Velero Joins the CNCF: Broadcom's Strategic Open Source Handover
By Dillip Chowdary • Mar 24, 2026
In a move that has been anticipated since the Broadcom acquisition of VMware, the company has officially donated **Velero**, the industry-standard tool for Kubernetes backup and disaster recovery, to the **CNCF** (Cloud Native Computing Foundation). This donation marks a significant shift in Broadcom's open-source strategy and ensures the long-term neutrality and growth of the project.
From Heptio to CNCF Graduation
Originally created by Heptio (later acquired by VMware), Velero has become the de facto standard for backing up Kubernetes cluster resources and persistent volumes. By moving Velero to the CNCF, Broadcom is signaling that it wants the project to follow the same "community-led" success as **Kubernetes**, **Prometheus**, and **Envoy**. The project is entering the CNCF as a **Graduated** project, bypassing the sandbox and incubation phases due to its massive production footprint.
For the community, this means that Velero's roadmap will no longer be tied to VMware Tanzu release cycles. This is expected to accelerate integration with non-VMware storage providers and cloud-native backup standards like the **CSI (Container Storage Interface) Snapshot API**. The governance will now be managed by a diverse set of maintainers from companies across the ecosystem, including Red Hat, Google, and Veeam.
Technical Evolution: Velero 2.0 and Beyond
With the donation comes a glimpse into **Velero 2.0**. The next major version is expected to focus on **Multi-Cluster Orchestration** and **Automated DR Drills**. In the current 1.x branch, Velero is primarily a CLI-driven tool that operates on a per-cluster basis. Velero 2.0 aims to provide a centralized control plane for managing backup policies across thousands of clusters, a requirement for modern **Edge** and **Global AI** deployments.
Technically, Velero is shifting toward a more modular architecture. The core backup engine is being decoupled from the storage plugins, allowing for faster development of new backends like **S3-compatible** object storage, **Azure Blob**, and even decentralized storage networks. There is also a strong focus on **Security**—specifically, signed backups and integration with **Sigstore** to prevent supply chain attacks on cluster state restores.
Technical Insight: CSI Integration
One of the primary goals of the CNCF transition is to finalize the CSI Data Management spec. This will allow Velero to perform "application-aware" backups by signaling to databases and stateful apps to flush buffers before a snapshot is taken, ensuring 100% data consistency without downtime.
Why Now? Broadcom's Strategic Pivot
Many industry analysts view this move as a way for Broadcom to reduce the "maintenance tax" of a project that has become foundational to the entire industry. By letting the CNCF community take over the heavy lifting of ecosystem compatibility, Broadcom can focus on building high-value, proprietary services on top of the Velero core within its **Tanzu** portfolio. It is a classic "Commoditize the Complement" strategy.
The donation of Velero is a win for everyone involved. Users get a guaranteed neutral future for their data protection tool, and the CNCF adds another "critical infrastructure" project to its portfolio. As we move into the **AI-native** era, where cluster state is more complex and dynamic than ever, Velero's role as the safety net of the cloud-native world has never been more important.