Skip to main content

Configure a Google Cloud NetApp Volumes backend

Contributors netapp-aruldeepa
PDFs

You can now configure Google Cloud NetApp Volumes as the backend for Trident. You can attach NFS volumes using a Google Cloud NetApp Volumes backend.

Google Cloud NetApp Volumes driver details

Trident provides the google-cloud-netapp-volumes driver to communicate with the cluster. Supported access modes are: ReadWriteOnce (RWO), ReadOnlyMany (ROX), ReadWriteMany (RWX), ReadWriteOncePod (RWOP).

Driver Protocol volumeMode Access modes supported File systems supported

google-cloud-netapp-volumes

NFS

Filesystem

RWO, ROX, RWX, RWOP

nfs

Cloud identity for GKE

Cloud identity enables Kubernetes pods to access Google Cloud resources by authenticating as a workload identity instead of by providing explicit Google Cloud credentials.

To take advantage of cloud identity in Google Cloud, you must have:

  • A Kubernetes cluster deployed using GKE.

  • Workload identity configured on the GKE cluster and GKE MetaData Server configured on the node pools.

  • A GCP Service account with the Google Cloud NetApp Volumes Admin (roles/netapp.admin) role or a custom role.

  • Trident installed that includes the cloudProvider to specify "GCP" and cloudIdentity specifying the new GCP service account. An example is given below.

    Trident operator

    To install Trident using the Trident operator, edit tridentorchestrator_cr.yaml to set cloudProvider to "GCP" and set cloudIdentity to iam.gke.io/gcp-service-account: cloudvolumes-admin-sa@mygcpproject.iam.gserviceaccount.com.

    For example:

    apiVersion: trident.netapp.io/v1
kind: TridentOrchestrator
metadata:
  name: trident
spec:
  debug: true
  namespace: trident
  imagePullPolicy: IfNotPresent
  cloudProvider: "GCP"
  cloudIdentity: 'iam.gke.io/gcp-service-account: cloudvolumes-admin-sa@mygcpproject.iam.gserviceaccount.com'