Skip to content

Latest commit

 

History

History
297 lines (158 loc) · 19 KB

faq.adoc

File metadata and controls

297 lines (158 loc) · 19 KB
Raw
sidebar permalink keywords summary
sidebar
faq.html
faq, frequently asked questions
Find answers to the frequently asked questions about installing, configuring, upgrading, and troubleshooting Trident.

Frequently asked questions

Find answers to the frequently asked questions about installing, configuring, upgrading, and troubleshooting Trident.

General questions

How frequently is Trident released?

Beginning with the 24.02 release, Trident is released every four months: February, June, and October.

Does Trident support all the features that are released in a particular version of Kubernetes?

Trident usually does not support alpha features in Kubernetes. Trident might support beta features within the two Trident releases that follow the Kubernetes beta release.

Does Trident have any dependencies on other NetApp products for its functioning?

Trident does not have any dependencies on other NetApp software products and it works as a standalone application. However, you should have a NetApp backend storage device.

How can I obtain complete Trident configuration details?

Use the tridentctl get command to obtain more information about your Trident configuration.

Can I obtain metrics on how storage is provisioned by Trident?

Yes. Prometheus endpoints that can be used to gather information about Trident operation, such as the number of backends managed, the number of volumes provisioned, bytes consumed, and so on. You can also use Cloud Insights for monitoring and analysis.

Does the user experience change when using Trident as a CSI Provisioner?

No. There are no changes as far as the user experience and functionalities are concerned. The provisioner name used is csi.trident.netapp.io. This method of installing Trident is recommended if you want to use all the new features provided by current and future releases.

Install and use Trident on a Kubernetes cluster

Does Trident support an offline install from a private registry?

Yes, Trident can be installed offline. Refer to Learn about Trident installation.

Can I install Trident be remotely?

Yes. Trident 18.10 and later support remote installation capability from any machine that has kubectl access to the cluster. After kubectl access is verified (for example, initiate a kubectl get nodes command from the remote machine to verify), follow the installation instructions.

Can I configure High Availability with Trident?

Trident is installed as a Kubernetes Deployment (ReplicaSet) with one instance, and so it has HA built in. You should not increase the number of replicas in the deployment. If the node where Trident is installed is lost or the pod is otherwise inaccessible, Kubernetes automatically re-deploys the pod to a healthy node in your cluster. Trident is control-plane only, so currently mounted pods are not affected if Trident is re-deployed.

Does Trident need access to the kube-system namespace?

Trident reads from the Kubernetes API Server to determine when applications request new PVCs, so it needs access to kube-system.

What are the roles and privileges used by Trident?

The Trident installer creates a Kubernetes ClusterRole, which has specific access to the cluster’s PersistentVolume, PersistentVolumeClaim, StorageClass, and Secret resources of the Kubernetes cluster. Refer to Customize tridentctl installation.

Can I locally generate the exact manifest files Trident uses for installation?

You can locally generate and modify the exact manifest files Trident uses for installation, if needed. Refer to Customize tridentctl installation.

Can I share the same ONTAP backend SVM for two separate Trident instances for two separate Kubernetes clusters?

Although it is not advised, you can use the same backend SVM for two Trident instances. Specify a unique volume name for each instance during installation and/or specify a unique StoragePrefix parameter in the setup/backend.json file. This is to ensure the same FlexVol is not used for both instances.

Is it possible to install Trident under ContainerLinux (formerly CoreOS)?

Trident is simply a Kubernetes pod and can be installed wherever Kubernetes is running.

Can I use Trident with NetApp Cloud Volumes ONTAP?

Yes, Trident is supported on AWS, Google Cloud, and Azure.

Does Trident work with Cloud Volumes Services?

Yes, Trident supports the Azure NetApp Files service in Azure as well as the Cloud Volumes Service in GCP.

Troubleshooting and support

Does NetApp support Trident?

Although Trident is open source and provided for free, NetApp fully supports it provided your NetApp backend is supported.

How do I raise a support case?

To raise a support case, do one of the following:

  1. Contact your Support Account Manager and get help to raise a ticket.

  2. Raise a support case by contacting NetApp Support.

How do I generate a support log bundle?

You can create a support bundle by running tridentctl logs -a. In addition to the logs captured in the bundle, capture the kubelet log to diagnose the mount problems on the Kubernetes side. The instructions to get the kubelet log varies based on how Kubernetes is installed.

What do I do if I need to raise a request for a new feature?

Create an issue on Trident Github and mention RFE in the subject and description of the issue.

Where do I raise a defect?

Create an issue on Trident Github. Make sure to include all the necessary information and logs pertaining to the issue.

What happens if I have quick question on Trident that I need clarification on? Is there a community or a forum?

If you have any questions, issues, or requests, reach out to us through our Trident Discord channel or GitHub.

My storage system’s password has changed and Trident no longer works, how do I recover?

Update the backend’s password with tridentctl update backend myBackend -f </path/to_new_backend.json> -n trident. Replace myBackend in the example with your backend name, and `/path/to_new_backend.json with the path to the correct backend.json file.

Trident cannot find my Kubernetes node. How do I fix this?

There are two likely scenarios why Trident cannot find a Kubernetes node. It can be because of a networking issue within Kubernetes or a DNS issue. The Trident node daemonset that runs on each Kubernetes node must be able to communicate with the Trident controller to register the node with Trident. If networking changes occurred after Trident was installed, you encounter this problem only with new Kubernetes nodes that are added to the cluster.

If the Trident pod is destroyed, will I lose the data?

Data will not be lost if the Trident pod is destroyed. Trident metadata is stored in CRD objects. All PVs that have been provisioned by Trident will function normally.

Upgrade Trident

Can I upgrade from a older version directly to a newer version (skipping a few versions)?

NetApp supports upgrading Trident from one major release to the next immediate major release. You can upgrade from version 18.xx to 19.xx, 19.xx to 20.xx, and so on. You should test upgrading in a lab before production deployment.

Is it possible to downgrade Trident to a previous release?

If you need a fix for bugs observed after an upgrade, dependency issues, or an unsuccessful or incomplete upgrade, you should uninstall Trident and reinstall the earlier version using the specific instructions for that version. This is the only recommended way to downgrade to an earlier version.

Manage backends and volumes

Do I need to define both Management and Data LIFs in an ONTAP backend definition file?

The management LIF is mandatory. Data LIF varies:

  • ONTAP SAN: Do not specify for iSCSI. Trident uses ONTAP Selective LUN Map to discover the iSCI LIFs needed to establish a multi path session. A warning is generated if dataLIF is explicitly defined. Refer to ONTAP SAN configuration options and examples for details.

  • ONTAP NAS: We recommend specifying dataLIF. If not provided, Trident fetches data LIFs from the SVM. You can specify a fully-qualified domain name (FQDN) to be used for the NFS mount operations, allowing you to create a round-robin DNS to load-balance across multiple data LIFs. Refer to ONTAP NAS configuration options and examples for details

Can Trident configure CHAP for ONTAP backends?

Yes. Trident supports bidirectional CHAP for ONTAP backends. This requires setting useCHAP=true in your backend configuration.

How do I manage export policies with Trident?

Trident can dynamically create and manage export policies from version 20.04 onwards. This enables the storage administrator to provide one or more CIDR blocks in their backend configuration and have Trident add node IPs that fall within these ranges to an export policy it creates. In this manner, Trident automatically manages the addition and deletion of rules for nodes with IPs within the given CIDRs.

Can IPv6 addresses be used for the Management and Data LIFs?

Trident supports defining IPv6 addresses for:

  • managementLIF and dataLIF for ONTAP NAS backends.

  • managementLIF for ONTAP SAN backends. You cannot specify dataLIF on an ONTAP SAN backend.

Trident must be installed using the flag --use-ipv6 (for tridentctl installation), IPv6 (for Trident operator), or tridentTPv6 (for Helm installation) for it to function over IPv6.

Is it possible to update the Management LIF on the backend?

Yes, it is possible to update the backend Management LIF using the tridentctl update backend command.

Is it possible to update the Data LIF on the backend?

You can update the Data LIF on ontap-nas and ontap-nas-economy only.

Can I create multiple backends in Trident for Kubernetes?

Trident can support many backends simultaneously, either with the same driver or different drivers.

How does Trident store backend credentials?

Trident stores the backend credentials as Kubernetes Secrets.

How does Trident select a specific backend?

If the backend attributes cannot be used to automatically select the right pools for a class, the storagePools and additionalStoragePools parameters are used to select a specific set of pools.

How do I ensure that Trident will not provision from a specific backend?

The excludeStoragePools parameter is used to filter the set of pools that Trident uses for provisioning and will remove any pools that match.

If there are multiple backends of the same kind, how does Trident select which backend to use?

If there are multiple configured backends of the same type, Trident selects the appropriate backend based on the parameters present in StorageClass and PersistentVolumeClaim. For example, if there are multiple ontap-nas driver backends, Trident tries to match parameters in the StorageClass and PersistentVolumeClaim combined and match a backend which can deliver the requirements listed in StorageClass and PersistentVolumeClaim. If there are multiple backends that match the request, Trident selects from one of them at random.

Does Trident support bi-directional CHAP with Element/SolidFire?

Yes.

How does Trident deploy Qtrees on an ONTAP volume? How many Qtrees can be deployed on a single volume?

The ontap-nas-economy driver creates up to 200 Qtrees in the same FlexVol (configurable between 50 and 300), 100,000 Qtrees per cluster node, and 2.4M per cluster. When you enter a new PersistentVolumeClaim that is serviced by the economy driver, the driver looks to see if a FlexVol already exists that can service the new Qtree. If the FlexVol does not exist that can service the Qtree, a new FlexVol is created.

How can I set Unix permissions for volumes provisioned on ONTAP NAS?

You can set Unix permissions on the volume provisioned by Trident by setting a parameter in the backend definition file.

How can I configure an explicit set of ONTAP NFS mount options while provisioning a volume?

By default, Trident does not set mount options to any value with Kubernetes. To specify the mount options in the Kubernetes Storage Class, follow the example given here.

How do I set the provisioned volumes to a specific export policy?

To allow the appropriate hosts access to a volume, use the exportPolicy parameter configured in the backend definition file.

How do I set volume encryption through Trident with ONTAP?

You can set encryption on the volume provisioned by Trident by using the encryption parameter in the backend definition file. For more information, refer to: How Trident works with NVE and NAE

What is the best way to implement QoS for ONTAP through Trident?

Use StorageClasses to implement QoS for ONTAP.

How do I specify thin or thick provisioning through Trident?

The ONTAP drivers support either thin or thick provisioning. The ONTAP drivers default to thin provisioning. If thick provisioning is desired, you should configure either the backend definition file or the StorageClass. If both are configured, StorageClass takes precedence. Configure the following for ONTAP:

  1. On StorageClass, set the provisioningType attribute as thick.

  2. In the backend definition file, enable thick volumes by setting backend spaceReserve parameter as volume.

How do I make sure that the volumes being used are not deleted even if I accidentally delete the PVC?

PVC protection is automatically enabled on Kubernetes starting from version 1.10.

Can I grow NFS PVCs that were created by Trident?

Yes. You can expand a PVC that has been created by Trident. Note that volume autogrow is an ONTAP feature that is not applicable to Trident.

Can I import a volume while it is in SnapMirror Data Protection (DP) or offline mode?

The volume import fails if the external volume is in DP mode or is offline. You receive the following error message:

Error: could not import volume: volume import failed to get size of volume: volume <name> was not found (400 Bad Request) command terminated with exit code 1.
Make sure to remove the DP mode or put the volume online before importing the volume.

How is resource quota translated to a NetApp cluster?

Kubernetes Storage Resource Quota should work as long as NetApp storage has capacity. When the NetApp storage cannot honor the Kubernetes quota settings due to lack of capacity, Trident tries to provision but errors out.

Can I create Volume Snapshots using Trident?

Yes. Creating on-demand volume snapshots and Persistent Volumes from Snapshots are supported by Trident. To create PVs from snapshots, ensure that the VolumeSnapshotDataSource feature gate has been enabled.

What are the drivers that support Trident volume snapshots?

As of today, on-demand snapshot support is available for our ontap-nas, ontap-nas-flexgroup, ontap-san, ontap-san-economy, solidfire-san, gcp-cvs, and azure-netapp-files backend drivers.

How do I take a snapshot backup of a volume provisioned by Trident with ONTAP?

This is available on ontap-nas, ontap-san, and ontap-nas-flexgroup drivers. You can also specify a snapshotPolicy for the ontap-san-economy driver at the FlexVol level.

This is also available on the ontap-nas-economy drivers but on the FlexVol level granularity and not on the qtree level granularity. To enable the ability to snapshot volumes provisioned by Trident, set the backend parameter option snapshotPolicy to the desired snapshot policy as defined on the ONTAP backend. Any snapshots taken by the storage controller are not known by Trident.

Can I set a snapshot reserve percentage for a volume provisioned through Trident?

Yes, you can reserve a specific percentage of disk space for storing the snapshot copies through Trident by setting the snapshotReserve attribute in the backend definition file. If you have configured snapshotPolicy and snapshotReserve in the backend definition file, snapshot reserve percentage is set according to the snapshotReserve percentage mentioned in the backend file. If the snapshotReserve percentage number is not mentioned, ONTAP by default takes the snapshot reserve percentage as 5. If the snapshotPolicy option is set to none, the snapshot reserve percentage is set to 0.

Can I directly access the volume snapshot directory and copy files?

Yes, you can access the snapshot directory on the volume provisioned by Trident by setting the snapshotDir parameter in the backend definition file.

Can I set up SnapMirror for volumes through Trident?

Currently, SnapMirror has to be set externally by using ONTAP CLI or OnCommand System Manager.

How do I restore Persistent Volumes to a specific ONTAP snapshot?

To restore a volume to an ONTAP snapshot, perform the following steps:

  1. Quiesce the application pod which is using the Persistent volume.

  2. Revert to the required snapshot through ONTAP CLI or OnCommand System Manager.

  3. Restart the application pod.

Can Trident provision volumes on SVMs that have a Load-Sharing Mirror configured?

Load-sharing mirrors can be created for root volumes of SVMs that serve data over NFS. ONTAP automatically updates load-sharing mirrors for volumes that have been created by Trident. This may result in delays in mounting volumes. When multiple volumes are created using Trident, provisioning a volume is dependent on ONTAP updating the load-sharing mirror.

How can I separate out storage class usage for each customer/tenant?

Kubernetes does not allow storage classes in namespaces. However, you can use Kubernetes to limit usage of a specific storage class per namespace by using Storage Resource Quotas, which are per namespace. To deny a specific namespace access to specific storage, set the resource quota to 0 for that storage class.