volume Snapshots to the beta format. It is purely meant to be a guiding document for users to understand the steps involved should they choose to retain alpha Volume Snapshots. Upgrading Trident on Kubernetes 1.13 On Kubernetes 1.13, there are a couple of options when upgrading Trident: • Install Trident in the desired namespace by executing the tridentctl install command with the --csi flag. This configures Trident to function as an enhanced CSI provisioner and is the preferred way to upgrade if using 1.13. • If for some reason the feature gates required by Trident cannot be enabled, you can install Trident without the --csi flag. This will configure Trident to work in its traditional format without using the CSI specification. Keep in mind that new features introduced by Trident, such as On-Demand Volume Snapshots will not be available in this installation mode. Upgrading Trident on Kubernetes 1.14 and above For Kubernetes 1.14 and greater, simply perform an uninstall followed by a reinstall to upgrade to the latest version of Trident. 6 Chapter 2. Trident for Kubernetes Trident Documentation What happens when you upgrade By default the uninstall command will leave all of Trident’s state intact by not deleting the PVC and PV used by the Trident deployment, allowing an uninstall followed by an install to act as an upgrade. The 19.07 release of Trident will move away from etcd and use CRDs to maintain state. Upgrading Trident from any release prior to 19.07 by running a tridentctl install will: • initiate a one-time process that copies the metadata