Skip to main content

Astra Trident

Astra Trident, is an open-source project backed and maintained by NetApp and is designed to provide persistence storage to containerized applications using industry-standard interfaces, such as the Container Storage Interface (CSI).

Astra Trident deploys in Kubernetes clusters as pods and provides dynamic storage orchestration services for Kubernetes workloads. Containerized applications are enabled to quickly consume persistent storage from NetApp’s portfolio of solutions with minimal overhead.

  • ONTAP (AFF/FAS/Select/Cloud/Amazon FSx for NetApp ONTAP)
  • Element software (NetApp HCI/SolidFire)
  • Azure NetApp Files service
  • Cloud Volumes Service on Google Cloud.

Versions Supported

Prerequisites

  • All worker nodes in the Kubernetes cluster must be able to mount the volumes you have provisioned for your pods. To prepare the worker nodes, you must install NFS or iSCSI tools based on your driver selection. Check out the Selecting the right tools guide for more information.

  • The following ports must be exposed on the worker nodes.

    PortPurpose
    8443Backchannel HTTPS
    8001Prometheus metrics endpoint
    8000Trident REST server
    17546Supports liveness and readiness probe used by Trident DaemonSet pods

    info

    The liveness and readiness probe port can be changed during installation by using the --probe-port flag. Ensure the probe port is not used by another process on the worker nodes.

Parameters

ParameterDescription
imageRegistryIdentifies the registry for the trident-operator, trident, and other images. Leave empty to accept the default.
imagePullPolicySets the image pull policy for the trident-operator. Default: IfNotPresent
imagePullSecretsSets the image pull secrets for the trident-operator, trident, and other images.
kubeletDirAllows overriding the host location of Kubelet's internal state. Default: /var/lib/kubelet
operatorDebugAllows enabling debug logging in trident-operator. Default: false
operatorImageAllows the complete override of the image for trident-operator.
operatorImageTagAllows overriding the tag of the trident-operator image.
tridentDebugAllows enabling debug logging from the Trident deployment. Default: false
tridentIPv6Allows enabling Trident to work in IPv6 clusters. Default: false
tridentK8sTimeoutOverrides the default 30-second timeout for most Kubernetes API operations (if non-zero, in seconds). Default: 0
tridentHttpRequestTimeoutOverrides the default 90-second timeout for the HTTP requests, with 0s being an infinite duration for the timeout. Negative values are not allowed. Default: 90s
tridentSilenceAutosupportAllows disabling Trident's periodic Autosupport reporting. Default: false
tridentAutosupportImageAllows the complete override of the image for Trident's Autosupport container.
tridentAutosupportImageTagAllows overriding the tag of the image for Trident's Autosupport container. Default: 23.01
tridentAutosupportProxyAllows Trident's Autosupport container to phone home via an HTTP proxy.
tridentLogFormatSets the Trident logging format (text or JSON). Default: text
tridentDisableAuditLogDisables Trident's audit logger. Default: true
tridentImageAllows the complete override of the image for Trident.
tridentImageTagAllows overriding the tag of the image for Trident.
tridentEnableNodePrep(Deprecated) Attempts to automatically install required packages on nodes. Default: false
tridentSkipK8sVersionCheck(Deprecated) Allows overriding the k8s version limit for Trident. Default: false
tridentProbePortAllows overriding the default port used for k8s liveness/readiness probes.
windowsAllows Trident to be installed on Windows worker node. Default: false
enableForceDetachAllows enabling the force detach feature. Default: false
excludePodSecurityPolicyExcludes the operator pod security policy from creation. Default: false

Usage

After deploying Trident, you will need to create a backend and a storage class before you can start provisioning volumes and mounting those to any pods.

Create a Storage Backend

Trident supports multiple storage backends. Select a supported backend that fits your needs. You can find example of different backends by reviewing the driver manifests examples in the official Trident repository. If you decide to use one of the example configurations, make sure you update the configuration with your credentials and environment configurations.

The example below creates a backend with the ONTAP-NAS driver.

apiVersion: v1
kind: Secret
metadata:
  name: backend-ontap-nas-secret
  namespace: trident
type: Opaque
stringData:
  username: [USERNAME]
  password: [PASSWORD]
---
apiVersion: trident.netapp.io/v1
kind: TridentBackendConfig
metadata:
  name: backend-ontap-nas
  namespace: trident
spec:
  version: 1
  storageDriverName: ontap-nas
  managementLIF: [ONTAP_MANAGEMENT_LIF_IP]
  dataLIF: [DATA_LIF_IP]
  backendName: ontap-nas
  autoExportCIDRs:
    - [x.x.x.x/xx]
  autoExportPolicy: true
  svm: [SVM]
  credentials:
    name: backend-ontap-nas-secret

Create a Storage Class

Kubernetes supports the ability to bind statically or dynamically provisioned volumes to pods. Statically provisioned volumes are manually created by a user and then referenced in a deployment. Astra Trident allows you to leverage your NetApp storage. You must create a storage class before you can request dynamically provisioned volumes.

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: trident-csi
  namespace: trident
provisioner: csi.trident.netapp.io
parameters:
  backendType: "ontap-nas"
  csi.storage.k8s.io/fstype: ext4

Provision Volumes

An example of provisioning a Persistent Volume Claim (PVC).


kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: trident-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi
  storageClassName: trident-csi

Deploy a Pod and Mount the Volume.

The following code snippet is an example of a pod deployment. The pod contains an Nginx container, with a claim to the previously created PVC. Once deployed, the PVC with its bound Persistent Volume (PV), will mount to the pod and provide persistent storage to this application.


kind: Pod
apiVersion: v1
metadata:
  name: example-pv-pod
  namespace: trident
spec:
  volumes:
    - name: example-pv-vol
      persistentVolumeClaim:
        claimName: trident-pvc
  containers:
    - name: example-pv-pod
      image: nginx
      ports:
        - containerPort: 80
          name: "http-server"
      volumeMounts:
        - mountPath: "/usr/share/nginx/html"
          name: example-pv-vol

Terraform

You can retrieve details about the Astra Trident pack by using the following Terraform code.

data "spectrocloud_registry" "public_registry" {
  name = "Public Repo"
}

data "spectrocloud_pack_simple" "astra-trident" {
  name    = "csi-trident"
  version = "23.01.0"
  type = "helm"
  registry_uid = data.spectrocloud_registry.public_registry.id
}

References