March 17, 2023
We're excited to announce the general availability of the latest update of NetApp® Astra™ Control. This update adds support for private Azure Kubernetes Service (AKS) clusters, namespace-as-a-service operating model, hybrid cloud data services with NetApp Cloud Volumes ONTAP®, and VMware Tanzu.
This update of Astra Control is significant for customers who are supporting enterprise best practices for managing Kubernetes security and operating models, with more automation for complex real-world Kubernetes applications.
Astra Control is an application-aware data management solution that protects, recovers, and moves data-rich Kubernetes workloads in public clouds and on premises. It enables data protection, disaster recovery, and mobility for your Kubernetes workloads by leveraging NetApp's industry-leading data management technology for Snapshot™ copies, backups, replication, and cloning.
Astra Control has two variants—Astra Control Service (ACS) and Astra Control Center(ACC). Astra Control Service is a fully managed service (SaaS offering) operated by NetApp, while Astra Control Center offers the same data services functionality packaged as a self-managed software suite.
Let's review the new Astra Control functionality available in this release.
Deep Azure Kubernetes Service integration
In the last Astra Control update (released December 2021), we added support for Kubernetes applications using Azure Disk Storage. This update made it even easier to use Astra Control with AKS workloads by adding support for private AKS clusters and Azure Active Directory (AAD)-enabled AKS clusters.
With this update of Astra Control Service, you can protect and move applications hosted on private Azure Kubernetes Clusters (AKS) clusters. In a private AKS cluster, the control plane or API server has internal IP addresses that are defined in RFC1918 - Address Allocation for Private Internet . Using a private AKS cluster ensures that network traffic between your API server and your node pools remains on the private network only. Astra Control Service employs a new “connector” functionality to allow applications on private AKS clusters to be protected and moved securely.
Additionally, Astra Control Service now supports AAD-enabled AKS clusters, commonly deployed to manage users using Kubernetes clusters through Kubectl and other tools.
Enhanced Kubernetes application handling
Continuing our theme from the December 2021 release, which added support for Kubernetes applications that are deployed, managed, and scaled using operators, we have added the following application-handling capabilities to Astra Control.
Preserve owner references across restores and clones
Kubernetes uses owner references to track ownership relationships between resources. These relationships enable Kubernetes to perform garbage collection on owned resources when the owning resource is removed. For example, a Deployment resource might own a ReplicaSet resource, and that ReplicaSet resource might own one or more Pod resources. This release includes an update to Astra Control to automatically reestablish ownership relationships among cloned Kubernetes resources during the restore or cloning process. This update makes it easier to restore applications with complex resource dependency relationships without needing pre- or post-restore actions to adjust resource dependencies.
Speedy application discovery process
Thanks to enhancements to the application discovery process in this update, you will experience a faster application discovery process.
Expanded K8s resource handling
Astra Control now supports an extended set of K8s resources, including HorizontalPodAutoscaler, PodTemplate, CronJob, NetworkPolicy, Ingress, and PodDisruptionBudget, allowing you to protect a broader set of applications that use these resources.
Support for the namespace-as-a-service operating model
You can now use Astra Control for K8s clusters configured to provide namespace-as-a-service functionality where multiple application teams share a common Kubernetes cluster, and admins use namespaces to control access to resources by various application teams.
Before this update, all Astra Control users (except for those with a Viewer role) were able to create and access new namespaces within a cluster during an application restore or a clone operation with no restriction. You can now control this behavior to match the access rights of the users on the original Kubernetes cluster. For example, a Kubernetes admin can now restrict users with a Member role from Application team A (allowed to access namespace N1) to only backup and restore applications within namespace N1. Similarly, users with the Viewer role from Application team A can only view resources within namespace N1.
Hybrid cloud data services with Cloud Volumes ONTAP support
Astra Control now supports Cloud Volumes ONTAP as a persistent storage provider. Now, with existing ONTAP and newly added Cloud Volumes ONTAP support, you can protect, clone, and migrate your K8s apps across your hybrid and multicloud deployments.
VMware Tanzu Kubernetes Grid support
One of the core design tenets of Astra Control is to provide application-aware data management to all K8s apps regardless of the K8s platform they are running on. With this release you can move and protect your apps on VMware Tanzu Kubernetes Grid (TKG) and Tanzu Kubernetes Grid Integrated (TKGI) editions.
This update of Astra Control is significant in supporting customer best practices for managing Kubernetes security and operating models (private clusters, Azure AD, namespace-as-a-service), more automated handling of complex real-world Kubernetes applications, hybrid cloud data services with ONTAP and Cloud Volumes ONTAP, and broader ecosystem support with VMware Tanzu Kubernetes Grid.
Learn more on the Astra Control product page .
Free trials are available for both Astra Control Service and Astra Control Center. Sign up to get started today.