Trident - Azure Linux Servicing Agent

Trident is an OS lifecycle agent designed primarily for Azure Linux. It supports installation and provisioning of bare-metal hosts, as well as A/B-style atomic updates and runtime configuration for both bare-metal and virtual machines.

Trident is built around its Host Configuration API, a declarative YAML-based interface that defines the desired state of a machine across storage, OS, networking, and firmware layers. Trident performs image-based atomic installation and updates using compressed, minimized OS images to ensure consistency and reliability across deployments. Trident emphasizes security and robustness, while reducing the downtime during servicing operations.

What can Trident do?

Trident offers a comprehensive set of capabilities for OS installation and servicing.

Installation Features:

• Disk partitioning and formatting using the GUID Partition Table (GPT).
• Creation of software RAID arrays, including support for ESP redundancy.
• Provisioning of encrypted volumes, with optional PCR sealing.
• DM-verity integration for root and /usr filesystems.
• Adoption of existing partitions and filesystems (preview).
• Multiboot support for side-by-side installation of multiple OS images (preview).

Installation and Servicing Features:

• Deployment of compressed, minimized OS images in COSI format from local files, HTTPS sources, or OCI registries.
• Bootloader configuration, supporting both grub2 and systemd-boot.
• OS configuration management, including network settings, hostname, user accounts, SSH, and SELinux policies.
• Execution of user-provided scripts for custom OS image modifications.
• Reliable rollback to the previous OS version in case of servicing issues.
• Unified Kernel Image (UKI) support (preview).

Trident supports servicing both bare-metal hosts and virtual machines.

Trident runs on both x86_64 and aarch64 architectures.

Please consult Feature Matrix for more details.

How can I get started?

Found an issue or missing a feature?

If you found a bug or want to request a feature, please file an issue in the Trident GitHub repository.

Try out Trident

Do you want to author a sample Host Configuration?

You can start with the Writing a Simple Host Configuration tutorial.

Do you want to deploy a bare-metal host?

You can start with the Perform a Clean Install tutorial.

Do you want to make sure the VM image you built with Image Customizer is ready for servicing?

You can start with the Onboard a VM to Trident tutorial.

Do you want to update a bare-metal host or a virtual machine?

You can start with the Performing an A/B update tutorial.

Contribute to Trident

Trident is an open source project and we welcome contributions. If you want to contribute, please check out the contributing guide.

Do you want to learn more?

• Background
• What is Trident?
• How does Trident work?
• How do I interact with Trident?
• Future developments