NetApp Trident Overview: Red Hat OpenShift with NetApp

Contributors ac-ntap netapp-dorianh kulkarnn Download PDF of this page

NetApp Trident is an open-source and fully-supported storage orchestrator for containers and Kubernetes distributions, including Red Hat OpenShift.

Trident works with the entire NetApp storage portfolio, including the NetApp ONTAP and Element storage systems, and supports NFS and iSCSI connections.

Trident provides the ability to accelerate the DevOps workflow by allowing end users to provision and manage storage from their NetApp storage systems, without requiring intervention from a storage administrator.

An administrator can configure a number of storage backends based on project needs, and storage system models that allow for any number of advanced storage features, such as: compression, specific disk types, or QoS levels that guarantee a certain performance. After they are defined, these backends can be leveraged by developers as part of their projects to create persistent volume claims (PVCs) and attach persistent storage to their containers on demand.

Error: Missing Graphic Image

NetApp Trident has a rapid development cycle, and just like Kubernetes, is released four times a year.

The latest version of NetApp Trident is 21.04 released in April 2021. A support matrix for what version of Trident has been tested with which Kubernetes distribution can be found here.

Starting with the 20.04 release, the setup of Trident is performed by the Trident operator. The operator makes large scale deployments easier, and provides additional support including self-healing for the pods that are deployed as a part of the Trident install.

With the 21.01 release, a Helm chart was made available to ease the installation of the Trident Operator.

Download NetApp Trident

To install Trident on the deployed user cluster and provision a persistent volume, complete the following steps:

  1. Download the installation archive to the admin workstation and extract the contents. The current version of Trident is 21.01, which can be downloaded here.

    [netapp-user@rhel7 ~]$ wget https://github.com/NetApp/trident/releases/download/v21.04.0/trident-installer-21.04.0.tar.gz
    --2021-05-06 15:17:30--  https://github.com/NetApp/trident/releases/download/v21.04.0/trident-installer-21.04.0.tar.gz
    Resolving github.com (github.com)... 140.82.114.3
    Connecting to github.com (github.com)|140.82.114.3|:443... connected.
    HTTP request sent, awaiting response... 302 Found
    Location: https://github-releases.githubusercontent.com/77179634/a4fa9f00-a9f2-11eb-9053-98e8e573d4ae?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210506T191643Z&X-Amz-Expires=300&X-Amz-Signature=8a49a2a1e08c147d1ddd8149ce45a5714f9853fee19bb1c507989b9543eb3630&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=77179634&response-content-disposition=attachment%3B%20filename%3Dtrident-installer-21.04.0.tar.gz&response-content-type=application%2Foctet-stream [following]
    --2021-05-06 15:17:30--  https://github-releases.githubusercontent.com/77179634/a4fa9f00-a9f2-11eb-9053-98e8e573d4ae?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210506%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210506T191643Z&X-Amz-Expires=300&X-Amz-Signature=8a49a2a1e08c147d1ddd8149ce45a5714f9853fee19bb1c507989b9543eb3630&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=77179634&response-content-disposition=attachment%3B%20filename%3Dtrident-installer-21.04.0.tar.gz&response-content-type=application%2Foctet-stream
    Resolving github-releases.githubusercontent.com (github-releases.githubusercontent.com)... 185.199.108.154, 185.199.109.154, 185.199.110.154, ...
    Connecting to github-releases.githubusercontent.com (github-releases.githubusercontent.com)|185.199.108.154|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 38349341 (37M) [application/octet-stream]
    Saving to: ‘trident-installer-21.04.0.tar.gz’
    
    100%[==================================================================================================================>] 38,349,341  88.5MB/s   in 0.4s
    
    2021-05-06 15:17:30 (88.5 MB/s) - ‘trident-installer-21.04.0.tar.gz’ saved [38349341/38349341]
  2. Extract the Trident install from the downloaded bundle.

    [netapp-user@rhel7 ~]$ tar -xzf trident-installer-21.01.0.tar.gz
    [netapp-user@rhel7 ~]$ cd trident-installer/
    [netapp-user@rhel7 trident-installer]$

Install the Trident Operator with Helm

  1. First set the location of the user cluster’s kubeconfig file as an environment variable so that you don’t have to reference it, because Trident has no option to pass this file.

    [netapp-user@rhel7 trident-installer]$ export KUBECONFIG=~/ocp-install/auth/kubeconfig
  2. Run the Helm command to install the Trident operator from the tarball in the helm directory while creating the trident namespace in your user cluster.

    [netapp-user@rhel7 trident-installer]$ helm install trident helm/trident-operator-21.04.0.tgz --create-namespace --namespace trident
    NAME: trident
    LAST DEPLOYED: Fri May  7 12:54:25 2021
    NAMESPACE: trident
    STATUS: deployed
    REVISION: 1
    TEST SUITE: None
    NOTES:
    Thank you for installing trident-operator, which will deploy and manage NetApp's Trident CSI
    storage provisioner for Kubernetes.
    
    Your release is named 'trident' and is installed into the 'trident' namespace.
    Please note that there must be only one instance of Trident (and trident-operator) in a Kubernetes cluster.
    
    To configure Trident to manage storage resources, you will need a copy of tridentctl, which is
    available in pre-packaged Trident releases.  You may find all Trident releases and source code
    online at https://github.com/NetApp/trident.
    
    To learn more about the release, try:
    
      $ helm status trident
      $ helm get all trident
  3. You can verify that Trident is successfully installed by checking the pods that are running in the namespace or by using the tridentctl binary to check the installed version.

    [netapp-user@rhel7 trident-installer]$ oc get pods -n trident
    NAME                               READY   STATUS    RESTARTS   AGE
    trident-csi-5z45l                  1/2     Running   2          30s
    trident-csi-696b685cf8-htdb2       6/6     Running   0          30s
    trident-csi-b74p2                  2/2     Running   0          30s
    trident-csi-lrw4n                  2/2     Running   0          30s
    trident-operator-7c748d957-gr2gw   1/1     Running   0          36s
    
    [netapp-user@rhel7 trident-installer]$ ./tridentctl -n trident version
    +----------------+----------------+
    | SERVER VERSION | CLIENT VERSION |
    +----------------+----------------+
    | 21.04.0        | 21.04.0        |
    +----------------+----------------+
In some cases customer environments may require the customization of the Trident deployment. In these cases it is also possible to manually install the Trident operator and update the included manifests to customize the deployment.

Manually install the Trident Operator

  1. First set the location of the user cluster’s kubeconfig file as an environment variable so that you don’t have to reference it, because Trident has no option to pass this file.

    [netapp-user@rhel7 trident-installer]$ export KUBECONFIG=~/ocp-install/auth/kubeconfig
  2. The trident-installer directory contains manifests for defining all the required resources. Using the appropriate manifests, create the TridentOrchestrator custom resource definition.

    [netapp-user@rhel7 trident-installer]$ oc create -f deploy/crds/trident.netapp.io_tridentorchestrators_crd_post1.16.yaml
    customresourcedefinition.apiextensions.k8s.io/tridentorchestrators.trident.netapp.io created
  3. If one does not exist, create a Trident namespace in your cluster using the provided manifest.

    [netapp-user@rhel7 trident-installer]$ oc apply -f deploy/namespace.yaml
    namespace/trident created
  4. Create the resources required for the Trident operator deployment, such as a ServiceAccount for the operator, a ClusterRole and ClusterRoleBinding to the ServiceAccount, a dedicated PodSecurityPolicy, or the operator itself.

    [netapp-user@rhel7 trident-installer]$ oc create -f deploy/bundle.yaml
    serviceaccount/trident-operator created
    clusterrole.rbac.authorization.k8s.io/trident-operator created
    clusterrolebinding.rbac.authorization.k8s.io/trident-operator created
    deployment.apps/trident-operator created
    podsecuritypolicy.policy/tridentoperatorpods created
  5. You can check the status of the operator after it’s deployed with the following commands:

    [netapp-user@rhel7 trident-installer]$ oc get deployment -n trident
    NAME               READY   UP-TO-DATE   AVAILABLE   AGE
    trident-operator   1/1     1            1           23s
    [netapp-user@rhel7 trident-installer]$ oc get pods -n trident
    NAME                                READY   STATUS    RESTARTS   AGE
    trident-operator-66f48895cc-lzczk   1/1     Running   0          41s
  6. With the operator deployed, we can now use it to install Trident. This requires creating a TridentOrchestrator.

    [netapp-user@rhel7 trident-installer]$ oc create -f deploy/crds/tridentorchestrator_cr.yaml
    tridentorchestrator.trident.netapp.io/trident created
    [netapp-user@rhel7 trident-installer]$ oc describe torc trident
    Name:         trident
    Namespace:
    Labels:       <none>
    Annotations:  <none>
    API Version:  trident.netapp.io/v1
    Kind:         TridentOrchestrator
    Metadata:
      Creation Timestamp:  2021-05-07T17:00:28Z
      Generation:          1
      Managed Fields:
        API Version:  trident.netapp.io/v1
        Fields Type:  FieldsV1
        fieldsV1:
          f:spec:
            .:
            f:debug:
            f:namespace:
        Manager:      kubectl-create
        Operation:    Update
        Time:         2021-05-07T17:00:28Z
        API Version:  trident.netapp.io/v1
        Fields Type:  FieldsV1
        fieldsV1:
          f:status:
            .:
            f:currentInstallationParams:
              .:
              f:IPv6:
              f:autosupportHostname:
              f:autosupportImage:
              f:autosupportProxy:
              f:autosupportSerialNumber:
              f:debug:
              f:enableNodePrep:
              f:imagePullSecrets:
              f:imageRegistry:
              f:k8sTimeout:
              f:kubeletDir:
              f:logFormat:
              f:silenceAutosupport:
              f:tridentImage:
            f:message:
            f:namespace:
            f:status:
            f:version:
        Manager:         trident-operator
        Operation:       Update
        Time:            2021-05-07T17:00:28Z
      Resource Version:  931421
      Self Link:         /apis/trident.netapp.io/v1/tridentorchestrators/trident
      UID:               8a26a7a6-dde8-4d55-9b66-a7126754d81f
    Spec:
      Debug:      true
      Namespace:  trident
    Status:
      Current Installation Params:
        IPv6:                       false
        Autosupport Hostname:
        Autosupport Image:          netapp/trident-autosupport:21.01
        Autosupport Proxy:
        Autosupport Serial Number:
        Debug:                      true
        Enable Node Prep:           false
        Image Pull Secrets:
        Image Registry:
        k8sTimeout:           30
        Kubelet Dir:          /var/lib/kubelet
        Log Format:           text
        Silence Autosupport:  false
        Trident Image:        netapp/trident:21.04.0
      Message:                Trident installed
      Namespace:              trident
      Status:                 Installed
      Version:                v21.04.0
    Events:
      Type    Reason      Age   From                        Message
      ----    ------      ----  ----                        -------
      Normal  Installing  80s   trident-operator.netapp.io  Installing Trident
      Normal  Installed   68s   trident-operator.netapp.io  Trident installed
  7. You can verify that Trident is successfully installed by checking the pods that are running in the namespace or by using the tridentctl binary to check the installed version.

    [netapp-user@rhel7 trident-installer]$ oc get pods -n trident
    NAME                                READY   STATUS    RESTARTS   AGE
    trident-csi-bb64c6cb4-lmd6h         6/6     Running   0          82s
    trident-csi-gn59q                   2/2     Running   0          82s
    trident-csi-m4szj                   2/2     Running   0          82s
    trident-csi-sb9k9                   2/2     Running   0          82s
    trident-operator-66f48895cc-lzczk   1/1     Running   0          2m39s
    
    [netapp-user@rhel7 trident-installer]$ ./tridentctl -n trident version
    +----------------+----------------+
    | SERVER VERSION | CLIENT VERSION |
    +----------------+----------------+
    | 21.04.0        | 21.04.0        |
    +----------------+----------------+

Prepare worker nodes for storage

Most Kubernetes distributions come with the packages and utilities to mount NFS backends installed by default, including Red Hat OpenShift.

In order to prepare worker nodes to allow for the mapping of block storage volumes through the iSCSI protocol you need to install the necessary packages to support that functionality.

In Red Hat OpenShift, this is handled by applying a MCO (Machine Config Operator) to your cluster once it is deployed.

To configure the worker nodes to run storage services, complete the following steps:

  1. Log in to the OCP web console and navigate to Compute > Machine Configs and click Create Machine Config. Copy/Paste the YAML file and click Create.

    Error: Missing Graphic Image

  2. After the configuration is created, it will take approximately 20–30 minutes to apply the configuration to the worker nodes and reload them. Verify whether the machine config is applied by using oc get mcp and make sure that the machine config pool for workers is updated. You can also log in to the worker nodes to confirm that the iscsid service is running.

    [netapp-user@rhel7 openshift-deploy]$ oc get mcp
    NAME     CONFIG                                    UPDATED   UPDATING   DEGRADED
    master   rendered-master-a520ae930e1d135e0dee7168   True      False      False
    worker   rendered-worker-de321b36eeba62df41feb7bc   True      False      False
    
    [netapp-user@rhel7 openshift-deploy]$ ssh core@10.61.181.22 sudo systemctl status iscsid
    ● iscsid.service - Open-iSCSI
       Loaded: loaded (/usr/lib/systemd/system/iscsid.service; enabled; vendor preset: disabled)
       Active: active (running) since Tue 2021-05-26 13:36:22 UTC; 3 min ago
         Docs: man:iscsid(8)
               man:iscsiadm(8)
     Main PID: 1242 (iscsid)
       Status: "Ready to process requests"
        Tasks: 1
       Memory: 4.9M
          CPU: 9ms
       CGroup: /system.slice/iscsid.service
               └─1242 /usr/sbin/iscsid -f
It is also possible to confirm that the MachineConfig has been successfully applied and services have been started as expected by running the oc debug command with the appropriate flags.

Create storage-system backends

After completing the NetApp Trident Operator install, you must configure the backend for the specific NetApp storage platform you are using. Follow the links below in order to continue the setup and configuration of NetApp Trident.