Recent content

Veeam Kasten and SUSE Harvester 1.7.1

Veeam Kasten and SUSE Harvester 1.7.1

Veeam Kasten 8.5 Modern Virtualization Enhancements

Veeam Kasten 8.5 Modern Virtualization Enhancements

Implementing a Secure Opt-Out Backup Strategy with Kasten and Kyverno

Implementing a Secure Opt-Out Backup Strategy with Kasten and Kyverno

Why Choose Veeam Kasten Over Velero for Kubernetes Backup

Why Choose Veeam Kasten Over Velero for Kubernetes Backup

Popular topics

AI Airgapped Authentication Automation Azure Azure file Backup CLI CSI Certificate Compliance Consistency Crash consistency Cross region Data protection Disaster Recovery Disaster recovery Disconnected EBS EDB EKS End-to-End Enterprise Fast export Federated identity File Level Restore File-Level Recovery GCP GKE HTTPS Ingress Installation Kasten Kasten dashboard KubeVirt Kubernetes Kubevirt MCP Managed Database Metrics Migration Model Context Protocol Monitoring Network New Release Observability OpenShift OpenShift Virtualization OpenTelemetry Openshift Openshift virtualisation Operations Operator Operators Partnership Posgres Prometheus ROSA RPO RTO Restore SUSE Virtualization Security Snapshot Splunk Terraform Thanos Tutorial VMware Velero Virtual Machine aks amazon api application consistent architecture argocd authentication azure azure container storage backup backup policies blueprints business continuity cicd cloud native data protection demo disaster recovery forklift git github gitlab gitops granular harvester helm kafka kanister kasten kubectl kubernetes kubevirt kyverno marketplace messaging microsoft migration mobility modern virtualization mtv operator multicloud multicluster oauth ocp-v openshift opensource pipelines rabbitmq rbac rds redhat rosa security snapshot strimzi suse tables veeam vibe coding virtual machines virtualization vm vms vmware
modern virtualization kubevirt suse harvester

Veeam Kasten and SUSE Harvester 1.7.1

In this post, we revisit protecting VMs on SUSE Virtualization (Harvester) 1.7.1

Matt Slotten
Matt Slotten
Veeam Kasten and SUSE Harvester 1.7.1
SUSE Harvester

Overview

It being 2026, it’s high time we revisit SUSE Virtualization (Harvester) and Veeam Kasten. SUSE and the open source community have made great strides in improving SUSE Virtualization, including support for 3rd party storage, support for CDI for image management, and many more creature comforts of a virtualization solution.

Along those same lines, we’ve implemented a number of enhancements in Veeam Kasten to compliment SUSE Virtualization, including introducing a Virtual Machine dashboard within the Kasten UI, VM-based policy and multi-VM restore, and native File-Level Recovery for both VMs and container workloads. We’ve also added support for protecting and migrating SUSE Virtualization images.

Quickstart Guide

Given the enhancements, deploying Kasten on SUSE Virtualization (Harvester) has become even easier. Below are the steps I typically use for deploying a cluster using the default Longhorn HCI storage, installing Kasten, and protecting VMs:

  1. Gather SUSE Virtualization configuration details:
    • Host IP and netmask (e.g. 10.25.109.3/21)
    • Gateway IP
    • DNS IP
    • Harvester VIP
    • NTP IP

  2. Install SUSE Virtualization or Harvester using the latest ISO

  3. Connect to the Harvester Cluster via kubectl. To retrieve the kubectl config, navigate to Support > Download KubeConfig in the Harvester UI to download the kubeconfig YAML file. Harvester KubeConfig

  4. Annotate the built-in storage class and so Kasten knows it can export block mode PVCs from them: 
    kubectl annotate storageclass harvester-longhorn k10.kasten.io/sc-supports-block-mode-exports=true
  5. Annotate the longhorn-snapshot VolumeSnapshotClass so Kasten knows it supports volumesnapshot capabilities: 
    kubectl annotate volumesnapshotclass longhorn-snapshot k10.kasten.io/is-snapshot-class=true
  6. Install Kasten via helm, using the existing nginx ingress class on the cluster: 
    helm install k10 kasten/k10 \
--namespace 'kasten-io' \
--create-namespace \
--set "ingress.create=true" \
--set-string "ingress.class=nginx" \
--set "auth.basicAuth.enabled=true" \
--set-string "auth.basicAuth.htpasswd=kasten:{SHA}3ddV7KLvFY/54nJZFXKfZHzF78k=" \
--set-string excludedApps[0]="cattle-dashboards" \
--set-string excludedApps[1]="cattle-fleet-clusters-system" \
--set-string excludedApps[2]="cattle-fleet-local-system" \
--set-string excludedApps[3]="cattle-fleet-system" \
--set-string excludedApps[4]="cattle-logging-system" \
--set-string excludedApps[5]="cattle-monitoring-system" \
--set-string excludedApps[6]="cattle-provisioning-capi-system" \
--set-string excludedApps[7]="cattle-system" \
--set-string excludedApps[8]="cluster-fleet-local-local-1a3d67d0a899" \
--set-string excludedApps[9]="default" \
--set-string excludedApps[10]="fleet-local" \
--set-string excludedApps[11]="harvester-public" \
--set-string excludedApps[12]="harvester-system" \
--set-string excludedApps[13]="kasten-io" \
--set-string excludedApps[14]="kube-node-lease" \
--set-string excludedApps[15]="kube-public" \
--set-string excludedApps[16]="kube-system" \
--set-string excludedApps[17]="local" \
--set-string excludedApps[18]="longhorn-system" \
--set-string excludedApps[19]="user-zk9qc"
  7. Set up the ClusterRole and ClusterRoleBinding to allow Kasten to enumerate SUSE Virtualization (Harvester) VMS in the Kasten Virtual Machine dashboard
cat <<EOF | kubectl apply -f -
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: k10-virtualmachines-admin
rules:
- apiGroups:
  - kubevirt.io
  resources:
  - virtualmachines
  verbs:
  - get
  - list
  - patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kasten-vms-access
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: k10-virtualmachines-admin
subjects:
- kind: ServiceAccount
  name: auth-svc
  namespace: kasten-io
EOF
  1. And last but not least, create a cloud-init script for Linux VMs to install qemu agent:
cat <<EOF | kubectl apply -f -
apiVersion: v1
data:
  cloudInit: |
    #cloud-config

    users:
      - name: kasten
        groups: [sudo]
        shell: /bin/bash
        sudo: ALL=(ALL) NOPASSWD:ALL
        lock_passwd: false

    chpasswd:
      list: |
        kasten:kasten/4u!
      expire: false
      encrypted: false

    package_update: true
    packages:
      - qemu-guest-agent

    runcmd:
      - systemctl enable qemu-guest-agent
      - systemctl start qemu-guest-agent
kind: ConfigMap
metadata:
  labels:
    harvesterhci.io/cloud-init-template: user
  name: basic
  namespace: images
EOF

And with that you’re off to the races! It is recommended to configure a Location Profile to export your VM backups off the cluster - we typically recommend S3-compatible object storage with immutability, but you could also opt for any of the hyperscalers (Google Cloud Storage, AWS S3, Azure Blob), Veeam Vault, NFS, or SMB.

To see how to use VM-based policies, restores, and native File Level Recovery (FLR), check out this recent demo

Veeam Kasten and SUSE Harvester 1.7.1
Older post

Veeam Kasten 8.5 Modern Virtualization Enhancements

Check out the new Modern Virtualization features and capabilities released in Veeam Kasten 8.5

You may also like

See all modern virtualization
Veeam Kasten 8.5 Modern Virtualization Enhancements
Matt Slotten

Veeam Kasten 8.5 Modern Virtualization Enhancements

Veeam Kasten and Backup and Replication FLR Interactive Demo
Matt Slotten

Veeam Kasten and Backup and Replication FLR Interactive Demo

Kasten and SUSE Virtualization Interactive Demo
Matt Slotten

Kasten and SUSE Virtualization Interactive Demo

Protect Harvester VMs with Kasten K10 by Veeam
Matt Slotten

Protect Harvester VMs with Kasten K10 by Veeam