Ontap

With the release of ONTAP 9.1 earlier this year it brought with it amongst many things NetApp Volume Encryption (NVE). This feature although offered $0 cost requires an additional license which needs to be generated by NetApp. On top of the NVE license NetApp also added a new license which is needed to enable the newly-integrated trusted platform modules (TPM). What is a TPM you may ask? By definition a TPM is, “A dedicated microcontroller designed to secure hardware by integrating cryptographic keys into devices”. When first reading about this I then wondered what platforms include the TPM module? Does every platform that support NVE have a TPM module? After a bit of digging I found that not every platform that supports NVE includes a TPM. The list below shows all platforms that currently have TPM modules integrated: ...

As folks adopt DevOps principals they are using common applications to help them get there. One of those is Docker and usually in the same sentence Kubernetes is mentioned next. To review, Docker is essentially a wrapper for Linux containers (LXC), which similar to FreeBSD jails or Solaris Zones, provides a method for applications (and their dependencies) to be isolated in separate namespaces all while sharing the host system’s kernel. Docker containers are extremely portable as they just need the host server to have a LXC-compatible kernel and the Docker application installed. Kubernetes takes this concept to the next level by automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. For a more detailed intro on what Kubernetes is check out the “Sources” section below. Now to the meat of the post, what is NetApp Trident and where does it fit in to the Docker/Kubernetes equation? Well according to NetApp Trident’s GitHub page, “Trident provides storage orchestration for Kubernetes, integrating with its Persistent Volume framework to act as an external provisioner for NetApp ONTAP, SolidFire, and E-Series systems. Additionally, through its REST interface, Trident can also provide storage orchestration for non-Kubernetes deployments.” In other words, Trident allows one to attach persistent storage from NetApp FAS, E-Series, or SolidFire system(s) to containers allowing applications such as databases to easily operate in a containerized environment. Below are the steps I compiled needed to not only stand up a small 3-node Kubernetes cluster but also to deploy the NetApp Trident plugin: ...