Use Kubernetes protection to safeguard containerized applications and virtual machines running on Kubernetes platforms. This approach is recommended when your workloads are managed through Kubernetes APIs and require application-consistent backups, cross-cluster recovery, or cyber resilience against ransomware and cluster failures.
Commvault provides Kubernetes-native data protection for virtual machines on platforms such as KubeVirt, Red Hat OpenShift Virtualization, and SUSE Harvester, as well as containerized applications.
To get started, choose what you want to protect:
-
Virtual machines on Kubernetes
-
Container applications
How Kubernetes protection works
Kubernetes protection uses Kubernetes APIs to discover applications, capture metadata, and coordinate storage-level snapshots through CSI drivers or storage integrations. Application configuration and persistent data are protected together to enable consistent restores across clusters.
Virtual machines running on Kubernetes are protected using the same Kubernetes-native workflows as container applications.
Note
Virtual machines protected through Kubernetes use Kubernetes APIs and storage integrations. This differs from hypervisor-based protection, such as VMware or Hyper-V.
What you can protect
Commvault protects Kubernetes workloads at the application, virtual machine, and cluster level.
Virtual machines in Kubernetes
-
Virtual machines running on Kubernetes-based virtualization platforms
-
Virtual machine disks
Container applications
-
Namespaces and applications managed through Kubernetes
-
Kubernetes resources such as Secrets, ConfigMaps, and StorageClasses
-
Helm-based applications, including configuration and annotations
-
Persistent storage resources, including PersistentVolumeClaims
Cluster-level data
etcd data and SSL certificates (on-premises environments and self-managed cloud environments only)
Backup storage
Commvault supports the following storage targets for Kubernetes backups:
-
Cloud storage (including Amazon S3, Azure Blob Storage, and S3-compatible storage)
-
HyperScale X scale-out storage
-
Disk storage (block, file, object)
Recovery and disaster recovery
You can restore and migrate Kubernetes workloads to meet operational and disaster recovery needs.
-
Restore applications or virtual machines to a previous point in time
-
Restore to the original cluster or a different cluster
-
Migrate applications across Kubernetes clusters and distributions
-
Recover from control plane failures using etcd snapshots (on-premises and self-managed cloud environments only)
-
Perform full cluster or namespace recovery after large-scale failures
-
Replicate backups to cloud or on-premises disaster recovery locations
Support boundaries and limitations
The following limitations apply to Kubernetes protection.
Not supported
-
Deprecated in-tree storage volume plug-ins
-
Temporary or ephemeral volumes such as emptyDir, hostPath, and local
-
Kubernetes PKI certificates stored in /etc/kubernetes/pki
-
Robin.io-bundled applications and metadata
-
Windows containers in Kubernetes
Restore limitations
-
Overwriting system namespaces such as kube-system, kube-node-lease, and kube-public
-
Restoring applications or namespaces to clusters running a different major Kubernetes version