Skip to main content

Configure a Google Cloud NetApp Volumes backend

Contributors netapp-aruldeepa
PDFs

You can now configure Google Cloud NetApp Volumes as the backend for Trident. You can attach NFS volumes using a Google Cloud NetApp Volumes backend.

Google Cloud NetApp Volumes driver details

Trident provides the google-cloud-netapp-volumes driver to communicate with the cluster. Supported access modes are: ReadWriteOnce (RWO), ReadOnlyMany (ROX), ReadWriteMany (RWX), ReadWriteOncePod (RWOP).

Driver Protocol volumeMode Access modes supported File systems supported

google-cloud-netapp-volumes

NFS

Filesystem

RWO, ROX, RWX, RWOP

nfs

Cloud identity for GKE

Cloud identity enables Kubernetes pods to access Google Cloud resources by authenticating as a workload identity instead of by providing explicit Google Cloud credentials.

To take advantage of cloud identity in Google Cloud, you must have:

  • A Kubernetes cluster deployed using GKE.

  • Workload identity and oidc-issuer configured on the GKE cluster.

  • Trident installed that includes the cloudProvider to specify "GCP" and cloudIdentity specifying workload identity.

    Trident operator

    To install Trident using the Trident operator, edit tridentorchestrator_cr.yaml to set cloudProvider to "GCP" and set cloudIdentity to iam.gke.io/gcp-service-account: cloudvolumes-admin-sa@mygcpproject.iam.gserviceaccount.com.

    For example:

    apiVersion: trident.netapp.io/v1
kind: TridentOrchestrator
metadata:
  name: trident
spec:
  debug: true
  namespace: trident
  imagePullPolicy: IfNotPresent
  cloudProvider: "GCP"
  cloudIdentity: 'iam.gke.io/gcp-service-account: cloudvolumes-admin-sa@mygcpproject.iam.gserviceaccount.com'
    Helm

    Set the values for cloud-provider (CP) and cloud-identity (CI) flags using the following environment variables:

    export CP="GCP"
    export ANNOTATION="iam.gke.io/gcp-service-account: cloudvolumes-admin-sa@mygcpproject.iam.gserviceaccount.com"

    The following example installs Trident and sets cloudProvider to GCP using the environment variable $CP and sets the cloudIdentity using the environment variable $ANNOTATION:

    helm install trident trident-operator-100.2406.0.tgz --set cloudProvider=$CP --set cloudIdentity="$ANNOTATION"
    tridentctl

    Set the values for cloud provider and cloud identity flags using the following environment variables:

    export CP="GCP"
    export ANNOTATION="iam.gke.io/gcp-service-account: cloudvolumes-admin-sa@mygcpproject.iam.gserviceaccount.com"

    The following example installs Trident and sets the cloud-provider flag to $CP, and cloud-identity to $ANNOTATION:

    tridentctl install --cloud-provider=$CP --cloud-identity="$ANNOTATION" -n trident