This section includes detailed instructions on how to install TrilioVault for Kubernetes on OpenShift and other certified Kubernetes Distributions.
Prerequisites for TrilioVault for Kubernetes
Before installing TrilioVault for Kubernetes please review the compatibility matrix to ensure the application can function smoothly in your Kubernetes environment.
Before proceeding, please ensure that the all CRDs associated with snapshots are available on the Kubernetes cluster. If they are not, please follow the instructions provided on the Hostpath CSI driver installation page to install the 3 CRDs only.
TrilioVault makes environment validation easy by providing a 'Pre-flight tool' that runs against a Kubernetes cluster and provides an output stating if the environment is suitable to proceed with a successful installation of the application. Please check the TrilioVault for Kubernetes Preflight check page to see the requirements of the application follow the instructions to run the Preflight tool.
TrilioVault leverages the default storage driver that is available on the Kubernetes platform and can function with RWO/RWX storage access mode.
Red Hat OpenShift
TrilioVault is available as a certified Operator in the embedded OperatorHub for OpenShift environments.
Trilio is currently working with RedHat to create a 'Data Protection' category within the embedded OperatorHub to host the TrilioVault for Kubernetes data protection application - the first in this space. Trilio is currently available in the Database, Monitoring, Security, Developer Tools categories
Within OpenShift, ensure the correct Project is selected.
Select OperatorHub in the left panel.
Either search by typing 'Trilio' or find TrilioVault for Kubernetes in any of these categories - Database/Monitoring/Security/Developer Tools
TrilioVault for Kubernetes within OpenShift OperatorHub
4. Select the TrilioVault for Kubernetes Tile
TrilioVault for Kubernetes Tile
If the TVK tile is not available within OperatorHub (which could happen because of pipeline issues), follow the instructions to install via a CustomCatalog Source
5. Click Install
6. Select if this is a cluster scope installation of TrilioVault or Namespaced only. Note, selecting cluster scope will install TrilioVault in all namespaces. Please refer to the RBAC section to understand the security-related roles and permissions created and leveraged by TrilioVault
7. Select the Approval Strategy for receiving updates - Automatic or Manual
8. Click Subscribe
Subscribe to TrilioVault for Kubernetes Operator
9. Confirm that TrilioVault for Kubernetes has been installed successfully.
Successful installation of TrilioVault for Kubernetes
TrilioVault for Kubernetes has been designed to support installation in a restricted or disconnected network as part of the OLM framework. Please follow the instructions from the OpenShift Documentation to install TVK in an offline environment
Follow the instructions in this section to Install TrilioVault for Kubernetes on any certified Kubernetes distributions.
This section assumes that you have installed kubectl and helm installed and correctly configured to work with desired Kubernetes cluster. TVK supports v3 version of helm.
As part of the install, Trilio first requires the Operator to be deployed, after which the application is deployed via the TrilioVault Manager (TVM) Resource created by the Operator. In order to understand the Operator version to Application version compatibility, refer to the TVM compatibility matrix
Add the Trilio Helm repository to your local setup
TrilioVault Manager is the instance of TrilioVault in your cluster
Create a file named triliovault-manager.yaml and copy-paste the contents from below into that file.
In the CRD example below, the management console is being configured to use a LoadBalancer with a hostname of trilio.co.usThe service type can be changed to nodePort and hostname to an FQDN that you prefer.
Please ensure that a DNS entry exists for the host FQDN that you provide.
TrilioVault is now successfully installed on your cluster.
Mirantis Kubernetes Engine
The install process is on the Mirantis Kubernetes Engine (MKE) exactly the same as Upstream Kubernetes with one additional step. This extra step is to align with the additional admission controllers that are shipped with MKE
Select the target: IBM Cloud Kubernetes Serviceon IBM Cloud
Select the Helm Chart for deployment method
Target and Deployment Method Selection
Screenshots don't reflect the the most recent version for TrilioVault for Kubernetes
3. Select your cluster running in IBM Cloud and deploy (screenshot)
Select Cluster to Deploy into
4. This will install the TrilioVault for Kubernetes Operator on your cluster.
5. To complete the install please refer to the following section and continue from 'Step 5' to install the TrilioVault Manager Application
TVK for Red Hat OpenShift on IBM Cloud
Once you have the Red Hat OpenShift cluster deployed on IBM Cloud. TrilioVault is available as a certified Operator in the embedded OperatorHub for OpenShift environments.
Rancher supports RKE (Rancher Kubernetes Engine) by default on Amazon EC2, Azure, Digital Ocean, Linode and vSphere. It also supports Amazon EKS, Azure AKS and Google GKE deployments out of the box.
TrilioVault for Kubernetes provides an operator as a Rancher Partner Chart for Kubernetes cluster deployments and it is present on the Rancher Apps & Marketplace. Here are the instructions to install TVK as a Rancher Partner Chart on RKE cluster deployment.
Note: TVK Operator deployment as Rancher Partner chart is supported only on Rancher server v2.5 and above.
TVK for RKE Cluster Deployment
Login to the Rancher Server web console
Rancher Server Web console and Cluster list
2. Select the RKE cluster deployment from the list of cluster deployments, click on the cluster name to view details
3. Click on the Cluster Explorer on top right corner to view all resources
Cluster explorer to view all resources
4. Click on the dropdown 'Cluster Explorer' on the top left corner and select 'Apps & Marketplace'
Apps & Marketplace
5. From the list of the Partner Charts type 'Trilio' in the filter to see TVK operator
TVK Operator as a Rancher Partner Chart
6. Click on the k8s-triliovault-operator to begin the Operator installation on the K8s cluster
7. You can select the desired namespace from the 'Namespace' dropdown list for the installation. Click on 'Install' button to start the installation. User can see the installation progress in terminal window
8. After the installation is complete, you can verify it from the list of 'Installed Apps'
Installed Apps showing k8s-triliovault-operator
9. Once the operator is installed, login to the k8s cluster and follow the TVK Manager installation steps from Upstream Kubernetes Steps 5 onwards.
Amazon (EKS), Azure (AKS) and Google (GKE) Kubernetes offerings all leverage upstream Kubernetes. As a result, the same installation instructions as provided for Upstream Kubernetes environments can be used for installing TVK into these clusters.
Eventually, TVK will be available as a service offering for all public cloud environments.