Skip to main content

Install and configure Trident protect

Contributors netapp-mwallis netapp-shwetav
PDFs

If your environment meets the requirements for Trident protect, you can follow these steps to install Trident protect on your cluster. You can obtain Trident protect from NetApp, or install it from your own private registry. Installing from a private registry is helpful if your cluster cannot access the Internet.

Install Trident protect

Install Trident protect from NetApp
Steps

  1. Add the Trident Helm repository:

    helm repo add netapp-trident-protect https://netapp.github.io/trident-protect-helm-chart

  2. Install the Trident protect CRDs:

    helm install trident-protect-crds netapp-trident-protect/trident-protect-crds --version 100.2502.0 --create-namespace --namespace trident-protect

  3. Use Helm to install Trident protect. Replace <name_of_cluster> with a cluster name, which will be assigned to the cluster and used to identify the cluster's backups and snapshots:

    helm install trident-protect netapp-trident-protect/trident-protect --set clusterName=<name_of_cluster> --version 100.2502.0 --create-namespace --namespace trident-protect
Install Trident protect from a private registry

You can install Trident protect from a private image registry if your Kubernetes cluster is unable to access the Internet. In these examples, replace values in brackets with information from your environment:

Steps

  1. Pull the following images to your local machine, update the tags, and then push them to your private registry:

    netapp/controller:25.02.0
netapp/restic:25.02.0
netapp/kopia:25.02.0
netapp/trident-autosupport:25.02.0
netapp/exechook:25.02.0
netapp/resourcebackup:25.02.0
netapp/resourcerestore:25.02.0
netapp/resourcedelete:25.02.0
bitnami/kubectl:1.30.2
kubebuilder/kube-rbac-proxy:v0.16.0

    For example:

    docker pull netapp/controller:25.02.0
    docker tag netapp/controller:25.02.0 <private-registry-url>/controller:25.02.0
    docker push <private-registry-url>/controller:25.02.0

  2. Create the Trident protect system namespace:

    kubectl create ns trident-protect

  3. Log in to the registry:

    helm registry login <private-registry-url> -u <account-id> -p <api-token>

  4. Create a pull secret to use for private registry authentication:

    kubectl create secret docker-registry regcred --docker-username=<registry-username> --docker-password=<api-token> -n trident-protect --docker-server=<private-registry-url>

  5. Add the Trident Helm repository:

    helm repo add netapp-trident-protect https://netapp.github.io/trident-protect-helm-chart

  6. Create a file named protectValues.yaml. Ensure that it contains the following Trident protect settings:

    ---
image:
  registry: <private-registry-url>
imagePullSecrets:
  - name: regcred
controller:
  image:
    registry: <private-registry-url>
rbacProxy:
  image:
    registry: <private-registry-url>
crCleanup:
  imagePullSecrets:
    - name: regcred
webhooksCleanup:
  imagePullSecrets:
    - name: regcred

  7. Install the Trident protect CRDs:

    helm install trident-protect-crds netapp-trident-protect/trident-protect-crds --version 100.2502.0 --create-namespace --namespace trident-protect

  8. Use Helm to install Trident protect. Replace <name_of_cluster> with a cluster name, which will be assigned to the cluster and used to identify the cluster's backups and snapshots:

    helm install trident-protect netapp-trident-protect/trident-protect --set clusterName=<name_of_cluster> --version 100.2502.0 --create-namespace --namespace trident-protect -f protectValues.yaml