Frequently asked questions
Find answers to the frequently asked questions about installing, configuring, upgrading, and troubleshooting Astra Trident.
General questions
How frequently is Astra Trident released?
Astra Trident is released every three months: January, April, July, and October. This is one month after a Kubernetes release.
Does Astra Trident support all the features that are released in a particular version of Kubernetes?
Astra Trident usually does not support alpha features in Kubernetes. Trident might support beta features within the two Trident releases that follow the Kubernetes beta release.
Does Astra Trident have any dependencies on other NetApp products for its functioning?
Astra Trident does not have any dependencies on other NetApp software products and it works as a standalone application. However, you should have a NetApp backend storage device.
How can I obtain complete Astra Trident configuration details?
Use the tridentctl get
command to obtain more information about your Astra Trident configuration.
Can I obtain metrics on how storage is provisioned by Astra Trident?
Yes. Trident 20.01 introduces Prometheus endpoints that can be used to gather information about Astra Trident’s operation, such as the number of backends managed, the number of volumes provisioned, bytes consumed, and so on. You can also use Cloud Insights for monitoring and analysis.
Does the user experience change when using Astra Trident as a CSI Provisioner?
No. There are no changes as far as the user experience and functionalities are concerned. The provisioner name used is csi.trident.netapp.io
. This method of installing Astra Trident is recommended if you want to use all the new features provided by current and future releases.
Install and use Astra Trident on a Kubernetes cluster
What are the supported versions of etcd
?
Astra Trident no longer needs an etcd
. It uses CRDs to maintain state.
Does Astra Trident support an offline install from a private registry?
Yes, Astra Trident can be installed offline. See here.
Can I install Astra Trident be remotely?
Yes. Astra Trident 18.10 and later support remote installation capability from any machine that has kubectl
access to the cluster. After kubectl
access is verified (for example, initiate a kubectl get nodes
command from the remote machine to verify), follow the installation instructions.
Can I configure High Availability with Astra Trident?
Astra Trident is installed as a Kubernetes Deployment (ReplicaSet) with one instance, and so it has HA built in. You should not increase the number of replicas in the deployment. If the node where Astra Trident is installed is lost or the pod is otherwise inaccessible, Kubernetes automatically re-deploys the pod to a healthy node in your cluster. Astra Trident is control-plane only, so currently mounted pods are not affected if Astra Trident is re-deployed.
Does Astra Trident need access to the kube-system namespace?
Astra Trident reads from the Kubernetes API Server to determine when applications request new PVCs, so it needs access to kube-system.
What are the roles and privileges used by Astra Trident?
The Trident installer creates a Kubernetes ClusterRole, which has specific access to the cluster’s PersistentVolume, PersistentVolumeClaim, StorageClass, and Secret resources of the Kubernetes cluster. See here.
Can I locally generate the exact manifest files Astra Trident uses for installation?
You can locally generate and modify the exact manifest files Astra Trident uses for installation, if needed. See here.
Can I share the same ONTAP backend SVM for two separate Astra Trident instances for two separate Kubernetes clusters?
Although it is not advised, you can use the same backend SVM for two Astra Trident instances. Specify a unique volume name for each instance during installation and/or specify a unique StoragePrefix
parameter in the setup/backend.json
file. This is to ensure the same FlexVol is not used for both instances.
Is it possible to install Astra Trident under ContainerLinux (formerly CoreOS)?
Astra Trident is simply a Kubernetes pod and can be installed wherever Kubernetes is running.
Can I use Astra Trident with NetApp Cloud Volumes ONTAP?
Yes, Astra Trident is supported on AWS, Google Cloud, and Azure.
Does Astra Trident work with Cloud Volumes Services?
Yes, Astra Trident supports the Azure NetApp Files service in Azure as well as the Cloud Volumes Service in AWS and GCP.
Troubleshooting and support
Does NetApp support Astra Trident?
Although Astra Trident is open source and provided for free, NetApp fully supports it provided your NetApp backend is supported.
How do I raise a support case?
To raise a support case, do one of the following:
-
Contact your Support Account Manager and get help to raise a ticket.
-
Raise a support case by contacting NetApp Support.
How do I generate a support log bundle?
You can create a support bundle by running tridentctl logs -a
. In addition to the logs captured in the bundle, capture the kubelet log to diagnose the mount problems on the Kubernetes side. The instructions to get the kubelet log varies based on how Kubernetes is installed.
What do I do if I need to raise a request for a new feature?
Create an issue on Trident Github and mention RFE in the subject and description of the issue.
Where do I raise a defect?
Create an issue on Astra Trident Github. Make sure to include all the necessary information and logs pertaining to the issue.
What happens if I have quick question on Astra Trident that I need clarification on? Is there a community or a forum?
If you have any questions, issues, or requests, reach out to us through our Slack team or GitHub.
My storage system’s password has changed and Astra Trident no longer works, how do I recover?
Update the backend’s password with tridentctl update backend myBackend -f </path/to_new_backend.json> -n trident
. Replace myBackend
in the example with your backend name, and `/path/to_new_backend.json
with the path to the correct backend.json
file.
Astra Trident cannot find my Kubernetes node. How do I fix this?
There are two likely scenarios why Astra Trident cannot find a Kubernetes node. It can be because of a networking issue within Kubernetes or a DNS issue. The Trident node daemonset that runs on each Kubernetes node must be able to communicate with the Trident controller to register the node with Trident. If networking changes occurred after Astra Trident was installed, you encounter this problem only with new Kubernetes nodes that are added to the cluster.
If the Trident pod is destroyed, will I lose the data?
Data will not be lost if the Trident pod is destroyed. Trident’s metadata is stored in CRD objects. All PVs that have been provisioned by Trident will function normally.
Upgrade Astra Trident
Can I upgrade from a older version directly to a newer version (skipping a few versions)?
NetApp supports upgrading Astra Trident from one major release to the next immediate major release. You can upgrade from version 18.xx to 19.xx, 19.xx to 20.xx, and so on. You should test upgrading in a lab before production deployment.
Is it possible to downgrade Trident to a previous release?
There are a number of factors to be evaluated if you want to downgrade. See the section on downgrading.
Manage backends and volumes
Do I need to define both Management and Data LIFs in an ONTAP backend definition file?
NetApp recommends having both in the backend definition file. However, the Management LIF is the only one that is mandatory.
Can Astra Trident configure CHAP for ONTAP backends?
Yes. Beginning with 20.04, Astra Trident supports bidirectional CHAP for ONTAP backends. This requires setting useCHAP=true
in your backend configuration.
How do I manage export policies with Astra Trident?
Astra Trident can dynamically create and manage export policies from version 20.04 onwards. This enables the storage administrator to provide one or more CIDR blocks in their backend configuration and have Trident add node IPs that fall within these ranges to an export policy it creates. In this manner, Astra Trident automatically manages the addition and deletion of rules for nodes with IPs within the given CIDRs. This feature requires CSI Trident.
Can we specify a port in the DataLIF?
Astra Trident 19.01 and later support specifying a port in the DataLIF. Configure it in the backend.json
file as “managementLIF”: <ip address>:<port>”
. For example, if the IP address of your management LIF is 192.0.2.1, and the port is 1000, configure "managementLIF": "192.0.2.1:1000"
.
Can IPv6 addresses be used for the Management and Data LIFs?
Yes. Astra Trident 20.01 supports defining IPv6 addresses for the managementLIF and dataLIF parameters for ONTAP backends. You should ensure that the address follows IPv6 semantics and the managementLIF is defined within square brackets, (for example, [ec0d:6504:a9c1:ae67:53d1:4bdf:ab32:e233]
). You should also ensure that Astra Trident is installed using the `--use-ipv6
flag for it to function over IPv6.
Is it possible to update the Management LIF on the backend?
Yes, it is possible to update the backend Management LIF using the tridentctl update backend
command.
Is it possible to update the Data LIF on the backend?
No, it is not possible to update the Data LIF on the backend.
Can I create multiple backends in Astra Trident for Kubernetes?
Astra Trident can support many backends simultaneously, either with the same driver or different drivers.
How does Astra Trident store backend credentials?
Astra Trident stores the backend credentials as Kubernetes Secrets.
How does Astra Trident select a specific backend?
If the backend attributes cannot be used to automatically select the right pools for a class, the storagePools
and additionalStoragePools
parameters are used to select a specific set of pools.
How do I ensure that Astra Trident will not provision from a specific backend?
The excludeStoragePools
parameter is used to filter the set of pools that Astra Trident will use for provisioning and will remove any pools that match.
If there are multiple backends of the same kind, how does Astra Trident select which backend to use?
If there are multiple configured backends of the same type, Astra Trident selects the appropriate backend based on the parameters present in StorageClass
and PersistentVolumeClaim
. For example, if there are multiple ontap-nas driver backends, Astra Trident tries to match parameters in the StorageClass
and PersistentVolumeClaim
combined and match a backend which can deliver the requirements listed in StorageClass
and PersistentVolumeClaim
. If there are multiple backends that match the request, Astra Trident selects from one of them at random.
Does Astra Trident support bi-directional CHAP with Element/SolidFire?
Yes.
How does Astra Trident deploy Qtrees on an ONTAP volume? How many Qtrees can be deployed on a single volume?
The ontap-nas-economy
driver creates up to 200 Qtrees in the same FlexVol (configurable between 50 and 300), 100,000 Qtrees per cluster node, and 2.4M per cluster. When you enter a new PersistentVolumeClaim
that is serviced by the economy driver, the driver looks to see if a FlexVol already exists that can service the new Qtree. If the FlexVol does not exist that can service the Qtree, a new FlexVol is created.
How can I set Unix permissions for volumes provisioned on ONTAP NAS?
You can set Unix permissions on the volume provisioned by Astra Trident by setting a parameter in the backend definition file.
How can I configure an explicit set of ONTAP NFS mount options while provisioning a volume?
By default, Astra Trident does not set mount options to any value with Kubernetes. To specify the mount options in the Kubernetes Storage Class, follow the example given here.
How do I set the provisioned volumes to a specific export policy?
To allow the appropriate hosts access to a volume, use the exportPolicy
parameter configured in the backend definition file.
How do I set volume encryption through Astra Trident with ONTAP?
You can set encryption on the volume provisioned by Trident by using the encryption parameter in the backend definition file.
What is the best way to implement QoS for ONTAP through Astra Trident?
Use StorageClasses
to implement QoS for ONTAP.
How do I specify thin or thick provisioning through Astra Trident?
The ONTAP drivers support either thin or thick provisioning. The ONTAP drivers default to thin provisioning. If thick provisioning is desired, you should configure either the backend definition file or the StorageClass
. If both are configured, StorageClass
takes precedence. Configure the following for ONTAP:
-
On
StorageClass
, set theprovisioningType
attribute as thick. -
In the backend definition file, enable thick volumes by setting
backend spaceReserve parameter
as volume.
How do I make sure that the volumes being used are not deleted even if I accidentally delete the PVC?
PVC protection is automatically enabled on Kubernetes starting from version 1.10.
Can I grow NFS PVCs that were created by Astra Trident?
Yes. You can expand a PVC that has been created by Astra Trident. Note that volume autogrow is an ONTAP feature that is not applicable to Trident.
If I have a volume that was created outside Astra Trident can I import it into Astra Trident?
Starting in 19.04, you can use the volume import feature to bring volumes into Kubernetes.
Can I import a volume while it is in SnapMirror Data Protection (DP) or offline mode?
The volume import fails if the external volume is in DP mode or is offline. You receive the following error message:
Error: could not import volume: volume import failed to get size of volume: volume <name> was not found (400 Bad Request) command terminated with exit code 1. Make sure to remove the DP mode or put the volume online before importing the volume.
Can I expand iSCSI PVCs that were created by Astra Trident?
Trident 19.10 supports expanding iSCSI PVs using the CSI Provisioner.
How is resource quota translated to a NetApp cluster?
Kubernetes Storage Resource Quota should work as long as NetApp storage has capacity. When the NetApp storage cannot honor the Kubernetes quota settings due to lack of capacity, Astra Trident tries to provision but errors out.
Can I create Volume Snapshots using Astra Trident?
Yes. Creating on-demand volume snapshots and Persistent Volumes from Snapshots are supported by Astra Trident. To create PVs from snapshots, ensure that the VolumeSnapshotDataSource
feature gate has been enabled.
What are the drivers that support Astra Trident volume snapshots?
As of today, on-demand snapshot support is available for our ontap-nas
, ontap-san
, ontap-san-economy
, solidfire-san
, aws-cvs
, gcp-cvs
, and azure-netapp-files
backend drivers.
How do I take a snapshot backup of a volume provisioned by Astra Trident with ONTAP?
This is available on ontap-nas
, ontap-san
, and ontap-nas-flexgroup
drivers. You can also specify a snapshotPolicy
for the ontap-san-economy
driver at the FlexVol level.
This is also available on the ontap-nas-economy
drivers but on the FlexVol level granularity and not on the qtree level granularity. To enable the ability to snapshot volumes provisioned by Astra Trident, set the backend parameter option snapshotPolicy
to the desired snapshot policy as defined on the ONTAP backend. Any snapshots taken by the storage controller are not known by Astra Trident.
Can I set a snapshot reserve percentage for a volume provisioned through Astra Trident?
Yes, you can reserve a specific percentage of disk space for storing the snapshot copies through Astra Trident by setting the snapshotReserve
attribute in the backend definition file. If you have configured snapshotPolicy
and snapshotReserve
in the backend definition file, snapshot reserve percentage is set according to the snapshotReserve
percentage mentioned in the backend file. If the snapshotReserve
percentage number is not mentioned, ONTAP by default takes the snapshot reserve percentage as 5. If the snapshotPolicy
option is set to none, the snapshot reserve percentage is set to 0.
Can I directly access the volume snapshot directory and copy files?
Yes, you can access the snapshot directory on the volume provisioned by Trident by setting the snapshotDir
parameter in the backend definition file.
Can I set up SnapMirror for volumes through Astra Trident?
Currently, SnapMirror has to be set externally by using ONTAP CLI or OnCommand System Manager.
How do I restore Persistent Volumes to a specific ONTAP snapshot?
To restore a volume to an ONTAP snapshot, perform the following steps:
-
Quiesce the application pod which is using the Persistent volume.
-
Revert to the required snapshot through ONTAP CLI or OnCommand System Manager.
-
Restart the application pod.
Can Trident provision volumes on SVMs that have a Load-Sharing Mirror configured?
Load-sharing mirrors can be created for root volumes of SVMs that serve data over NFS. ONTAP automatically updates load-sharing mirrors for volumes that have been created by Trident. This may result in delays in mounting volumes. When multiple volumes are created using Trident, provisioning a volume is dependent on ONTAP updating the load-sharing mirror.
How can I separate out storage class usage for each customer/tenant?
Kubernetes does not allow storage classes in namespaces. However, you can use Kubernetes to limit usage of a specific storage class per namespace by using Storage Resource Quotas, which are per namespace. To deny a specific namespace access to specific storage, set the resource quota to 0 for that storage class.