Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

OpenShift Virtualization migration: is your protection model keeping up?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 10141
Topic starter  

TL;DR: VM migration to Red Hat OpenShift Virtualization is typically phased, leaving VMware, Kubernetes, and new virtualized workloads operating in a mixed state where protection gaps can emerge, according to Commvault. The governance problem is continuity: resilience, recovery, and policy enforcement have to follow the workload across the transition, not after it.

NHIMG editorial — based on content published by Commvault: VM migration to OpenShift Virtualization and resilient protection across hybrid environments

By the numbers:

Questions worth separating out

Q: How should teams govern VM migration when VMware and OpenShift Virtualization run together?

A: Treat the transition as a hybrid governance state, not a simple infrastructure swap.

Q: Why does VM migration increase resilience and recovery risk?

A: Migration changes platform boundaries, workload placement, and operational workflows at the same time.

Q: What do security and platform teams get wrong about unified protection?

A: They often treat unification as a tooling choice rather than a governance choice.

Practitioner guidance

  • Map migration-state governance separately from steady-state operations Define how protection, monitoring, retention, and recovery ownership change when workloads are pre-migration, mid-transition, and post-cutover.
  • Consolidate protection workflows across VMs and containers Reduce parallel backup and recovery processes by aligning policy, access, and restore procedures across VMware, OpenShift Virtualization, and containerized applications.
  • Verify immutable recovery points before migration begins Check that backup copies cannot be altered and that restore jobs preserve full VM context and configuration.

What's in the full article

Commvault's full article covers the operational detail this post intentionally leaves for the source:

  • How Commvault Cloud maps protection workflows across VMware VMs, OpenShift Virtualization VMs, and containerized applications.
  • The specific recovery options available when a migration step fails or timelines shift, including in-place and out-of-place restore paths.
  • How immutable backup handling and threat-hunting support are positioned for migration resilience.
  • The platform versions and compatibility notes that matter if you are preparing a production rollout.

👉 Read Commvault's analysis of VM migration protection for OpenShift Virtualization →

OpenShift Virtualization migration: is your protection model keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 9696
 

Hybrid migration creates an identity and governance seam, not just an infrastructure seam: when workloads move from VMware into OpenShift Virtualization, the organisation often keeps multiple operational models alive at once. That is where control drift appears, because protection policy, recovery ownership, and access boundaries no longer align cleanly with workload placement. Practitioners should treat the migration window as a governance state with its own controls, not as an implementation detail.

A few things that frame the scale:

  • 91% of former employee tokens remain active after offboarding, leaving organisations vulnerable to potential security breaches, according to The 2025 State of NHIs and Secrets in Cybersecurity.
  • 62% of all secrets are duplicated and stored in multiple locations, causing unnecessary redundancy and increasing the risk of accidental exposure.

A question worth separating out:

Q: Who is accountable when migration recovery fails?

A: Accountability should sit with the team that owns the migration state and the recovery policy, not just the platform administrator or the backup operator. If workload ownership, restore authority, and migration planning are split, failures become harder to triage and slower to resolve.

👉 Read our full editorial: VM migration to OpenShift Virtualization demands unified protection



   
ReplyQuote
Share: