Skip to main content

Configure the Trident EKS add-on on an EKS cluster

Contributors netapp-aruldeepa
PDFs

NetApp Trident streamlines Amazon FSx for NetApp ONTAP storage management in Kubernetes to enable your developers and administrators focus on application deployment. The NetApp Trident EKS add-on includes the latest security patches, bug fixes, and is validated by AWS to work with Amazon EKS. The EKS add-on enables you to consistently ensure that your Amazon EKS clusters are secure and stable and reduce the amount of work that you need to do in order to install, configure, and update add-ons.

Prerequisites

Ensure that you have the following before configuring the Trident add-on for AWS EKS:

  • An Amazon EKS cluster account with permissions to work with add-ons. Refer to Amazon EKS add-ons.

  • AWS permissions to the AWS marketplace:
    "aws-marketplace:ViewSubscriptions",
    "aws-marketplace:Subscribe",
    "aws-marketplace:Unsubscribe

  • AMI type: Amazon Linux 2 (AL2_x86_64) or Amazon Linux 2 Arm(AL2_ARM_64)

  • Node type: AMD or ARM

  • An existing Amazon FSx for NetApp ONTAP file system

Steps

  1. Make sure to create IAM role and AWS secret to enable EKS pods to access AWS resources. For instructions, see Create an IAM role and AWS Secret.

  2. On your EKS Kubernetes cluster, navigate to the Add-ons tab.

    aws eks 01

  3. Go to AWS Marketplace add-ons and choose the storage category.

    aws eks 02

  4. Locate NetApp Trident and select the checkbox for the Trident add-on, and click Next.

  5. Choose the desired version of the add-on.

    aws eks 03

  6. Select the IAM role option to inherit from the node.

    aws eks 04

  7. Configure any Optional configuration settings as required and select Next.

    Follow the Add-on configuration schema and set the Configuration Values parameter on the Configuration values section to the role-arn you created on the previous step(Step 1) (value should be in the following format: eks.amazonaws.com/role-arn: arn:aws:iam::464262061435:role/AmazonEKS_FSXN_CSI_DriverRole).
    NOTE: If you select Override for the Conflict resolution method, one or more of the settings for the existing add-on can be overwritten with the Amazon EKS add-on settings. If you don't enable this option and there's a conflict with your existing settings, the operation fails. You can use the resulting error message to troubleshoot the conflict. Before selecting this option, make sure that the Amazon EKS add-on doesn't manage settings that you need to self-manage.

    aws eks 06

    • Beginning with 25.02 release, Trident supports automatic backend configuration. Trident creates the backend and storage classes seamlessly after Trident installation. To enable automatic backend configuration, add the ontapConfigurator parameter and specify authType, fsxnID, and protocols in the Add-on configuration schema along with cloudIdentity during the installation.

      "ontapConfigurator": {
        "enabled": true,
        "svms": [
          {
            "authType": "awsarn",
            "fsxnID": "fs-0dfeaa884a68b1cab",
            "protocols": [
              "nfs",
              "iscsi"
            ]
          }
        ]
      }}"
      Note To disable automatic backend configuration, upgrade the Trident release version and set the ontapConfigurator to false.

  8. Select Create.

  9. Verify that the status of the add-on is Active.

    aws eks 05

  10. Run the following command to verify that Trident is properly installed on the cluster:

    kubectl get pods -n trident

  11. Continue the setup and configure the storage backend. For information, see Configure the Storage Backend.

Install/uninstall the Trident EKS add-on using CLI

Install the NetApp Trident EKS add-on using CLI:

The following example command installs the Trident EKS add-on:
eksctl create addon --cluster clusterName --name netapp_trident-operator --version v24.10.0-eksbuild.1 (with a dedicated version)

Uninstall the NetApp Trident EKS add-on using CLI:

The following command uninstalls the Trident EKS add-on:

eksctl delete addon --cluster K8s-arm --name netapp_trident-operator