v24.10.0

Changes since v24.06.0

Coming soon: Trident’s new features for Kubernetes-native:

• Data protection
• Disaster recovery
• Application mobility
• Data migration

You are required to install the new Trident protect module to unlock these capabilities.

Fixes:

• Added support for Windows Server 2019.
• Kubernetes: Fixed Rancher admission webhook preventing Trident Helm installations (Issue #839).
• Kubernetes: Fixed Affinity key in Helm chart values (Issue #898).
• Kubernetes: Fixed tridentControllerPluginNodeSelector/tridentNodePluginNodeSelector won't work with "true"
  value (Issue #899).
• Kubernetes: Delete ephemeral snapshots created during cloning (Issue #901).
• Fixed go mod tidyin Trident repo (Issue #767).

Enhancements:

• Kubernetes: Added new flag --k8s_api_qps to installers to set the QPS value used by Trident to communicate
  with the Kubernetes API server.
• Kubernetes: Added --node-prep flag to installers for automatic management of storage protocol dependencies
  on Kubernetes cluster nodes. Tested and verified compatibility with Amazon Linux 2023 iSCSI storage protocol.
• Kubernetes: Added support for force detach for ONTAP-NAS-Economy NFS volumes during Non-Graceful Node Shutdown
  scenarios.
• Kubernetes: New ONTAP-NAS-Economy NFS volumes will use per-qtree export policies when using autoExportPolicy
  backend option. Qtrees will only be mapped to node restrictive export policies at time of publish to improve
  access control and security. Existing qtrees will be switched to the new export policy model when Trident
  unpublishes the volume from all nodes to do so without impacting active workloads.
• Google Cloud NetApp Volumes driver is now generally available for NFS volumes and supports zone-aware provisioning.
• GCP Workload Identity will be used as Cloud Identity for Google Cloud NetApp Volumes with GKE.
• Added formatOptions configuration parameter to ONTAP-SAN and ONTAP-SAN-Economy drivers to allow users to specify LUN format options.
• Reduced Azure NetApp Files minimum volume size to 50 GiB. Azure new minimum size expected to GA in November.
• Added denyNewVolumePools configuration parameter to restrict ONTAP-NAS-Economy and ONTAP-SAN-Economy drivers to
  preexisting Flexvol pools.
• Added detection for the addition or removal of aggregates from the SVM across all ONTAP drivers.
• Added 18 MiB overhead for iSCSI LUKS LUNs to ensure reported PVC size is usable.
• Improved node stage and unstage error handling for iSCSI ONTAP-SAN and ONTAP-SAN-Economy to allow unstage to remove devices.
• Added a custom role generator allowing customers to create a minimalistic role for Trident in ONTAP.
• Added additional logging for troubleshooting lsscsi (Issue #792).

Experimental Enhancements:

• Added tech preview for Fibre Channel support on ONTAP-SAN driver.

Deprecations:

• Kubernetes: Updated minimum supported Kubernetes to 1.25.
• Kubernetes: Removed support for Pod Security Policy.

v24.06.1

Changes since v24.06.0

Enhancements:

• Kubernetes: Added support for Kubernetes 1.30.

Fixes:

• Added support for Windows Server 2019.

v24.06.0

Changes since v24.02.0

• IMPORTANT: The 'limitVolumeSize' parameter now limits qtree/LUN sizes in the ONTAP economy drivers. Use the new 'limitVolumePoolSize'
  parameter to control Flexvol sizes in those drivers. (Issue #341).

Known Issues:

• IMPORTANT: Support for Windows Server 2019 has been removed, and Trident will not install on nodes running this version. If your cluster includes Windows Server 2019 nodes, please refrain from upgrading to Astra Trident 24.06. Support will be reinstated in a future release.

Fixes:

• Fixed Trident installation failures due to stale transactions.
• Fixed tridentctl to ignore warning messages from Kubernetes (Issue #892).
• Changed Trident controller SecurityContextConstraint priority to 0 (Issue #887).
• ONTAP drivers now accept volume sizes below 20MiB (Issue#885).
• Prevent shrinking of Flexvols during resize operation for the ONTAP-SAN driver.
• Fixed ANF volume import failure with NFS v4.1.

Enhancements:

• Kubernetes: Trident DaemonSet will now clean zombie mounts and residual tracking files at startup (Issue #883).
• Kubernetes: Added PVC annotation trident.netapp.io/luksEncryption for dynamically importing LUKS volumes (Issue #849).
• Kubernetes: Added topology awareness to ANF driver.
• iSCSI self-healing will now initiate SCSI scans by exact LUN ID if deprecated igroups are in use (Issue #883).
• Operations such as Clone and Resize are now allowed even when the backend is in suspended mode.
• User-configured log settings for the Trident controller can now be propagated to Trident node pods.
• Trident defaults to use REST instead of ZAPI for ONTAP versions 9.15.1 and later.
• Added support for custom volume names and metadata (labels) on the ONTAP storage backends.
• Added tech preview driver for Google Cloud NetApp Volumes.
• Enhanced the azure-netapp-files (ANF) driver to automatically enable the snapshot directory by default when the NFS mount options are set to use NFS version 4.x.
• Added Bottlerocket support for NFS volumes.

Deprecations:

• Removed support for EOL Windows server 2019.

v24.02.0

Changes since v23.10.0

Fixes:

• Fixed ACP warning messages when ACP is not enabled (Issue #866).
• Added a 10-second delay before performing a clone split during snapshot delete for ONTAP drivers, when a clone is associated with the snapshot.

Enhancements:

• Kubernetes: Added support for Kubernetes 1.29.
• Added ability to configure and disable iSCSI self-healing (Issue #864).
• Added support for Cloud Identity.
  • AKS with ANF - Azure Workload Identity will be used as Cloud Identity
  • EKS with FSxN - AWS IAM role will be used as Cloud Identity
• Added FSx personality to ONTAP drivers to enable integration with IAM and SecretsManager, and to enable Trident to delete FSx volumes with backups (Issue #453).
• Trident can be installed as an EKS add-on via the EKS console.

Deprecations:

• Removed in-toto attestations framework from multi-platform image manifests.

Known Issues:

• Helm: The trident-autosupport image in the Helm chart was not updated to 24.02. To use the 24.02 ASUP image add --set tridentAutosupportImageTag=24.02 to the helm install command. A fix will be included in the next patch release. Note: there will not be a patch release for 24.02, this will be fixed in the next release, 24.06.

v23.10.0

Changes since v23.07.0

Fixes:

• Fixed volume expansion if a new requested size is smaller than the total volume size for ontap-nas and ontap-nas-flexgroup storage drivers (Issue #834).
• Fixed volume size to display only usable size of the volume during import for ontap-nas and ontap-nas-flexgroup storage drivers (Issue #722).
• Fixed FlexVol name conversion for ONTAP-NAS-Economy.
• Fixed Trident initialization issue on a windows node when node is rebooted.

Enhancements:

• Kubernetes: Added support for Kubernetes 1.28.
• Added support for using Azure Managed Identities (AMI) with azure-netapp-files storage driver.
• Added support for NVMe over TCP for the ONTAP-SAN driver.
• Added ability to pause the provisioning of a volume when backend is set to suspended state by user (Issue #558).

Other advanced storage management/provisioning/access features available in Astra Control include:

• Read-only clones
• Snapshot Restore
• Support for Kerberos in-flight encryption
• Volume Replication

Please refer to Astra Control Documentation for details on these features.

Deprecations:

• Kubernetes: Updated minimum supported Kubernetes to 1.23.

v23.07.1

Changes since v23.07.0

Fixes:

• Kubernetes: Fixed daemonset deletion to support zero-downtime upgrades (Issue #740).

v23.07.0

Changes since v23.04.0

Fixes:

• Kubernetes: Fixed Trident upgrade to disregard old pods stuck in terminating state (Issue #740).
• Kubernetes: Added toleration to "transient-trident-version-pod" definition (Issue #795).
• Fixed ONTAP ZAPI requests to ensure LUN serial numbers are queried when getting LUN attributes to identify and fix ghost iSCSI devices during Node Staging operations.
• Fixed error handling in storage driver code (Issue #816).
• Fixed quota resize when using ONTAP drivers with use-rest=true.
• Fixed LUN clone creation in ontap-san-economy.
• Revert publish info field from rawDevicePath to devicePath; added logic to populate and recover (in some cases)
  devicePath field.

Enhancements:

• Kubernetes: Added support for importing pre-provisioned snapshots.
• Kubernetes: Minimized deployment and daemonset linux permissions (Issue #817).
• No longer reporting the state field for "online" volumes and snapshots.
• Updates the backend state if the ONTAP backend is offline (Issues #801, #543).
• LUN Serial Number is always retrieved and published during the ControllerVolumePublish workflow.
• Added additional logic to verify iSCSI multipath device serial number and size.
• Additional verification for iSCSI volumes to ensure correct multipath device is unstaged.

Experimental Enhancements:

• Added tech preview support for NVMe over TCP for the ONTAP-SAN driver.

Deprecations:

• Kubernetes: Removed support for v1beta1 snapshots.
• Kubernetes: Removed support for pre-CSI volumes and storage classes.
• Kubernetes: Updated minimum supported Kubernetes to 1.22.

v23.04.0

Changes since v23.01.0

• IMPORTANT: Force volume detach for ONTAP-SAN-* volumes is only supported with Kubernetes versions which have enabled the Non-Graceful Node Shutdown feature gate.
  Force detach must be enabled at install time via --enable-force-detach Trident installer flag.

Fixes:

• Fixed Trident Operator to use IPv6 localhost for installation when specified in spec.
• Fixed Trident Operator cluster role permissions to be in sync with the bundle permissions (Issue #799).
• Fixed issue with attaching raw block volume on multiple nodes in RWX mode.
• Fixed FlexGroup cloning support and volume import for SMB volumes.
• Fixed issue where Trident controller could not shut down immediately (Issue #811).
• Added fix to list all igroup names associated with a specified LUN provisioned with ontap-san-* drivers.
• Added a fix to allow external processes to run to completion.
• Fixed compilation error for s390 architecture (Issue #537).
• Fixed incorrect logging level during volume mount operations (Issue #781).
• Fixed potential type assertion error (Issue #802).

Enhancements:

• Kubernetes: Added support for Kubernetes 1.27.
• Kubernetes: Added support for importing LUKS volumes.
• Kubernetes: Added support for ReadWriteOncePod PVC access mode.
• Kubernetes: Added support for force detach for ONTAP-SAN-* volumes during Non-Graceful Node Shutdown scenarios.
• Kubernetes: All ONTAP-SAN-* volumes will now use per-node igroups. LUNs will only be mapped to igroups while actively
  published to those nodes to improve our security posture. Existing volumes will be opportunistically switched to
  the new igroup scheme when Trident determines it is safe to do so without impacting active workloads (Issue #758).
• Kubernetes: Improved Trident security by cleaning up unused Trident-managed igroups from ONTAP-SAN-* backends.
• Added support for SMB volumes with Amazon FSx to the ontap-nas-economy and ontap-nas-flexgroup storage drivers.
• Added support for SMB volumes with on-prem to the ontap-nas, ontap-nas-economy and ontap-nas-flexgroup storage drivers.
• Added support for creation of SMB shares through Trident for on-prem and Amazon FSx.
• Added support for linux/arm64 nodes (Issue #732).
• Improved Trident shutdown procedure by deactivating API servers first (Issue #811).
• Added cross-platform build support for Windows and linux/arm64 hosts to Makefile; see BUILD.md.

Deprecations:

• Kubernetes: Backend-scoped igroups will no longer be created when configuring ontap-san and ontap-san-economy drivers (Issue #758).

v23.01.1

Changes since v23.01.0

Fixes:

• Fixed Trident Operator to use IPv6 localhost for installation when specified in spec.
• Fixed Trident Operator cluster role permissions to be in sync with the bundle permissions (Issue #799).
• Added a fix to allow external processes to run to completion.
• Fixed issue with attaching raw block volume on multiple nodes in RWX mode.
• Fixed FlexGroup cloning support and volume import for SMB volumes.

v23.01.0

Changes since v22.10.0

• IMPORTANT: Kubernetes 1.26 is now supported in Trident. Please upgrade Trident prior to upgrading Kubernetes.

Fixes:

• Kubernetes: Added options to exclude Pod Security Policy creation to fix Trident installations via Helm (Issues #783, #794).

Enhancements

• Kubernetes: Added support for Kubernetes 1.26.
• Kubernetes: Improved overall Trident RBAC resource utilization (Issue #757).
• Kubernetes: Added automation to detect and fix broken or stale iSCSI sessions on host nodes.
• Kubernetes: Added support for expanding LUKS encrypted volumes.
• Kubernetes: Added credential rotation support for LUKS encrypted volumes.
• Added support for SMB volumes with Amazon FSx to the ontap-nas storage driver.
• Added support for NTFS permissions when using SMB volumes.
• Added support for storage pools for GCP volumes with CVS service level.
• Added support for optional use of flexgroupAggregateList when creating FlexGroups with the ontap-nas-flexgroup storage driver.
• Improved performance for the ontap-nas-economy storage driver when managing multiple FlexVols.
• Enabled dataLIF updates for all ONTAP NAS storage drivers.
• Updated the Trident Deployment and DaemonSet naming convention to reflect the host node OS.

Deprecations:

• Kubernetes: Updated minimum supported Kubernetes to 1.21.
• Data LIFs should no longer be specified when configuring ontap-san or ontap-san-economy drivers.