Sign in to my dashboard Create an account

Astra makes Kubernetes application data protection extensible and customizable

Woman standing at head of table, addressing a group of working people
Table Of Contents

Share this page

 Sayan Saha photo
Sayan Saha

We’re excited to announce the general availability of the latest update for the NetApp® Astra™ Control product family. In this update, we’ve introduced the ability to protect Kubernetes (K8s) applications that span multiple namespaces with custom resources, enabling you to protect and upgrade your most complex and diverse applications quickly and easily.

Astra Control is an application-aware data management solution that protects, recovers, and moves data-rich Kubernetes workloads in public clouds and on premises. It enables data protection, disaster recovery, and mobility for Kubernetes workloads by using NetApp’s industry-leading data management technology for snapshots, backups, replication, and cloning.

Astra Control has two variants: Astra Control Service and Astra Control Center. Astra Control Service is a fully managed software-as-a-service (SaaS) offering operated by NetApp, whereas Astra Control Center offers the same data management functionality, packaged as a self-managed software suite.

Let’s review the key functionality introduced for Astra Control in this release.

Flexible and rich Kubernetes application definition functionality

The Kubernetes API doesn’t define the concept of an “application,” but Astra does, allowing you to quickly group entities and resources you want to protect as an independent unit. Until now, Astra auto-detected your applications on a K8s cluster and allowed you to create applications with namespace-scoped resources and custom resources based on the Astra single-namespace-centric application definition. With this update, you can create applications by grouping an arbitrary number of namespaces and a select set of cluster wide resources, including custom resource definitions (CRDs). This means you can now use Astra’s application definition framework to match your complex K8s workloads. Besides data protection, this feature is useful for other use cases. To support blue-green upgrade strategies, you can collectively migrate or move several namespaces by “selecting all” namespaces and cloning them to an alternate Kubernetes cluster.

Namespace grouping

You can now create K8s applications to include more than one namespace. So, to protect an end-user-consumable service that spans multiple namespaces, you can set a single application data protection policy for all included namespaces that provide the service. For example, you can group namespaces that implement logging, messaging, and business logic together as one application to protect. The following screenshot captures the functionality:

Screenshot of namespace grouping

Enhanced cluster-scoped resource handling

Until now, Astra detected and protected the cluster-scoped resources, including CRDs that use the custom resources embedded in the namespace of the application managed by Astra. With this update, you can add arbitrary CRDs and additional instances of supported cluster-scoped resources to match your application needs. The following screenshot shows this functionality:

Screenshot of application cluster resources

Multiple apps per namespace through labels and label selectors

We’ve made it easier to use Kubernetes labels and label selectors to define apps that share a subset of the resources within a namespace. You can label the resources appropriately and then use a label selector to group resources that you want to protect or move (as a part of an upgrade or migration procedure). Support for labels and label selectors provides a lot of flexibility, offering you a powerful application definition framework for all your K8s workloads.

Multiple projects, subscriptions, or accounts within a single Astra Control Service account

With Astra Control Service, K8s applications can now fail over across clusters that are hosted in separate projects (Google Cloud), subscriptions (Azure), or accounts (AWS). This feature allows you to create clusters in distinct Astra cloud instances that map to projects, subscriptions, or accounts; add them to Astra; and restore or clone applications among them. Support for multiple projects, subscriptions, or accounts in one Astra account enables you to separate responsibility requirements across infrastructure teams. You can address cloud providers’ quota limits on a single project, subscription, or account by spreading your clusters.

Purchase Astra Control Service on AWS Marketplace

Astra Control Service is now available to purchase through the AWS Marketplace with a “term” subscription. Ask your sales team for full details, or email The unit we meter for billing purposes is now a protected namespace instead of a protected app. This new billing model charges only for the total number of namespaces protected, independent of the number of apps.

Active Directory/LDAP integration

Astra Control Center now provides an option to integrate with Lightweight Directory Access Protocol (LDAP) servers to streamline the user authentication process and automate administrative tasks such as creating users, assigning roles, and adding constraints. LDAP is an industry-standard protocol for accessing distributed directory information and a popular choice for enterprise authentication. LDAP integration allows Astra to use your existing LDAP server as the primary source of user data.

Self-managed K8s support

Astra Control Service now supports self-managed K8s platforms like OpenShift Container Platform, Rancher Kubernetes Engine, and upstream Kubernetes in addition to fully managed Kubernetes services in the public cloud (Google Kubernetes Service, Azure Kubernetes Service, and Amazon EKS). So, you can use the fully managed service to protect workloads on a broader set of Kubernetes platforms.

Learn more

Sayan Saha

Sayan Saha is a product executive with open-source software product management experience spanning Linux-based platform software, containers, Kubernetes, high-availability/clustering software, virtualization, hyper-converged systems, and software-defined storage. At NetApp, he runs product management for Astra—a fully managed (SaaS) multihybrid cloud data management platform for Kubernetes applications. Before NetApp, he was a product management leader at AWS and Red Hat, where he led cloud file storage, distributed storage, and Kubernetes storage products.

View all Posts by Sayan Saha

Next Steps

Drift chat loading