Skip to content

One of the great things about Kubernetes is that it can provide consistent container orchestration on any infrastructure, on any platform, from the largest cloud providers to single-node edge clusters, and everything in between. While we can run Kubernetes containers consistently everywhere, shouldn’t we also have consistency at the storage layer, as well?

Ondat (formerly StorageOS) is stepping up to provide a completely software-defined containerized cloud native storage layer that can run on the same infrastructure as K8s worker nodes, to provide consistency at the data layer from the cloud to the edge. Some of the key benefits from Ondat storage include replication for high availability, encryption at rest, rapid failover, and high –performance, all while being lightweight and simple to deploy.

How Ondat works under the covers

Ondat aggregates storage across nodes in a cluster into a pool. It allows volumes to be dynamically provisioned from the pool and for containers to mount those volumes from anywhere in the cluster. Ondat transparently redirects reads and writes to the appropriate volume, so the container is unaware of whether it is accessing local storage or remote storage. The Ondat CSI provisioner makes dynamic PVC provisioning a snap. Volumes are thin provisioned to avoid consuming disk space unnecessarily.


Image Source:

Version 2.8 of Ondat, which recently became GA, was the release that added the necessary capabilities to support backup and restore with Kasten K10, namely the additional capability for CSI-based snapshots. Let’s jump into a walkthrough of getting an Ondat cluster up and running with the new release of Kasten K10. Keep reading , as there are a few caveats with the new snapshot capabilities on Ondat 2.8 that will affect how we create protection policies with Kasten K10.

 Getting Started with Ondat – A Simple Walkthrough

Getting started with Ondat storage is pretty simple. First, check out the Ondat prerequisites for your favorite Kubernetes distro over at to make sure your cluster is ready to go.

Once your cluster is prepared, head over to and create your free Ondat portal account , then log in.


Click on the “Install Ondat on your cluster” button.

Select your Kubernetes distro.


You will then be presented with the Helm3 install commands (or optionally the commands for Ondat’s own StorageOS CLI tool).


Once you’ve run your Helm commands, issue the following kubectl commands to inspect Ondat’s resources. The core components should all be in a RUNNING status when you’re good to proceed.

kubectl get all --namespace=storageos
kubectl get all --namespace=storageos-etcd
kubectl get storageclasses | grep "storageos"

If all is well, the output should be similar to this:

root@localhost:~# kubectl get all --namespace=storageos
NAME                                                   READY   STATUS   RESTARTS     AGE
pod/ondat-ondat-operator-598d76b589-mpwhg              2/2     Running   0             2m19s
pod/storageos-api-manager-7b54d4f855-jkshz             1/1     Running   0             69s
pod/storageos-api-manager-7b54d4f855-sxp4j             1/1     Running   0             69s
pod/storageos-csi-helper-799556597-pkxnl               4/4     Running   0             69s
pod/storageos-etcd-0-9fbdn                             1/1     Running   0             106s
pod/storageos-etcd-1-mr5kj                             1/1     Running   0             102s
pod/storageos-etcd-2-lczc6                             1/1     Running   0             95s
pod/storageos-etcd-controller-manager-55c64856-kxbhm   1/1     Running   0             2m19s
pod/storageos-etcd-controller-manager-55c64856-l5mh5   1/1     Running   0             2m19s
pod/storageos-etcd-proxy-66fbc965d8-vhfh9              1/1     Running   0             2m19s
pod/storageos-node-5nrbt                               3/3     Running   2 (81s ago)   119s
pod/storageos-node-8szsp                               3/3     Running   1 (84s ago)   119s
pod/storageos-node-928vt                               3/3     Running   2 (80s ago)   119s
pod/storageos-node-vlmqt                               3/3     Running   2 (79s ago)   119s
pod/storageos-node-xdzn4                               3/3     Running   2 (79s ago)   119s
pod/storageos-portal-manager-778f9bfcf-64jnl           2/2     Running   2 (51s ago)   69s
pod/storageos-scheduler-64594b976-78qcz                1/1     Running   0             2m7s
NAME                                   TYPE       CLUSTER-IP       EXTERNAL-IP   PORT(S)                     AGE
service/storageos                      ClusterIP     <none>       5705/TCP                     119s
service/storageos-api-manager-metrics  ClusterIP     <none>       8080/TCP                     69s
service/storageos-etcd                 ClusterIP  None             <none>       2379/TCP,2380/TCP,2381/TCP   2m3s
service/storageos-etcd-proxy           ClusterIP   <none>       80/TCP                      2m19s
service/storageos-operator             ClusterIP   <none>       8443/TCP                     2m19s
service/storageos-operator-webhook     ClusterIP   <none>       443/TCP                     2m19s
service/storageos-portal-manager       ClusterIP   <none>       8443/TCP                     70s
service/storageos-webhook              ClusterIP     <none>       443/TCP                     69s
daemonset.apps/storageos-node   5         5         5       5           5           <none>         2m
NAME                                               READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/ondat-ondat-operator               1/1     1           1           2m20s
deployment.apps/storageos-api-manager              2/2     2           2           70s
deployment.apps/storageos-csi-helper               1/1     1            1           70s
deployment.apps/storageos-etcd-controller-manager  2/2     2           2           2m20s
deployment.apps/storageos-etcd-proxy               1/1     1           1           2m20s
deployment.apps/storageos-portal-manager           1/1     1           1           71s
deployment.apps/storageos-scheduler                1/1     1           1           2m8s
NAME                                                        DESIRED   CURRENT   READY   AGE
replicaset.apps/ondat-ondat-operator-598d76b589             1         1         1       2m20s
replicaset.apps/storageos-api-manager-7b54d4f855            2         2         2       70s
replicaset.apps/storageos-csi-helper-799556597              1         1         1       70s
replicaset.apps/storageos-etcd-0                            1         1         1       107s
replicaset.apps/storageos-etcd-1                            1         1         1       103s
replicaset.apps/storageos-etcd-2                            1        1         1       96s
replicaset.apps/storageos-etcd-controller-manager-55c64856  2         2         2       2m20s
replicaset.apps/storageos-etcd-proxy-66fbc965d8             1         1         1       2m20s
replicaset.apps/storageos-portal-manager-778f9bfcf           1         1         1       70s
replicaset.apps/storageos-scheduler-64594b976               1         1         1       2m8s
root@localhost:~# kubectl get all --namespace=storageos-etcd
No resources found in storageos-etcd namespace.
root@localhost:~# kubectl get storageclasses | grep "storageos"
storageos       Delete         Immediate             true                   2m9s

You should also see your cluster connected in the Ondat portal as well:


Note that newly installed Ondat clusters must be licensed within 24 hours. There is a free community edition, though, which is great!

Finish setting up Ondat to work with Kasten K10

Now that we have our shiny new Ondat StorageClass installed into our Kubernetes cluster, we need to complete a few additional steps prior to installing Kasten K10.

If you’re familiar with Kasten K10, you know that you need a “VolumeSnapshotClass” for the CSI providers you work with. Ondat is no different in this regard, so you will need to set that up.

Prior to configuring the new VolumeSnapshotClass, Ondat recommends version 6.0 of the snapshot-controller to be installed for compatibility. Installation details can be found at

Configuring the Ondat VolumeSnapshotClass

Creating the VolumeSnapshotClass is a bit different with Ondat than just creating a .yaml file. You will need to edit a specific CRD that will then create the VolumeSnapshotClass you need for Kasten K10.

Run the following command to get the name of your cluster:

kubectl get -n storageos

storageos   5/5     Running   36m

Then, edit the file with the command:

kubectl edit storageos -n storageos

Look for the “spec:” section of the file and edit it as follows:


This will prompt the Ondat operator to create a VolumeSnapshotClass named storageos and configure it for use with Kasten K10.

You should now be able to view the VolumeSnapshotClass by running:

kubectl get volumesnapshotclass


kubectl describe volumesnapshotclass storageos

You’ll notice the VolumeSnapshotClass contains the true annotation. This is very important and allows Kasten K10 to utilize the Ondat storage plugin. Whenever Kasten K10 detects volumes that were provisioned via a CSI driver, it will look for a VolumeSnapshotClass with Kasten K10 annotation for the identified CSI driver and use it to create snapshots. More details can be read at

At this point now, you’re all set! Your cluster is ready to install Kasten K10 and deploy stateful applications on Ondat cloud-native storage!

We won’t go through a walk-through of the Kasten K10 installaltion, but if you want to see those instructions, head over to

Kasten K10 policy recommendations with Ondat

Ondat snapshots created by Kasten K10 are only used as a source when moving data to our backup target location profile. It is important to keep in mind that currently restoring from an Ondat snapshot is not supported in Ondat version 2.8, so you need to take that into consideration when you build your backup policy in Kasten K10. All restores must come from the external backup location. With that in mind, when building a backup policy, always set snapshot retention to “1” only and no more for each policy, then set a custom retention policy for exported snapshots. Look at our example backup policy for a daily application backup. We keep only 1 daily snapshot then set a custom retentions for exported snapshots to 7 daily, 4 weekly, 12 monthly, and 7 yearly.


Ondat currently recommends the Kubernetes VolumeSnapshot object be deleted as soon as the application has been backed up externally, as it cannot be used as a restore point. It takes up space on the local node and could potentially cause a performance degradation for I/O of the parent volume. The Ondat snapshots feature utilizes copy-on-write semantics under the hood. This means that while a VolumeSnapshot object exists, any blocks that are written to the parent volume invoke an extra read and write operation as blocks are copied into the snapshot object. The performance decrease incurred by this overhead is dependent on the size of the volume, the speed of the underlying storage, the amount of data in the page cache and other factors. Once the Kasten K10 volume snapshot associated with a volume is deleted, performance will return to baseline.

Complete details can be found over at


Get Started Today!

Try the full-featured and FREE edition of Kasten K10 today with this super-quick install in less than 10 minutes.


Download Free Kasten K10










Download Free Kasten K10










For information about Kasten K10

Contact Us

For information about Kasten K10, please send us a message using the form on this page, or email us at

For product support: Open a case via Veeam
Community support: Veeam Community


Kasten, Inc. 
8800 Lyra Drive, Suite 450
Columbus, Ohio 43240

We value the critical role that the security community plays in helping us protect the confidentiality, integrity, and availability of our software, services, and information. If you have information about security vulnerabilities that affect Kasten software, services, or information, please report it to us via our HackerOne Vulnerability Disclosure Program, or anonymously via this form.

Please Send Us a Message