Skip to main content

Deploy Trident operator using Helm (Standard mode)

Contributors netapp-aruldeepa
PDFs

You can deploy the Trident operator and install Trident using Helm. This process applies to installations where the container images required by Trident are not stored in a private registry. If you do have a private image registry, use the process for offline deployment.

Critical information about Trident 24.10

You must read the following critical information about Trident.

Critical information about Trident

  • Kubernetes 1.31 is now supported in Trident. Upgrade Trident prior to upgrading Kubernetes.

  • Trident strictly enforces the use of multipathing configuration in SAN environments, with a recommended value of find_multipaths: no in multipath.conf file.

    Use of non-multipathing configuration or use of find_multipaths: yes or find_multipaths: smart value in multipath.conf file will result in mount failures. Trident has recommended the use of find_multipaths: no since the 21.07 release.

Deploy the Trident operator and install Trident using Helm

Using the Trident Helm Chart you can deploy the Trident operator and install Trident in one step.

Review the installation overview to ensure you've met installation prerequisites and selected the correct installation option for your environment.

Before you begin

In addition to the deployment prerequisites you need Helm version 3.

Steps

  1. Add the Trident Helm repository:

    helm repo add netapp-trident https://netapp.github.io/trident-helm-chart

  2. Use helm install and specify a name for your deployment as in the following example where 100.2404.0 is the version of Trident you are installing.

    helm install <name> netapp-trident/trident-operator --version 100.2410.0 --create-namespace --namespace <trident-namespace>
    Note If you already created a namespace for Trident, the --create-namespace parameter will not create an additional namespace.

You can use helm list to review installation details such as name, namespace, chart, status, app version, and revision number.

Pass configuration data during install

There are two ways to pass configuration data during the install:

Option Description

--values (or -f)

Specify a YAML file with overrides. This can be specified multiple times and the rightmost file will take precedence.

--set

Specify overrides on the command line.

For example, to change the default value of debug, run the following command where 100.2410.0 is the version of Trident you are installing:

helm install <name> netapp-trident/trident-operator --version 100.2410.0  --create-namespace --namespace trident --set tridentDebug=true

Configuration options

This table and the values.yaml file, which is part of the Helm chart, provide the list of keys and their default values.

Option Description Default

nodeSelector

Node labels for pod assignment

podAnnotations

Pod annotations

deploymentAnnotations

Deployment annotations

tolerations

Tolerations for pod assignment

affinity

Affinity for pod assignment

 
affinity:
  nodeAffinity:
    requiredDuringSchedulingIgnoredDuringExecution:
      nodeSelectorTerms:
        - matchExpressions:
            - key: kubernetes.io/arch
              operator: In
              values:
              - arm64
              - amd64
            - key: kubernetes.io/os
              operator: In
              values:
              - linux
Warning Do not remove the default affinity from the values.yaml file. When you want to provide a custom affinity, extend the default affinity.

tridentControllerPluginNodeSelector

Additional node selectors for pods. Refer to Understanding controller pods and node pods for details.

tridentControllerPluginTolerations

Overrides Kubernetes tolerations for pods. Refer to Understanding controller pods and node pods for details.

tridentNodePluginNodeSelector

Additional node selectors for pods. Refer to Understanding controller pods and node pods for details.

tridentNodePluginTolerations

Overrides Kubernetes tolerations for pods. Refer to Understanding controller pods and node pods for details.

imageRegistry

Identifies the registry for the trident-operator, trident, and other images. Leave empty to accept the default.

IMPORTANT: When installing Trident in a private repository, if you are using the imageRegistry switch to specify the repository location, do not use /netapp/ in the repository path.

""

imagePullPolicy

Sets the image pull policy for the trident-operator.

IfNotPresent

imagePullSecrets

Sets the image pull secrets for the trident-operator, trident, and other images.

kubeletDir

Allows overriding the host location of kubelet's internal state.

"/var/lib/kubelet"

operatorLogLevel

Allows the log level of the Trident operator to be set to: trace, debug, info, warn, error, or fatal.

"info"

operatorDebug

Allows the log level of the Trident operator to be set to debug.

true

operatorImage

Allows the complete override of the image for trident-operator.

""

operatorImageTag

Allows overriding the tag of the trident-operator image.

""

tridentIPv6

Allows enabling Trident to work in IPv6 clusters.

false

tridentK8sTimeout

Overrides the default 30-second timeout for most Kubernetes API operations (if non-zero, in seconds).

0

tridentHttpRequestTimeout

Overrides the default 90-second timeout for the HTTP requests, with 0s being an infinite duration for the timeout. Negative values are not allowed.

"90s"

tridentSilenceAutosupport

Allows disabling Trident periodic AutoSupport reporting.

false

tridentAutosupportImageTag

Allows overriding the tag of the image for Trident AutoSupport container.

<version>

tridentAutosupportProxy

Enables Trident AutoSupport container to phone home via an HTTP proxy.

""

tridentLogFormat

Sets the Trident logging format (text or json).

"text"

tridentDisableAuditLog

Disables Trident audit logger.

true

tridentLogLevel

Allows the log level of Trident to be set to: trace, debug, info, warn, error, or fatal.

"info"

tridentDebug

Allows the log level of Trident to be set to debug.

false

tridentLogWorkflows

Allows specific Trident workflows to be enabled for trace logging or log suppression.

""

tridentLogLayers

Allows specific Trident layers to be enabled for trace logging or log suppression.

""

tridentImage

Allows the complete override of the image for Trident.

""

tridentImageTag

Allows overriding the tag of the image for Trident.

""

tridentProbePort

Allows overriding the default port used for Kubernetes liveness/readiness probes.

""

windows

Enables Trident to be installed on Windows worker node.

false

enableForceDetach

Allows enabling the force detach feature.

false

excludePodSecurityPolicy

Excludes the operator pod security policy from creation.

false

cloudProvider

Set to "Azure" when using managed identities or a cloud identity on an AKS cluster. Set to "AWS" when using a cloud identity on an EKS cluster.

""

cloudIdentity

Set to workload identity ("azure.workload.identity/client-id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx") when using cloud identity on an AKS cluster. Set to AWS IAM role ("'eks.amazonaws.com/role-arn: arn:aws:iam::123456:role/trident-role'") when using cloud identity on an EKS cluster.

""

iscsiSelfHealingInterval

The interval at which the iSCSI self-healing is invoked.

5m0s

iscsiSelfHealingWaitTime

The duration after which iSCSI self-healing initiates an attempt to resolve a stale session by performing a logout and subsequent login.

7m0s

nodePrep

Enables Trident to prepare the nodes of the Kubernetes cluster to manage volumes using the specified data storage protocol.
Currently, iscsi is the only value supported.

Understanding controller pods and node pods

Trident runs as a single controller pod, plus a node pod on each worker node in the cluster. The node pod must be running on any host where you want to potentially mount a Trident volume.

Kubernetes node selectors and tolerations and taints are used to constrain a pod to run on a specific or preferred node. Using the`ControllerPlugin` and NodePlugin, you can specify constraints and overrides.

  • The controller plugin handles volume provisioning and management, such as snapshots and resizing.

  • The node plugin handles attaching the storage to the node.