Before installing TrilioVault for Kubernetes please review the compatibility matrix to ensure the application can function smoothly in your Kubernetes environment.
If using Kubernetes 1.12 to 1.16, the alpha feature gate for VolumeSnapshotDataSource needs to be enabled since it is still in Technology Preview for those versions. Follow the instructions provided in the Enabling Alpha Feature Gate Appendix section to enable the feature gate.
TrilioVault makes environment validation easy by providing a 'Precheck tool' that runs against a Kubernetes cluster and provides an output stating if the environment is suitable to proceed with a successful installation of the application. Please check the TrilioVault for Kubernetes Preflight check page to see the requirements of the application follow the instructions to run the Preflight tool.
TrilioVault leverages the default storage driver that is available on the Kubernetes platform and can function with RWO/RWX storage access mode.
TrilioVault is available as a certified Operator in the embedded OperatorHub for OpenShift environments.
Trilio is currently working with RedHat to create a 'Data Protection' category within the embedded OperatorHub to host the TrilioVault for Kubernetes data protection application - the first in this space. Trilio is currently available in the Database, Monitoring, Security, Developer Tools categories
Within OpenShift, ensure the correct Project is selected.
Select OperatorHub in the left panel.
Either search by typing 'Trilio' or find TrilioVault for Kubernetes in any of these categories - Database/Monitoring/Security/Developer Tools
4. Select the TrilioVault for Kubernetes Tile
5. Click Install
6. Select if this is a cluster scope installation of TrilioVault or Namespaced only. Note, selecting cluster scope will install TrilioVault in all namespaces. Please refer to the RBAC section to understand the security related roles and permissions created and leveraged by TrilioVault 7. Select the Approval Strategy for receiving updates - Automatic or Manual
8. Click Subscribe
9. Confirm that TrilioVault for Kubernetes has been installed successfully.
TrilioVault for Kubernetes has been designed to support installation in a restricted or disconnected network as part of the OLM framework. Please follow the instructions from the OpenShift Documentation to install TVK in an offline environment
Follow the instructions in this section to Install TrilioVault for Kubernetes on any certified Kubernetes distributions.
This section assumes that you have installed
helm installed and correctly configured to work with desired Kubernetes cluster. TVK supports both
v3 versions of
As part of the install, Trilio first requires the Operator to be deployed, after which the application is deployed via the TrilioVault Manager (TVM) Resource created by the Operator. In order to understand the Operator version to Application version compatibility, refer to the TVM compatibility matrix
Add the Trilio Helm repository to your local setup
helm repo add triliovault-operator http://charts.k8strilio.net/trilio-stable/k8s-triliovault-operatorhelm repo add triliovault http://charts.k8strilio.net/trilio-stable/k8s-triliovaulthelm repo update
2. Install TrilioVault operator helm chart
helm install triliovault-operator triliovault-operator/k8s-triliovault-operator
3. List TrilioVault operator helm release name
$ helm listNAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSIONtriliovault-operator default 1 2021-03-10 11:41:23.438381 -0500 EST deployed k8s-triliovault-operator-v2.0.3 v2.0.3
4. Verify TrilioVault operator pods are running
$ kubectl get pods -l release=triliovault-operatorNAME READY STATUS RESTARTS AGEtriliovault-operator-k8s-triliovault-operator-7bf447967f-w5tgd 1/1 Running 0 2m7s
5. Deploy TrilioVault Cluster
The TrilioVault custom resource name is
TrilioVault Operator defines this Custom Resource (CR).
Installation via Helm v3
apiVersion: triliovault.trilio.io/v1kind: TrilioVaultManagermetadata:labels:triliovault: triliovaultname: triliovault-managernamespace: defaultspec:trilioVaultAppVersion: v2.1.0helmVersion:version: v3applicationScope: Cluster#restoreNamespaces: ["kube-system", "default", "restore-ns"]#resources:#requests:#memory: 400Mi
$ kubectl create -f triliovault-manager.yaml
6. List CR of
kubectl get triliovaultmanagerNAME TRILIOVAULT-VERSION SCOPE STATUS RESTORE-NAMESPACEStriliovault-manager v2.1.0 Cluster Deployed [kube-system default restore-ns]
7. List pods created by TrilioVaultManager CR are running
$ kubectl get podsk8s-triliovault-admission-webhook-544b566979-4lw7q 1/1 Running 0 7d2hk8s-triliovault-backend-5b79996f48-djzd4 1/1 Running 0 7d2hk8s-triliovault-control-plane-78c7d589fb-d2829 1/1 Running 0 7d2hk8s-triliovault-exporter-789c785968-vn7hf 1/1 Running 0 7d2hk8s-triliovault-ingress-controller-54c55b58cf-vw7s7 1/1 Running 0 7d2hk8s-triliovault-web-85d58df67b-jqnln 1/1 Running 0 7d2h
TrilioVault is now successfully installed on your cluster.
The install process is on the Mirantis Kubernetes Engine (MKE) exactly the same as Upstream Kubernetes with one additional step. This extra step is to align with the additional admission controllers that are shipped with MKE
Connect to the MKE Cluster
Run the command
kubectl create clusterrolebinding k8s-triliovault --clusterrole=cluster-admin --serviceaccount=default:k8s-triliovault
To continue with the install please click here
IBM cloud supports an upstream version of Kubernetes and OpenShift Kubernetes cluster services. Trilio supports both cluster types and instructions for each are provided below.
Search for Trilio in the IBM Cloud Catalog
Select the target: IBM Cloud Kubernetes Service on IBM Cloud
Select the Helm Chart for deployment method
3. Select your cluster running in IBM Cloud and deploy (screenshot)
4. This will install the TrilioVault for Kubernetes Operator on your cluster. 5. To complete the install please refer to the following section and continue from 'Step 5' to install the TrilioVault Manager Application
Once you have the Red Hat OpenShift cluster deployed on IBM Cloud. TrilioVault is available as a certified Operator in the embedded OperatorHub for OpenShift environments.
For details please refer to Installing TrilioVault for Kubernetes on OpenShift
Rancher supports RKE (Rancher Kubernetes Engine) by default on Amazon EC2, Azure, Digital Ocean, Linode and vSphere. It also supports Amazon EKS, Azure AKS and Google GKE deployments out of the box.
TrilioVault for Kubernetes provides an operator as a Rancher Partner Chart for Kubernetes cluster deployments and it is present on the Rancher Apps & Marketplace. Here are the instructions to install TVK as a Rancher Partner Chart on RKE cluster deployment.
Note: TVK Operator deployment as Rancher Partner chart is supported only on Rancher server v2.5 and above.
Login to the Rancher Server web console
2. Select the RKE cluster deployment from the list of cluster deployments, click on the cluster name to view details
3. Click on the Cluster Explorer on top right corner to view all resources
4. Click on the dropdown 'Cluster Explorer' on the top left corner and select 'Apps & Marketplace'
5. From the list of the Partner Charts type 'Trilio' in the filter to see TVK operator
6. Click on the
k8s-triliovault-operator to begin the Operator installation on the K8s cluster
7. You can select the desired namespace from the 'Namespace' dropdown list for the installation. Click on 'Install' button to start the installation. User can see the installation progress in terminal window
helm install --namespace=default --timeout=10m0s --values=/home/shell/helm/values-k8s-triliovault-operator-v2.0.200.yaml --version=v2.0.200 --wait=true k8s-triliovault-operator /home/shell/helm/k8s-triliovault-operator-v2.0.200.tgzcreating 8 resource(s)beginning wait for 8 resources with timeout of 10m0sDeployment is not ready: default/k8s-triliovault-operator. 0 out of 1 expected pods are readyDeployment is not ready: default/k8s-triliovault-operator. 0 out of 1 expected pods are readyDeployment is not ready: default/k8s-triliovault-operator. 0 out of 1 expected pods are readyDeployment is not ready: default/k8s-triliovault-operator. 0 out of 1 expected pods are readyNAME: k8s-triliovault-operatorLAST DEPLOYED: Thu Apr 8 07:15:53 2021NAMESPACE: defaultSTATUS: deployedREVISION: 1TEST SUITE: NoneNOTES:To verify that TrilioVault Operator has started, run:kubectl --namespace=default get deployments -l "release=k8s-triliovault-operator"---------------------------------------------------------------------SUCCESS: helm install --namespace=default --timeout=10m0s --values=/home/shell/helm/values-k8s-triliovault-operator-v2.0.200.yaml --version=v2.0.200 --wait=true k8s-triliovault-operator /home/shell/helm/k8s-triliovault-operator-v2.0.200.tgz---------------------------------------------------------------------
8. After the installation is complete, you can verify it from the list of 'Installed Apps'
9. Once the operator is installed, login to the k8s cluster and follow the TVK Manager installation steps from Upstream Kubernetes Steps 5 onwards.
Amazon (EKS), Azure (AKS) and Google (GKE) Kubernetes offerings all leverage upstream Kubernetes. As a result, the same installation instructions as provided for Upstream Kubernetes environments can be used for installing TVK into these clusters. Eventually, TVK will be available as a service offering for all public cloud environments.