Trident is a declarative, security-first OS lifecycle agent designed primarily for Azure Linux. It supports clean installation and provisioning of bare-metal nodes, as well as A/B-style updates and runtime configuration for both bare-metal and virtual machines.
At the heart of Trident is its Host Configuration API, a declarative YAML-based interface that defines the desired state of a machine across storage, OS, networking, and firmware layers.
Trident supports a wide range of lifecycle and configuration capabilities:
- ✅ Disk partitioning and imaging
- ✅ RAID configuration
- ✅ Encrypted volumes with TPM/PCR support
- ✅ dm-verity support
- ✅ A/B update
- ✅ Bootloader configuration
- ✅ Networking configuration
- ✅ User management
- ✅ SELinux configuration
- ✅ Custom hooks
- ✅ ...and more
Read the Official Documentation for comprehensive guidance on installation, configuration, and usage.
For detailed information about contributing to this project please read the contributing guide.
Have questions, found a bug, or need a new feature? Open an issue in our GitHub repository.
For security issues, please see the security policy.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.