Before installing TrilioVault for Kubernetes please review the compatibility matrix to ensure the application can function smoothly in your Kubernetes environment.
If using Kubernetes 1.12 to 1.16, the alpha featuregate for VolumeSnapshotDataSource needs to be enabled since it is still in Technology Preview for those versions. Follow the instructions provided in the Enabling Alpha Feature Gate Appendix section to enable the featuregate.
TrilioVault makes environment validation easy by providing a 'Precheck tool' that runs against a Kubernetes cluster and provides an output stating if the environment is suitable to proceed with a successful installation of the application. Please check the TrilioVault for Kubernetes Preflight check Appendix page to see the requirements of the application follow the instructions to run the Preflight tool.
TrilioVault leverages the default storage driver that is available on the Kubernetes platform and can function with RWO/RWX storage access mode.
TrilioVault is available as a certified Operator in the embedded OperatorHub for OpenShift environments.
Trilio is currently working with RedHat to create a 'Data Protection' category within the embedded OperatorHub to host the TrilioVault for Kubernetes data protection application - the first in this space. Trilio is currently available in the Database,Monitoring,Security,Developer Tools categories
Within OpenShift, ensure the correct Project is selected.
Select OperatorHub in the left panel.
Either search by typing 'Trilio' or find TrilioVault for Kubernetes in any of these categories - Database/Monitoring/Security/Developer Tools
4. Select the TrilioVault for Kubernetes Tile
If the TVK tile is not available within OperatorHub (which could happen because of pipeline issues), follow the instructions to install via a CustomCatalog Source​
5. Click Install
​
6. Select if this is a clusterwide installation of TrilioVault or Namespaced only. Note, selecting clusterwide will install TrilioVault in all namespaces. Please refer to the RBAC section to understand the security related roles and permissions created and leveraged by TrilioVault 7. Select the Approval Strategy for receiving updates - Automatic or Manual
8. Click Subscribe
9. Confirm that TrilioVault for Kubernetes has been installed successfully.
TrilioVault for Kubernetes has been designed to support installation in a restricted or disconnected network as part of the OLM framework. Please follow the instructions from the OpenShift Documentation to install TVK in an offline environment
Follow the instructions in this section to Install TrilioVault for Kubernetes on any certified Kubernetes distributions.
This section assumes that you have installed kubectl
and helm
installed and correctly configured to work with desired Kubernetes cluster. We support both v2
and v3
versions of helm.
Add the Trilio Helm repository to your local setup
helm repo add triliovault-operator http://charts.k8strilio.net/trilio-stable/k8s-triliovault-operatorhelm repo add triliovault http://charts.k8strilio.net/trilio-stable/k8s-triliovaulthelm repo update
2. Install TrilioVault operator helm chart
For helm2helm install --name=triliovault-operator triliovault-operator/k8s-triliovault-operator --version 2.0.2​For helm3helm install triliovault-operator triliovault-operator/k8s-triliovault-operator
3. List TrilioVault operator helm release name
$ helm listNAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSIONtriliovault-operator default 1 2021-01-17 11:41:23.438381 -0500 EST deployed k8s-triliovault-operator-v2.0.2 v2.0.2
4. Verify TrilioVault operator pods are running
$ kubectl get pods -l release=triliovault-operatorNAME READY STATUS RESTARTS AGEtriliovault-operator-k8s-triliovault-operator-7bf447967f-w5tgd 1/1 Running 0 2m7s
5. Deploy TrilioVault Cluster
The TrilioVault custom resource name is TrilioVaultManager
TrilioVault Operator defines this Custom Resource (CR).
To configure resource limits for TVK components please refer to the Resource Limits page in the Appendix
For Helm v2
apiVersion: triliovault.trilio.io/v1kind: TrilioVaultManagermetadata:labels:triliovault: triliovaultname: triliovault-managernamespace: defaultspec:trilioVaultAppVersion: v2.0.2helmVersion:version: v2tillerNamespace: kube-systemapplicationScope: Cluster#restoreNamespaces: ["kube-system", "default", "restore-ns"]#resources:#requests:#memory: 400Mi
For Helm v3
apiVersion: triliovault.trilio.io/v1kind: TrilioVaultManagermetadata:labels:triliovault: triliovaultname: triliovault-managernamespace: defaultspec:trilioVaultAppVersion: v2.0.2helmVersion:version: v3applicationScope: Cluster#restoreNamespaces: ["kube-system", "default", "restore-ns"]#resources:#requests:#memory: 400Mi
In the CRD example below,restoreNamespaces
is optional. To restrict restores to specific namespaces specify the namespaces for that field.
$ kubectl create -f triliovault-manager.yaml
6. List CR of TrilioVaultManager
.
kubectl get triliovaultmanagerNAME TRILIOVAULT-VERSION SCOPE STATUS RESTORE-NAMESPACEStriliovault-manager v2.0.2 Cluster Deployed [kube-system default restore-ns]
7. List pods created by TrilioVaultManager CR are running
$ kubectl get podsk8s-triliovault-admission-webhook-544b566979-4lw7q 1/1 Running 0 7d2hk8s-triliovault-backend-5b79996f48-djzd4 1/1 Running 0 7d2hk8s-triliovault-control-plane-78c7d589fb-d2829 1/1 Running 0 7d2hk8s-triliovault-exporter-789c785968-vn7hf 1/1 Running 0 7d2hk8s-triliovault-ingress-controller-54c55b58cf-vw7s7 1/1 Running 0 7d2hk8s-triliovault-web-85d58df67b-jqnln 1/1 Running 0 7d2h
TrilioVault is now successfully installed on your cluster.