Encrypted, point-in-time snapshots for etcd clusters

Protect your etcd cluster against data loss and node failures. Plakar takes encrypted, deduplicated snapshots of etcd cluster state, giving you a reliable recovery point when it matters most.

Start

etcd is reliable, until it isn't

etcd is a distributed key-value store used as the source of truth in many distributed systems, most notably Kubernetes. It is designed to survive partial node failures, but it cannot recover on its own if too many nodes fail simultaneously. Without an independent backup, a wide cluster failure means permanent loss of all cluster state. Plakar fills that gap by storing encrypted, immutable snapshots of etcd outside the cluster itself.

Why protecting etcd matters

etcd stores the entire state of a distributed system, e.g. in a Kubernetes cluster, that means every workload, configuration, secret, and policy. Its built-in replication handles partial failures well, but it has limits:

  • Quorum loss: If too many nodes fail at once, etcd cannot recover without external intervention. Without a snapshot, the cluster state is gone.
  • Logical corruption: A bad write, a botched upgrade, or a misconfigured operator can corrupt cluster state in ways that replication spreads rather than prevents.
  • No point-in-time recovery: etcd does not natively provide a way to roll back to an earlier known-good state. Without snapshots, there is no recovery point to return to.

For any system that relies on etcd, an independent backup is the last line of defense.

What happens when etcd is lost?

In a Kubernetes cluster, losing etcd without a backup means losing everything the API server knows about: deployments, services, secrets, namespaces, RBAC policies, and custom resources. The underlying workloads may still be running, but the cluster cannot manage, schedule, or recover them.

Rebuilding from scratch takes time and risks missing configuration that was never captured in source control. A Plakar snapshot lets you restore the cluster to a known state instead.

How Plakar protects etcd

Plakar connects to one or more etcd nodes, takes a consistent snapshot of the cluster, and stores it in a Kloset — encrypted, deduplicated, and independent of the cluster itself.

Snapshots can be stored on any supported backend: local storage, S3-compatible object storage, SFTP, or cold storage. Because Plakar snapshots are immutable, they remain intact even if the cluster or its storage is compromised.

Restoring etcd from a Plakar snapshot uses the standard etcdutl recovery workflow. Plakar retrieves the snapshot from the Kloset store and writes it to disk, from where the native etcd tooling takes over.

Ready to protect your etcd data?

etcd docs

Security by design

Reduce your attack surface by keeping encryption keys out of storage. With true end-to-end encryption, your data is protected before it leaves the source and remains unreadable even to your storage provider.

  • End-to-end encryption with modern crypto (no compromise on "at-rest/in-transit")
  • Immutable snapshots with verifiable integrity
  • Tamper-proof metadata and audit logs
  • Zero-trust-friendly architecture
"You don’t have to trust your storage provider."
Placeholder

Regroup all your data protection workflows in one platform

From edge devices to SaaS platforms and hybrid clouds, Plakar keeps your data safe, synced, and instantly restorable: all from one unified tool.

For SaaS, endpoints & edge

Whether you're backing up remote laptops, on-premise servers or third-party SaaS data, Plakar gives you full control. Immutable backups, minimal storage, full flexibility. Even in disconnected environments.

In your data center

Legacy systems or critical data. All backed up with the same simplicity. Plakar integrates directly into your infrastructure with powerful CLI, orchestration support, and instant recovery.

Across clouds

Cloud-native or multi-cloud? No problem. Plakar works seamlessly with object storage, S3-compatible services, and hybrid environments, without locking you in or slowing you down.

Discover Plakar book a demo or join a community calls

Plakar is not another complex “backup project”. Gain peace of mind with little investment while protecting what matters.

Book a demo

A Plakar team member will contact you shortly to organize the demo.

By submitting this form you agree to our Privacy Policy.

Pages

Solutions

Resources

Newsletter