Skip to main content

Install and configure Trident protect

Contributors netapp-mwallis
PDFs

If your environment meets the requirements for Trident protect, you can follow these steps to install Trident protect on your cluster. You can obtain Trident protect from NetApp, or install it from your own private registry. Installing from a private registry is helpful if your cluster cannot access the Internet.

Note By default, Trident protect collects support information that helps with any NetApp support cases that you might open, including logs, metrics, and topology information about clusters and managed applications. Trident protect sends these support bundles to NetApp on a daily schedule. You can optionally disable this support bundle collection when you install Trident protect. You can manually generate a support bundle at any time.

Install Trident protect

Install Trident protect from NetApp
Steps

  1. Add the Trident Helm repository:

    helm repo add netapp-trident-protect https://netapp.github.io/trident-protect-helm-chart

  2. Install the Trident protect CRDs:

    helm install trident-protect-crds netapp-trident-protect/trident-protect-crds --version 100.2410.1 --create-namespace --namespace trident-protect

  3. Use Helm to install Trident protect using one of the following commands. Replace <name_of_cluster> with a cluster name, which will be assigned to the cluster and used to identify the cluster's backups and snapshots:

    • Install Trident protect normally:

      helm install trident-protect netapp-trident-protect/trident-protect --set clusterName=<name_of_cluster> --version 100.2410.1 --create-namespace --namespace trident-protect

    • Install Trident protect and disable the scheduled daily Trident protect AutoSupport support bundle uploads:

      helm install trident-protect netapp-trident-protect/trident-protect --set autoSupport.enabled=false --set clusterName=<name_of_cluster> --version 100.2410.1 --create-namespace --namespace trident-protect
Install Trident protect from a private registry

You can install Trident protect from a private image registry if your Kubernetes cluster is unable to access the Internet. In these examples, replace values in brackets with information from your environment:

Steps

  1. Pull the following images to your local machine, update the tags, and then push them to your private registry:

    netapp/controller:24.10.1
netapp/restic:24.10.1
netapp/kopia:24.10.1
netapp/trident-autosupport:24.10.0
netapp/exechook:24.10.1
netapp/resourcebackup:24.10.1
netapp/resourcerestore:24.10.1
netapp/resourcedelete:24.10.1
bitnami/kubectl:1.30.2
kubebuilder/kube-rbac-proxy:v0.16.0

    For example:

    docker pull netapp/controller:24.10.1
    docker tag netapp/controller:24.10.1 <private-registry-url>/controller:24.10.1
    docker push <private-registry-url>/controller:24.10.1

  2. Create the Trident protect system namespace:

    kubectl create ns trident-protect

  3. Log in to the registry:

    helm registry login <private-registry-url> -u <account-id> -p <api-token>

  4. Create a pull secret to use for private registry authentication:

    kubectl create secret docker-registry regcred --docker-username=<registry-username> --docker-password=<api-token> -n trident-protect --docker-server=<private-registry-url>

  5. Add the Trident Helm repository:

    helm repo add netapp-trident-protect https://netapp.github.io/trident-protect-helm-chart

  6. Create a file named protectValues.yaml. Ensure that it contains the following Trident protect settings:

    ---
image:
  registry: <private-registry-url>
imagePullSecrets:
  - name: regcred
controller:
  image:
    registry: <private-registry-url>
rbacProxy:
  image:
    registry: <private-registry-url>
crCleanup:
  imagePullSecrets:
    - name: regcred
webhooksCleanup:
  imagePullSecrets:
    - name: regcred

  7. Install the Trident protect CRDs:

    helm install trident-protect-crds netapp-trident-protect/trident-protect-crds --version 100.2410.1 --create-namespace --namespace trident-protect

  8. Use Helm to install Trident protect using one of the following commands. Replace <name_of_cluster> with a cluster name, which will be assigned to the cluster and used to identify the cluster's backups and snapshots:

    • Install Trident protect normally:

      helm install trident-protect netapp-trident-protect/trident-protect --set clusterName=<name_of_cluster> --version 100.2410.1 --create-namespace --namespace trident-protect -f protectValues.yaml

    • Install Trident protect and disable the scheduled daily Trident protect AutoSupport support bundle uploads:

      helm install trident-protect netapp-trident-protect/trident-protect --set autoSupport.enabled=false --set clusterName=<name_of_cluster> --version 100.2410.1 --create-namespace --namespace trident-protect -f protectValues.yaml

Specify Trident protect container resource limits

You can use a configuration file to specify resource limits for Trident protect containers after you install Trident protect. Setting resource limits enables you to control how much of the cluster's resources are consumed by Trident protect operations.

Steps

  1. Create a file named resourceLimits.yaml.

  2. Populate the file with resource limit options for Trident protect containers according to the needs of your environment.

    The following example configuration file shows the available settings and contains the default vaules for each resource limit:

    ---
jobResources:
  defaults:
    limits:
      cpu: 8000m
      memory: 10000Mi
      ephemeralStorage: ""
    requests:
      cpu: 100m
      memory: 100Mi
      ephemeralStorage: ""
  resticVolumeBackup:
    limits:
      cpu: ""
      memory: ""
      ephemeralStorage: ""
    requests:
      cpu: ""
      memory: ""
      ephemeralStorage: ""
  resticVolumeRestore:
    limits:
      cpu: ""
      memory: ""
      ephemeralStorage: ""
    requests:
      cpu: ""
      memory: ""
      ephemeralStorage: ""
  kopiaVolumeBackup:
    limits:
      cpu: ""
      memory: ""
      ephemeralStorage: ""
    requests:
      cpu: ""
      memory: ""
      ephemeralStorage: ""
  kopiaVolumeRestore:
    limits:
      cpu: ""
      memory: ""
      ephemeralStorage: ""
    requests:
      cpu: ""
      memory: ""
      ephemeralStorage: ""

  3. Apply the values from the resourceLimits.yaml file:

    helm upgrade trident-protect -n trident-protect -f <resourceLimits.yaml> --reuse-values