Protecting Kubernetes with Metallic


Metallic provides granular, application-centric, Kubernetes-native protection (backup and restore), and application mobility (recovery and migration) for containerized applications. Metallic protects Kubernetes data, including persistent volumes, for all CNCF-certified Kubernetes distributions.

Metallic has extensive support for Kubernetes applications, distributions, and storage:

With the following Metallic features, you have the flexibility to use the Kubernetes distribution and deployment locations that are best for your organization and to scale and adjust technology and environments over time:

  • Flexibility in deployment:

    • Fully managed cloud services (Azure AKS, Amazon EKS, Google GKE)

    • Self-built on fully managed cloud infrastructures (Azure VM, Amazon EC2, Google VM)

    • Self-built on-premises

  • Auto-discovery and protection of Kubernetes applications by namespace or label selector—for integration between development and operations—or granular selection by name, label, or volume

  • Application-consistent snapshots of PersistentVolumes by using pre- and post-execution scripts, with scripts provided for common applications such as MySQL and PostgreSQL (supported only for on-premises backup gateways)

  • An exception-based approach to data protection that uses SLA-based plans, artificial intelligence, and machine learning to automate backup, replication, and retention according to business policy

  • A multi-petabyte, scalable, distributed, modern architecture that protects all your Kubernetes clusters, regardless of location

  • A self-service administrative portal with single-sign on (SSO), role-based access controls (RBAC), and encryption

  • Fully programmable with REST APIs and extensive workflow engine for integration with orchestration systems and automated deployment practices

Backup and Restore

Data You Can Back Up

  • Kubernetes-orchestrated clusters, including namespaced and non-namespaced API resources and objects

  • Applications, which includes supported API resources/objects (such as Secrets, ConfigMaps, Namespaces, and StorageClasses) that can be listed, created, or re-created using the Kubernetes API server

  • Annotations on Pods, DaemonSets, Deployments, and StatefulSets

  • Helm chart-based applications, including helm configuration and annotations (supported only for on-premises backup gateways)

  • Configuration-related volumes (configMap, downwardAPI, projected, secret)

  • Persistent storage objects (PersistentVolumeClaims, PersistentVolumes), including CSI-enabled out-of-tree volume plug-ins

  • PersistentVolumeClaim volumes created from a VolumeSnapshotClass

  • Container image registries (containerized, virtualized)

  • etcd Kubernetes backing store and SSL certificates (on-premises environments and self-managed cloud environments only)

Data You Cannot Back Up

Backups You Can Perform

  • Full backups

  • Incremental backups

Data You Cannot Restore

  • System namespaces (kube-system, kube-node-lease, kube-public) that have the overwrite option enabled

  • Namespaces that provide system-level shared services (such as ceph-rook, calico-apiserver, calico-system)

  • Annotations on API resources/objects, excluding Pods, DaemonSets, Deployments, and StatefulSets

  • Out-of-place application or namespace recovery (another namespace, another cluster) of helm chart-deployed applications

  • Out-of-place application or namespace recovery to another Kubernetes cluster that is running a different major revision than the source cluster

  • Out-of-place application recovery with API resources/objects that have cluster-specific networking configuration (Endpoints, EndpointSlices, Services, Ingresses)

Application Recovery and Migration

Restores You Can Perform

  • Restore a complete application to a previous point in time, to the original cluster or a different cluster

    You can restore an application out of place to any Kubernetes cluster that is added to Metallic, for application migration or disaster recovery. You can migrate Kubernetes applications between different Kubernetes distributions, clusters, and StorageClasses. Metallic requires the source and destination cluster to use the same major release of Kubernetes. For example, you can restore Kubernetes 1.23 to Kubernetes 1.23.

  • Restore application files to the following:

    • The original PersistentVolumeClaim

    • A different PersistentVolumeClaim

    • An backup gateway file system (supported only for on-premises backup gateways)

  • Restore application manifests to an backup gateway file system (supported only for on-premises backup gateways)

  • Restore a complete application with associated persistent data volumes to a different storage class, for a storage lifecycle, cluster consolidation, or cluster separation

  • Restore control plane etcd snapshot and SSL certificates (on-premises environments and self-managed cloud environments only)

Destinations You Can Back Up To