The article was co-authored by Ka Wai Leung, ISV Development Manager at HPE.
Container applications are increasingly being deployed at a large scale by IT and DevOps teams. HPE Ezmeral Container Platform is an ideal platform for deploying next-generation containerized applications, especially for AI/ML and data analytics workloads.
As these workloads are critical assets and often involve access to large bodies of valuable data, they must be protected against accidental loss, system/app corruption, or malicious attacks. In a hybrid cloud environment, organizations also want the flexibility of easily migrating their containerized applications and data between their development, test, and production clusters. These clusters can be on premises or within a public cloud and between different Kubernetes distributions.
Backups for HPE Ezmeral Container Platform contents are different from traditional VM and bare metal backups. The latter tends to focus data protection at the infrastructure level, e.g., volume, disk, LUNs, and VMDK. However, data protection on the HPE Ezmeral Container Platform needs to keep the unit of atomicity as the Kubernetes application. These applications are composed of multiple microservices and are not bound to specific nodes. While there are several patterns of storing application state, the following information needs to persist and be protected in the context of an application on the HPE Ezmeral Container Platform:
- Application data: Various data services, block, and file storage implementations are spread across multiple containers.
- Application definition and configuration: Application image and the associated environment configuration are spread across various Kubernetes objects including ConfigMaps, Secrets, etc.
A robust backup and recovery solution for the HPE Ezmeral Container Platform should be flexible to support a variety of scenarios including:
- Easy backup/restore with granular control for your entire application stack to make it easy to “reset” your application to a good known state
- Efficiently clone applications to a different namespace or cluster for test/dev
- Robust disaster recovery of your applications in another cluster, region, or cloud
- Seamlessly migrate applications from non-HPE Ezmeral clusters to HPE Ezmeral
To address the enterprise backup requirements above, HPE has partnered with Kasten by Veeam to offer K10, Kasten’s data management platform built natively for Kubernetes and integrated with the HPE Ezmeral Container Platform. The integrated solution supports the data management scenarios outlined earlier and provides the additional capabilities for secure and efficient operations of your Kubernetes applications including:
- Reliable policy-based backup workflows
Kasten K10 manages backups at scale through automation and dynamic policies. This capability avoids the need for custom scripting and allows users to easily create broad policies for data management compliance. (See figure 1 below.)
Figure 1. Create a new policy for data management compliance.
- Multi-tenancy with integrated security
Kasten K10 supports multiple user authentication mechanisms such as OpenID Connect (OIDC) and Token-Based Authentication. K10 also provides fine-grained, role-based access control (RBAC) so the right users can exercise the appropriate actions and support multi-tenant environments.
Kasten K10 multi-cluster dashboard provides a simple way to get the aggregate and real-time status of critical parameters including the total number of clusters, policies, applications, and others. Additionally, users can define global policies and selectively apply them to HPE Ezmeral Container Platform cluster groups to simplify the management of backups. (See figure 2 below.)
Figure 2. Kubernetes backup in the HPE Ezmeral Container Platform with Kasten K10
- Diverse workloads and deployment choices
With Kasten K10 and HPE Ezmeral Container Platform, users can choose from a wide selection of infrastructure providers with a consistent HPE Ezmeral Container Platform experience across both private, on-premises data centers and public clouds. For backup targets, Kasten users have a broad choice of storage options including S3 compatible storage on premises and in public clouds. For the joint HPE and Kasten solution, we leveraged HPE Ezmeral Data Fabric as the S3 compatible storage as the backup target. In addition, HPE Ezmeral Data Fabric can be the central data source that aggregates data for edge, core, and cloud.
Get started today!
The HPE and Kasten by Veeam partnership helps companies confidently run and protect Kubernetes applications on HPE Ezmeral across private, hybrid, and multi-cloud environments. Kasten K10 can restore an application to a known state with granular control of backup and restore capabilities. Try the fully-featured free version of Kasten K10 today with this super-quick install in less than 10 minutes.
Also, learn more at: