This section includes detailed instructions on how to install TrilioVault for Kubernetes on OpenShift and other certified Kubernetes Distributions.

Prerequisites for TrilioVault for Kubernetes

Before installing TrilioVault for Kubernetes please review the compatibility matrix to ensure the application can function smoothly in your Kubernetes environment.

  1. If using Kubernetes 1.12 to 1.16, the alpha featuregate for VolumeSnapshotDataSource needs to be enabled since it is still in Technology Preview for those versions. Follow the instructions provided in the Enabling Alpha Feature Gate Appendix section to enable the featuregate.

  2. TrilioVault makes environment validation easy by providing a 'Precheck tool' that runs against a Kubernetes cluster and provides an output stating if the environment is suitable to proceed with a successful installation of the application. Please check the TrilioVault for Kubernetes Preflight check Appendix page to see the requirements of the application follow the instructions to run the Preflight tool.

  3. TrilioVault leverages the default storage driver that is available on the Kubernetes platform and can function with RWO/RWX storage access mode.

Installing TrilioVault for Kubernetes on OpenShift

TrilioVault is available as a certified Operator in the embedded OperatorHub for OpenShift environments.

Trilio is currently working with RedHat to create a 'Data Protection' category within the embedded OperatorHub to host the TrilioVault for Kubernetes data protection application - the first in this space. Trilio is currently available in the Database,Monitoring,Security,Developer Tools categories

  1. Within OpenShift, ensure the correct Project is selected.

  2. Select OperatorHub in the left panel.

  3. Either search by typing 'Trilio' or find TrilioVault for Kubernetes in any of these categories - Database/Monitoring/Security/Developer Tools

TrilioVault for Kubernetes within OpenShift OperatorHub

4. Select the TrilioVault for Kubernetes Tile

TrilioVault for Kubernetes Tile

If the TVK tile is not available within OperatorHub (which could happen because of pipeline issues), follow the instructions to install via a CustomCatalog Source

5. Click Install

Install TrilioVault

6. Select if this is a clusterwide installation of TrilioVault or Namespaced only. Note, selecting clusterwide will install TrilioVault in all namespaces. Please refer to the RBAC section to understand the security related roles and permissions created and leveraged by TrilioVault 7. Select the Approval Strategy for receiving updates - Automatic or Manual

8. Click Subscribe

Subscribe to TrilioVault for Kubernetes Operator

9. Confirm that TrilioVault for Kubernetes has been installed successfully.

Successful installation of TrilioVault for Kubernetes

Offline Install

TrilioVault for Kubernetes has been designed to support installation in a restricted or disconnected network as part of the OLM framework. Please follow the instructions from the OpenShift Documentation to install TVK in an offline environment

Installing TrilioVault on Kubernetes

Follow the instructions in this section to Install TrilioVault for Kubernetes on any certified Kubernetes distributions.

This section assumes that you have installed kubectl and helm installed and correctly configured to work with desired Kubernetes cluster. We support both v2 and v3 versions of helm.

  1. Add the Trilio Helm repository to your local setup

helm repo add triliovault-operator
helm repo add triliovault
helm repo update

2. Install TrilioVault operator helm chart

For helm2
helm install --name=triliovault-operator triliovault-operator/k8s-triliovault-operator --version 2.0.2
For helm3
helm install triliovault-operator triliovault-operator/k8s-triliovault-operator

3. List TrilioVault operator helm release name

$ helm list
triliovault-operator default 1 2021-01-17 11:41:23.438381 -0500 EST deployed k8s-triliovault-operator-v2.0.2 v2.0.2

4. Verify TrilioVault operator pods are running

$ kubectl get pods -l release=triliovault-operator
triliovault-operator-k8s-triliovault-operator-7bf447967f-w5tgd 1/1 Running 0 2m7s

5. Deploy TrilioVault Cluster

  • The TrilioVault custom resource name is TrilioVaultManager

  • TrilioVault Operator defines this Custom Resource (CR).

To configure resource limits for TVK components please refer to the Resource Limits page in the Appendix

For Helm v2

kind: TrilioVaultManager
triliovault: triliovault
name: triliovault-manager
namespace: default
trilioVaultAppVersion: v2.0.2
version: v2
tillerNamespace: kube-system
applicationScope: Cluster
#restoreNamespaces: ["kube-system", "default", "restore-ns"]
#memory: 400Mi

For Helm v3

kind: TrilioVaultManager
triliovault: triliovault
name: triliovault-manager
namespace: default
trilioVaultAppVersion: v2.0.2
version: v3
applicationScope: Cluster
#restoreNamespaces: ["kube-system", "default", "restore-ns"]
#memory: 400Mi

In the CRD example below,restoreNamespaces is optional. To restrict restores to specific namespaces specify the namespaces for that field.

$ kubectl create -f triliovault-manager.yaml

6. List CR of TrilioVaultManager.

kubectl get triliovaultmanager
triliovault-manager v2.0.2 Cluster Deployed [kube-system default restore-ns]

7. List pods created by TrilioVaultManager CR are running

$ kubectl get pods
k8s-triliovault-admission-webhook-544b566979-4lw7q 1/1 Running 0 7d2h
k8s-triliovault-backend-5b79996f48-djzd4 1/1 Running 0 7d2h
k8s-triliovault-control-plane-78c7d589fb-d2829 1/1 Running 0 7d2h
k8s-triliovault-exporter-789c785968-vn7hf 1/1 Running 0 7d2h
k8s-triliovault-ingress-controller-54c55b58cf-vw7s7 1/1 Running 0 7d2h
k8s-triliovault-web-85d58df67b-jqnln 1/1 Running 0 7d2h

TrilioVault is now successfully installed on your cluster.