Skip to content

Kasten by Veeam is a launch partner for Amazon EKS Anywhere, providing Kubernetes backup, disaster recovery and application mobility across hybrid environments. We deliver these capabilities with Kasten K10, our cloud-native data management platform for Day 2 operations.

Kasten K10’s easy-to-use, scalable and secure system enables DevOps teams to backup, restore, and migrate Kubernetes applications with ease. It integrates with relational and NoSQL databases and all major Kubernetes distributions, and runs in any cloud to maximize freedom of choice.​

In this post, we’ll explain how to protect and migrate a Kubernetes application on Amazon EKS.

Creating a Global Backup Policy

Let’s start by looking at the Kasten K10, multi-cluster dashboard, where we have two clusters connected, the eks-anywhere-dev cluster on-prem and a production cluster on EKS public cloud in the AWS US-East-2 region:

blog-how-protect-migrate-apps-amazon-01

On the dashboard, we can see the applications that are installed within the eks-anywhere-dev cluster:

blog-how-protect-migrate-apps-amazon-02

blog-how-protect-migrate-apps-amazon-03

Our corporate website runs on our eks-anywhere-dev and contains multiple pods with persistent volume claims. 

Switching over to the eks-us-east-2-production, you can see that no applications exist yet in this cluster:

blog-how-protect-migrate-apps-amazon-04

Now let’s take a look at the Kasten K10 Global Resources. You can see there is a Global Policy for data protection using Amazon AWS S3:

blog-how-protect-migrate-apps-amazon-05

Let's create our first Global Policy to protect the website application:

blog-how-protect-migrate-apps-amazon-06

In the Kasten K10 UI, we can give the policy a name, select the snapshot frequency and enable exports out to our AWS S3 location.

blog-how-protect-migrate-apps-amazon-07

Next, let’s select applications by name or labels, then elect all of our policies and click “Create Policy.”

blog-how-protect-migrate-apps-amazon-08

Let's run this policy one time over in our eks-anywhere-dev cluster. This will protect our corporate website application:

blog-how-protect-migrate-apps-amazon-09

In the Kasten K10 UI, you can follow the actions window and the status of the data protection policy:

blog-how-protect-migrate-apps-amazon-10

Kasten K10 will run a snapshot and then export the application backup to AWS S3:

blog-how-protect-migrate-apps-amazon-11

blog-how-protect-migrate-apps-amazon-12

Creating a Global Backup Policy

Now we’re ready to migrate this application into production using Kasten K10. Let's export this application so that we can import it into the eks-us-east-2-production cluster:

blog-how-protect-migrate-apps-amazon-13

blog-how-protect-migrate-apps-amazon-14

Let’s create an export policy, copy the encryption key, and watch the progress of the export in the Action window of Kasten K 10.

blog-how-protect-migrate-apps-amazon-15

blog-how-protect-migrate-apps-amazon-16

Once our export is complete, let’s switch over to our eks-us-east-2-production cluster and create a temporary import policy for this application:

blog-how-protect-migrate-apps-amazon-17

Give this import policy a name, and choose “Restore after Import”:

blog-how-protect-migrate-apps-amazon-18

The power of Kasten K10 allows us to dynamically change the characteristics of an application on import. For this application, we will need to change the storage class because the storage class on-prem is different from what's in our Amazon cluster in the public cloud:

blog-how-protect-migrate-apps-amazon-19

blog-how-protect-migrate-apps-amazon-20

Once we apply those transformations to the Import policy, let's paste in the encryption key, select our S3 target, and click “Create Policy”:

blog-how-protect-migrate-apps-amazon-21

Once our policy is created, let's run this policy once. This will start the import and migration of the application from EKS anywhere into the EKS public cloud.

blog-how-protect-migrate-apps-amazon-22

In the Actions window, you can watch the progress of the import. Once the import is complete, you will see the application show up dynamically in the Kasten K10 UI:

blog-how-protect-migrate-apps-amazon-23

blog-how-protect-migrate-apps-amazon-24

blog-how-protect-migrate-apps-amazon-25

Deleting the Application from the Dev/Test Cluster

Now that our application has been migrated into production, let's delete it off of our dev/test cluster. We’ll use the kubectl command to delete our namespace for the corporate website:

blog-how-protect-migrate-apps-amazon-26

Once the corporate website namespace is deleted, you can see it was removed from the Kasten K10 UI. This application now only exists in production on the UCS two clusters:

blog-how-protect-migrate-apps-amazon-27

Finally, let’s validate that our application is now running in this new cluster:

blog-how-protect-migrate-apps-amazon-28

As you can see, migrating an application is fast and simple with Kasten K10. You can watch the recorded video here, or try Kasten K10 for free today.

 


Try the full-featured and FREE edition of Kasten K10 today with this super-quick install in less than 10 minutes.

 

Download Free Kasten K10

logo-aws-color

 

 

logo-azure-color

 

 

logo-digital-ocean-color

 

 

logo-google-cloud-color

 

 

logo-kubernetes-color

 

 

logo-openshift-color

 

 

logo-suse-rancher-color

 

 

logo-k3s-color

 

 

logo-vmware-tanzu-color

 

 

 

For information about Kasten K10

Contact Us

For information about Kasten K10, please send us a message using the form on this page, or email us at contact@kasten.io

For product support: Open a case via Veeam
Community support: Veeam Community

Address:

Kasten, Inc. 
8800 Lyra Drive, Suite 450
Columbus, Ohio 43240

We value the critical role that the security community plays in helping us protect the confidentiality, integrity, and availability of our software, services, and information. If you have information about security vulnerabilities that affect Kasten software, services, or information, please report it to us via our HackerOne Vulnerability Disclosure Program, or anonymously via this form.

Please Send Us a Message