Ever wondered why your Kubernetes backups feel like a dirty secret tied to one vendor’s empire?
Broadcom’s move to donate Velero to the CNCF Sandbox hits that nerve dead-on. Velero—the slick tool for backing up, restoring, and migrating Kubernetes resources—now shakes off its VMware baggage. This isn’t some feel-good open source gesture. It’s a calculated pivot in the brutal world of enterprise cloud native stacks.
Look, Broadcom (post-VMware acquisition) has been Kubernetes royalty for years. They’re the top CNCF contributor, pumping code into the core project. But Velero? It lingered as this quasi-proprietary thorn. Enterprises whispered: Is this locked to vSphere? Will Broadcom yank the rug? No more. Sandbox status means community governance, voting, evolution—without Big Co. fingerprints.
Why Did Broadcom Donate Velero to CNCF Sandbox?
Simple. Trust.
Dilpreet Bindra, senior director of engineering at VMware by Broadcom, nailed it in a recent podcast: > “We really don’t want people to mistrust the open source project and believe that it’s somehow a VMware thing even though it hasn’t been a VMware thing for quite some time.”
And the community? They cheered. “Once we decided to donate Velero as a CNCF sandbox project, we got this resounding, ‘Yeah, this makes complete sense,’ when the community voted on it.”
Here’s the subtext—Broadcom’s playing 4D chess. Post-acquisition jitters linger. VMware’s Tanzu empire? Solid. But open source purity signals: We’re not trapping you. Use Velero anywhere—EKS, GKE, on-prem. It integrates with S3, Azure Blob, even Velero’s own plugins for vSphere snapshots. Architecture-wise, it’s a RESTic or Kubernetes CSI snapshotter under the hood, capturing etcd state, PVCs, configs. Donating it broadens that: Community plugins for exotic storage? Inevitable.
But wait—my unique take, absent from the PR spin: This echoes Red Hat’s CoreOS grab in 2018. They swallowed a darling, then open-sourced aggressively to rebuild cred. Broadcom’s doing the inverse—releasing to preempt lock-in fears. Prediction? Velero graduates to CNCF Incubating by 2026, mirroring Rook’s path. Why? Data protection’s the last unsolved Kubernetes puzzle. No backups, no adoption at scale.
Short para for punch: Enterprises win.
How Does Velero Actually Protect Kubernetes Data?
Velero’s no newbie. Born Heptio (pre-Tanzu), it’s backed zillions of clusters. Core flow? velero backup create hooks Kubernetes API server, serializes resources to tarballs, ships to object storage. Restores? Reverse it, with hooks for custom logic (say, draining pods pre-backup).
Deeper architecture shift: It decouples data protection from orchestration. Traditional backups? VM snapshots via vSphere—monolithic, slow for dynamic K8s. Velero’s cloud-native: Parallel backups via RESTic (deduped, encrypted), CSI for volume snaps. Broadcom extends this with vSphere integration, but now? Community owns it. Expect forks for OpenShift, k3s tweaks.
And the ‘why’ here—Kubernetes exploded (90% of Fortune 500 run it), but ops nightmare persists. Stateful apps? PVC sprawl? Disaster recovery? Half-baked. Velero fills that void, evolving from backup tool to full DR platform. Bindra hints: “I think it will help Velero evolve into the type of data protection solution, the industry standard data protector solution that we want it to be… we plan to use it even broader than its current definition.”
Broadcom’s stack—vSphere with Tanzu, Aria ops—tightens around this. Donate Velero? It pulls users into their ecosystem subtly. You’re ‘free,’ but their plugins shine brightest.
Skeptical aside: Is this altruism or ecosystem glue? Both. Call out the hype—Broadcom’s podcast frames it as pure benevolence. Nah. It’s defensive: CNCF’s pushing operators everywhere; control one project, influence the stack.
Why Does Velero’s CNCF Move Matter for Kubernetes Operators?
Picture this sprawl: You’re running 500-node clusters. Failover? Manual YAML hunts. Velero automates—cluster migration, even cross-cloud. Sandbox status accelerates that.
Architectural ripple: Kubernetes data protection was fragmented—Portworx, Kasten, Longhorn. Velero’s neutral ground. Community governance means battle-tested plugins (already 50+), no vendor tax. For devs? helm install velero everywhere. No more ‘but does it work on AKS?’
Bold prediction: In two years, Velero’s the de facto layer, like cert-manager for TLS. Why? Metrics scream it—10k+ GitHub stars, CNCF traction. Broadcom commits engineers anyway; they lose nothing, gain halo.
Critique time. Corporate spin says ‘foster trust.’ Fine. But underlying? Kubernetes fatigue. Orgs burn on Day 2 ops. Broadcom reduces overhead via lifecycle tools—Velero’s the hook. vSphere 8 integrates natively; it’s smoothly for their faithful.
One-sentence gut check: This cements Broadcom as the enterprise K8s kingpin.
Wander a bit: Remember when AWS donated EKS? Nah, they didn’t—proprietary forever. Broadcom’s flip builds moat through openness. Smart.
🧬 Related Insights
- Read more:
- Read more: Kubernetes’ Silent Engine Overhaul: kpromo Rewritten, Releases Unfazed
Frequently Asked Questions
What is Velero and why did Broadcom donate it to CNCF Sandbox?
Velero backs up and restores Kubernetes clusters declaratively. Broadcom donated it to kill ‘VMware-owned’ mistrust, handing governance to the community for broader adoption.
Does Velero replace traditional Kubernetes backup tools?
Not fully—it excels at resource-level and volume backups but pairs with CSI drivers for snaps. Ideal for migrations, DR across clouds.
Will this change Kubernetes data protection for Broadcom customers?
Enhances it. Velero stays in Tanzu/vSphere stacks with premium plugins, but now you’re future-proofed against vendor shifts.
