Enterprise Grade Data Protection for HPE Ezmeral Container Platform with Kasten K10 by Veeam
The article was co-authored by Ka Wai Leung, ISV Development Manager at HPE.
Container applications are increasingly being deployed at a large scale by IT and DevOps teams. HPE Ezmeral Container Platform is an ideal platform for deploying next-generation containerized applications, especially for AI/ML and data analytics workloads.
As these workloads are critical assets and often involve access to large bodies of valuable data, they must be protected against accidental loss, system/app corruption, or malicious attacks. In a hybrid cloud environment, organizations also want the flexibility of easily migrating their containerized applications and data between their development, test, and production clusters. These clusters can be on premises or within a public cloud and between different Kubernetes distributions.
Backups for HPE Ezmeral Container Platform contents are different from traditional VM and bare metal backups. The latter tends to focus data protection at the infrastructure level, e.g., volume, disk, LUNs, and VMDK. However, data protection on the HPE Ezmeral Container Platform needs to keep the unit of atomicity as the Kubernetes application. These applications are composed of multiple microservices and are not bound to specific nodes. While there are several patterns of storing application state, the following information needs to persist and be protected in the context of an application on the HPE Ezmeral Container Platform:
Application data: Various data services, block, and file storage implementations are spread across multiple containers.
Application definition and configuration: Application image and the associated environment configuration are spread across various Kubernetes objects including ConfigMaps, Secrets, etc.
A robust backup and recovery solution for the HPE Ezmeral Container Platform should be flexible to support a variety of scenarios including:
Easy backup/restore with granular control for your entire application stack to make it easy to “reset” your application to a good known state
Efficiently clone applications to a different namespace or cluster for test/dev
Robust disaster recovery of your applications in another cluster, region, or cloud
Seamlessly migrate applications from non-HPE Ezmeral clusters to HPE Ezmeral
To address the enterprise backup requirements above, HPE has partnered with Kasten by Veeam to offer K10, Kasten’s data management platform built natively for Kubernetes and integrated with the HPE Ezmeral Container Platform. The integrated solution supports the data management scenarios outlined earlier and provides the additional capabilities for secure and efficient operations of your Kubernetes applications including:
Reliable policy-based backup workflows
Kasten K10 manages backups at scale through automation and dynamic policies. This capability avoids the need for custom scripting and allows users to easily create broad policies for data management compliance. (See figure 1 below.)
Figure 1. Create a new policy for data management compliance.
Multi-tenancy with integrated security
Kasten K10 supports multiple user authentication mechanisms such as OpenID Connect (OIDC) and Token-Based Authentication. K10 also provides fine-grained, role-based access control (RBAC) so the right users can exercise the appropriate actions and support multi-tenant environments.
Kasten K10 multi-cluster dashboard provides a simple way to get the aggregate and real-time status of critical parameters including the total number of clusters, policies, applications, and others. Additionally, users can define global policies and selectively apply them to HPE Ezmeral Container Platform cluster groups to simplify the management of backups. (See figure 2 below.)
Figure 2. Kubernetes backup in the HPE Ezmeral Container Platform with Kasten K10
Diverse workloads and deployment choices
With Kasten K10 and HPE Ezmeral Container Platform, users can choose from a wide selection of infrastructure providers with a consistent HPE Ezmeral Container Platform experience across both private, on-premises data centers and public clouds. For backup targets, Kasten users have a broad choice of storage options including S3 compatible storage on premises and in public clouds. For the joint HPE and Kasten solution, we leveraged HPE Ezmeral Data Fabric as the S3 compatible storage as the backup target. In addition, HPE Ezmeral Data Fabric can be the central data source that aggregates data for edge, core, and cloud.
Get started today!
The HPE and Kasten by Veeam partnership helps companies confidently run and protect Kubernetes applications on HPE Ezmeral across private, hybrid, and multi-cloud environments. Kasten K10 can restore an application to a known state with granular control of backup and restore capabilities. Try the fully-featured free version of Kasten K10 today with this super-quick install in less than 10 minutes.
Gaurav Rishi is the VP of Product and Partnerships at Kasten by Veeam. He is at the forefront of several Kubernetes ecosystem partnerships and has been a frequent speaker and author on cloud-native innovations. He previously led Strategy and Product Management for Cisco's Cloud Media Processing business. In addition to launching multiple products and growing them to >$100M in revenues, he was also instrumental in several M&A transactions. Gaurav is a computer science graduate and has an MBA from the Wharton School.
Kasten, Inc. 8800 Lyra Drive, Suite 450 Columbus, Ohio 43240
We value the critical role that the security community plays in helping us protect the confidentiality, integrity, and availability of our software, services, and information. If you have information about security vulnerabilities that affect Kasten software, services, or information, please report it to us via our HackerOne Vulnerability Disclosure Program, or anonymously via this form.