Enterprise-grade Kubernetes backup and recovery with Commvault

By Mathew Ericson

Kubernetes (K8s) adoption has seen a rapid expansion in 2020 as organizations look to accelerate digital business initiatives. According to the CNCF State of Cloud Native Development Report, there are now 6.5 million cloud-native developers around the globe. Kubernetes development consists of 2.7 million developers, meaning you likely have some Kubernetes in your business today, or will tomorrow.

Kubernetes adoption is not without complication

K8s adoption is occurring rapidly, which is causing some organizational growing pains. Businesses adopting K8s cite multiple obstacles that slow adoption or delay desired benefits:

  • Skillset is the No. 1 challenge. Gartner says “organizations often underestimate the effort required to operate containers in production.” This is evidenced when trying to transition from application development into production. Gartner suggests that identifying the right operational model is hard due to the distribution of responsibilities across developers, infrastructure, operations and security.
  • Backup and recovery of K8s applications was not initially considered since K8s applications were intended to be stateless. The reality is that K8s developers are deploying both stateless and stateful applications. Stateful applications have persistent volumes (PVs) that require data protection to recover from unplanned hardware or software failures. As large multi-tenanted K8s clusters are deployed, fine-grained application-aware backup and recovery is required to protect persistent application data.
  • Automation is a key benefit of the K8s development and deployment workflow. Developers are creating applications and migrating them from dev to production, often without traditional IT release management. Data protection methods need to integrate with the developer workflows to ensure K8s applications are protected in accordance with business policy.
  • Security remains a large concern as the complexity of K8s often leads to misconfigurations that put applications or entire clusters at risk. Most recent, cryptojacking has been a common attack-vector for machine-learning (ML) focused clusters. Having a robust data protection scheme and air gapped data vaults or immutable storage is becoming the go-to defense against these threats.

The common thread here is data protection. You require a robust data protection strategy for your new stateful K8s applications. Why? To recover from the same challenges you face today – operator error, hardware failure, software failure, or worst case, targeted ransomware/malware attacks.

SaaS backup for Kubernetes is here now

Commvault provides K8s-native protection for your stateful (and stateless) K8s applications in a convenient SaaS-based backup and recovery solution offered by Metallic. Protection of K8s applications includes protection of all configuration data (pods, manifests, secrets, CRDs) and the persistent application data (persistent volumes, persistent volume claims). Protection of K8s configuration and data allows granular recovery of application configuration, persistent data, or the entire application to the original or a new cluster. Recovery to on-premises or cloud locations provides your business with application mobility, and the agility to adopt the K8s distribution and operational model that works for your developers.

Automatic application discovery means hands-off protection

Metallic VM and Kubernetes backup and Commvault Complete™ Data Protection will auto-discover and protect your K8s applications by label selector or namespace, providing seamless integration with your developers’ workflows. Your developers simply label important K8s resources, persistent volumes, and persistent volume claims and Commvault will protect them.

In fact, your developers are likely doing this today as a best practice for K8s development. Transitioning applications into production simply means your CI/CD system labels the application or places the app in a ‘production’ namespace, and then Commvault intelligent data management takes over.

Recovery provides identical, surgical recovery of only the data the developer needs to recover an application, such as application manifests, persistent volumes, or both.

Container Storage Interface (CSI) integration means backup is a snap

Commvault K8s protection leverages the CSI to perform volume snapshot backups, allowing continued use of on-premises storage technologies like VMware vSphere, NetApp Trident or next-generation cloud-native storage like the Hedvig Distributed Storage Platform. Commvault supports any of the 50+ Production CSI drivers available today. See Production Drivers to check if your storage is cloud-native ready.

Security starts with secure backup copies

Coupled with Commvault data isolation and air gap technology, you can ensure you have protected your critical K8s applications and infrastructure from data loss. Leveraging the power of cloud storage, you can ensure you have an air gapped, immutable (read-only) copy of your data untouchable by ransomware/malware. There is only one true protection from a malware attack – a backup copy used to recover your applications.

Perform frequent backups of your system and other important files, and verify your backups regularly.

Unified management is your answer

The reality that you won’t hear with all the hype is that your existing Virtual Machine (VM) farms and cloud infrastructure are not going away overnight. Your business will be running in a hybrid mode for some time, with cloud, VMs, and perhaps even physical servers. The good news is you don’t need to retrain your operations teams in every new technology being adopted by your development teams.

Metallic and Commvault Complete Data Protection provide a unified management view across all your application data – traditional and modernized K8s application data. Your operations teams are enabled to backup and recover data, perform cross-cloud K8s migrations, and recover from ransomware events without having to become K8s developers. Commvault intelligent data management provides this capability for your on-premises and clouds today; simply extend your data management into your stateful K8s applications.

Check out “Commvault protects all your Kubernetes data” below to see the Commvault Command Center™ in action with K8s.

Get started today protecting your K8s apps

Learn more about K8s-native data management at commvault.com/k8s, or have a chat with us at KubeCon + CloudNativeCon North America 2020.