Sign in to my dashboard Create an account

NetApp Astra now provides Kubernetes ransomware protection with immutable backups

A boat in water

Share this page

 Sayan Saha photo
Sayan Saha

We’re excited to announce the latest update for the NetApp® Astra Control product family. In this update, we’ve introduced the ability to protect Kubernetes (K8s) applications with immutable backups for ransomware protection. We’ve also added support for Kubernetes applications that use ONTAP qtrees, enabling the protection of business-critical applications at massive scale.

Astra Control is an application-aware data management solution that protects, recovers, and moves data-rich Kubernetes workloads in public clouds and on premises. It enables data protection, disaster recovery, and mobility for Kubernetes workloads by using NetApp industry-leading data management technology for NetApp Snapshot copies, backups, replication, and cloning.

Astra Control is available as a fully managed software service or as self-managed software.

Let’s review the key functionality introduced for Astra Control in this release.

Ransomware protection with immutable backups

Kubernetes continues to grow as organizations deploy modern applications and refactor existing solutions. However, the bespoke nature of Kubernetes creates a challenge for organizations that run stateful applications and databases, because Kubernetes doesn’t provide data or ransomware protection. This creates an environment with an expanding attack vector and few tools that administrators can use to protect it.

To address this critical business need, NetApp has added application-aware ransomware protection to Astra. Astra makes it simple to leverage NetApp ONTAP® immutable Snapshot copies in on-premises and cloud deployments. Astra also protects Kubernetes application metadata, resources, and underlying data, providing complete data protection.

Using object storage with immutability policies enabled as a destination for storing backups, a ransomware attacker is prevented from deleting backups from Astra Control. Object storage WORM (write once, ready many) functionality and configured retention policies are available in NetApp StorageGRID® and hyperscaler (Azure, AWS, Google Cloud) native object storage services.

Support backup and restore of K8s applications with qtrees

Kubernetes workloads often use a large number of small persistent volumes (single to mid-double-digit gigabytes), which exceed the supported ONTAP volume limits. As customers scale their Kubernetes footprint, they have taken advantage of ONTAP qtrees through the Astra Trident ontap-nas-economy storage driver to provide the many persistent volumes that their applications require. A qtree is a logically defined file system that can exist as a special subdirectory of the root directory within a NetApp FlexVol® volume. However, qtrees don't support Snapshot® copies and cannot be cloned individually. Consequently, apps using qtrees can’t be protected effectively.

Until now, ONTAP customers could choose scalable storage (qtrees) or data-protection-enabled storage (NetApp FlexVol® volumes) for their Kubernetes applications requiring persistent storage. With this new release, you’ll be able to do both. You can now use Astra Control to backup and restore your stateful Kubernetes workloads that qtrees back. Consequently, you can run your business-critical Kubernetes applications on the persistent storage provided by qtrees, which Astra Control protects.

Hybrid data protection as a service and support for Red Hat OpenShift on AWS

Astra Control diagram
Hybrid data protection as a service for Red Hat OpenShift Service on AWS

Red Hat OpenShift Service on AWS (ROSA) is a fully managed, cloud-based container application platform that lets you rapidly build, deploy, and manage Kubernetes applications in the AWS Cloud.

Now, with Astra support of ROSA, you can protect and move your workloads on ROSA quickly and easily within and across AWS regions. If you use the fully managed Astra Control offering, you can also perform backup, disaster recovery, and migration of Kubernetes workloads across Red Hat OpenShift on premises backed by ONTAP, and on ROSA backed by Amazon FSx for NetApp ONTAP.

Get started with Astra today.

Sayan Saha

Sayan Saha is a product executive with open-source software product management experience spanning Linux-based platform software, containers, Kubernetes, high-availability/clustering software, virtualization, hyper-converged systems, and software-defined storage. At NetApp, he runs product management for Astra—a fully managed (SaaS) multihybrid cloud data management platform for Kubernetes applications. Before NetApp, he was a product management leader at AWS and Red Hat, where he led cloud file storage, distributed storage, and Kubernetes storage products.

View all Posts by Sayan Saha

Next Steps

Drift chat loading