Seamless Backup and Disaster Recovery with Microsoft Azure & Kasten by Veeam

Transcription is available below video player.

Gaurav Rishi:

All right.

Rob Libbert:

Or I can forward it.

Gaurav Rishi:

No, I have only two slides, I'll get out of your way very quickly. How are you? Good to see you. Yeah, absolutely. A private show for just for you.

Rob Libbert:

You have to cheer really loudly for me. Okay.

Gaurav Rishi:

I'll speak into this. So I'm good to go? All right. Can you guys hear me? Perfect. All right. Thank you very much for coming here. Really happy to have, Rob, here from Microsoft. He's the global black belt and he's going to do bulk of the talking, to talk about what does Kubernetes Backup mean? What are the considerations and also about how we are working together as a part of Kasten by Veeam and Microsoft Azure. So, I'll just do a quick introductions, just to let you know what the high level view is, but we'll keep time for questions towards the end, too. Just as quick introductions. I am Gaurav Rishi. I'm the VP of Product here at Kasten by Veeam also. So, I'll dive right into this because this is an educated crowd here. And Kasten by Veeam is one of the top three co-sellers for Microsoft.

So we are a co-sell partner and there is, of course, a rich history where the companies have been working together. And now with Kasten and being a part of Veeam, we are extending this now into the Kubernetes native era. So standing here at CNCF, this is what natural for me to focus on what we are doing there. So I think if you look at the picture, really what you're seeing is an example of a Cloud-native application, which under the covers is made up of multiple microservices. You have storage under the covers, its persistent volumes and persistent volume claims that you see out there. You have your databases, maybe through Stateful Sets deployments, et cetera. And you've also got a lot of state information, which is still under the covers stored in etcd. And I know, Rob's going to talk about that. And so what Kasten works is, it can install inside a Kubernetes clusters, which in this particular case might be running AKS, or it could be ARO, which is the Azure Red Hat OpenShift on top of the Azure cloud, or it could be an upstream Kubernetes distribution.

So we definitely have all of those validated. And as soon as you install Kasten K10 on your cluster, it goes and integrates to discover all of the applications that are on that cluster. You can go ahead and then figure out the dependency map of that particular application and figure out the persistent volume claims and the underlying databases. And then we allow you to set easy to use policies, which allow you to define how often something should be backed up, and for resiliency reasons, where it can be stored. And in this case it's Azure Blob. And not only that, we can also then rehydrate it when the time comes or if the need be, either because you need to restore it, or you need to go ahead and migrate it over into another cluster for test/dev reasons, or maybe, you're going ahead and trying to rehydrate in a completely different Kubernetes version because that itself upgrades every quarter or so.

So, what makes us good partners out here is extremely complementary Azure of course has a global footprint, great storage solutions, both at the block file and object player. And then of course, a growing number of data services out there. And Kubernetes is still a young and growing ecosystem. So Kasten K10, which is our core product, ends up being extremely simple to use. As soon as you install, it takes a few of minutes to get going. And after that, we do make sure that your backups are securely encrypted and both when it's addressed and when it's in flight and then can be recovered as and when you need it. So, that's a very high level flyback, but I think I have the more intelligent person out here to tell you a little about the details. So with that, Rob, it's all yours.

Rob Libbert:

Thank you. So this is a slide I usually like to start with. What do we really need to back up when we're talking about our cluster? What you really have to have to get back to a point in time is the Dockerfiles you use to build your images and the versions of those files. And of course, Microsoft offers GitHub for that. All the images created from the Dockerfile, and you can store those in ACR, right at the moment within the Azure cloud. Everything you use to deploy it, all the YAML you use. If you have these things, you can pretty much get back to deploying your application. What we don't do in either ARO or in AKS - they're both managed Kubernetes solutions - is allow you to back up what the state is of etcd and the persistent data that's attached to that, particularly in an application-aware kind of format. And Kasten really fills the blank for us for etcd backup, persistent volume backup, and databases.

And not only for backup and recovery to say Blob storage in another region, but also for migration, for mitigating any issues with upgrades, not that would ever happen, or from self imposed damage, which quite honestly is the most common thing that we see. So in terms of workloads behind the scenes, you've got data in a bunch of different places. MySQL, SQL server, Mongo, you've got different architectural components to your applications. And the combination of these actually make up your application. So what is the code and the deployment is really only a small part of what you really have to have to put a given application back to where it needs to be at a given state. And what Kasten does is, application-aware, so it knows what all the pieces of your application are, and you can set up a protection group that will automatically protect those and back them up in a schedule, so that you don't have to piece this back together in the middle of the night when your boss is yelling at you, which is always a big plus.

So, what are we looking for in terms of how we want our protection or data protection to work for us? First of all, I'll be the first person to tell you, you can do all this manually. You can do an etcd backup. Lots of people do them before they do upgrades, right? But have you ever tried to actually put that back? It's not exactly the easiest thing in the world. So easy configuration, if you've used Kasten, it's a GUI interface. Your operators who really may or may not have any idea of how Kubernetes works under the skin, can actually set this up pretty easily. So easy configuration, application awareness. When you fire up Kasten the first time, you'll actually see it'll go out and look by namespace at all the components that they can find. And it does a pretty good job of packaging up what it can find.

Operational simplicity. Again, if you'll take a look at the dashboard, it's a single dashboard, you get to almost everything from one or two pages down on the application. And cost. And this is beyond what I usually talk about; licensing costs. I'm sure these guys would be happy to talk to you, but in terms of a protecting your production environment, I find this a lot. We tend to forget about the fact that we've spent 30 years figuring out how to protect traditional production environments, BCP, DR, things like that. And we really forget about doing that in Kubernetes sometimes, in the cloud-native environment. And so when you're looking at the cost of your operational cluster, Kasten is a good investment in terms of ensuring that you have a safe and reliable business ready cluster.

So a couple recovery scenarios. Let's say you end up with, you lose a PV for example. With Kasten you can go ahead and restore that PV and re-attach. Let's say you get a node in a not ready situation. And, I have seen that happen from misconfiguration, from sometimes it just goes, you do a deploy and it goes into not ready and you can't get it back. You can actually, you use Kasten to get that back to a previous known state. And this is pretty neat. This is across regions here, not availability groups, but across regions where you can actually store and back up, in our case in Azure Blob storage. The state of that application, all of the components there, the credentials associated with that and restore it. And that's really helpful in a DR, BCP situation.

So we have great integration with Kasten. AKS and Azure storage are all integrated out of the box. It's a one click implementation. In-cluster, cross-cluster and cross-region disaster recovery, so that you can store your data in a different region and restore back, even if you are not running clusters in both of those regions. Application-aware namespaces within AKS. And by the way, you can also label all these and tag them, so that you can collect everything that you are backing up in a given instance, by tags. Low RPO and returned operation solution options. Cost effective backups, and it's available for AKS and ARO, which is the OpenShift hosted implementation within Azure.

So a couple links here. These will be available in the deck. What I will tell you is we see a couple really good use cases for this that you don't see, maybe in the slides. Number one is, building yourself a dev/test environment that looks like your production environment. All of a sudden, you've got the ability to build yourself a test cluster that looks exactly like your production cluster. So for automated testing, this is super nice because of those tests that you know work in production or conversely work in test, will work in both environments because those environments are mirrors of each other.

And you can actually build that into your pipeline, by the way. So all of these restorations, you can build into your pipeline, which is cool. And the other piece of this is self-service for your developers. You can actually give them the ability to package up a given state and time of their application and build a cluster on their own. So you don't have to contact an operator, wait for them to figure out what they're doing, or an admin. And everything within Kasten (keep me honest here) I believe you can actually make that role-based, so that you can assign roles and be able to give that self-service option out to your developers, which is neat. Mr. Choy.

Mr. Choy:

Resident point of time, I saw the pain as I said earlier the answer for better cluster now. How is it, the point in time configurable or come back and say that, I want to go back to yesterday and [inaudible]?

Rob Libbert:

Yes. So the very first, when you fire up Kasten, what you'll see is a dashboard, and in that dashboard, it will show you all the protection groups that you've got set up, and it will also show you all the backups that have occurred and their success. And then you can go back, and depending on what your retention for those backups is, you can actually go back and choose the one you want for as long as that retention period is. And restore that back.

Brian:

I have a follow up question. Database in particular kind of different [inaudible]?

Gaurav Rishi:

Yeah. So, I think, Brian, that's a great question. And I know this was a short presentation, couldn't do it, but the good thing about KubeCon is we can just go across the wall and I'll show you in person. But the short answer to that is, essentially we do have the capabilities to go ahead and do your backups at the storage level and choose the restore points based on the policies that you have. But we also have a way to configure and use the storage level on top of that database level native constructs to go and have logical backups.

And so we exercise that, and that allows us to get the more flexibility piece of it. We have this concept of what we call blueprints. And I think Rob and I were just talking about that before the chat. Which was for most of the commonly occurring databases that we see as Cloud-native stateful workloads, we already have these blueprints, which define the order of operations using these and that's extensible. So depending on the type of database that you're talking about and the capabilities that they might expose, we can definitely answer that question, too. Any other questions?

Speaker 5:

Just curious what Kasten does when combining the state [inaudible]. Does it integrate with etcd or [inaudible]?

Gaurav Rishi:

Yeah, no, that's a great question. So I think, towards the beginning, I was mentioning, as soon as you install Kasten K10, it'll go ahead and work with the APS server. We don't want to go directly to etcd because, especially for managed... Yeah, there you go. So, I think as soon as you install Kasten K10 inside a cluster, it can go ahead and work with the APS server. And that of course, is different based on the Kubernetes distribution. And that in turn abstracts away the etcd piece of it. So we definitely incorporate the Kubernetes objects that might be stored there, but that's how we work in addition to integrating with the various applications that break up into microservices and so on.

Speaker 5:

[inaudible]

Gaurav Rishi:

So, suppose, you do have a failure, right? Or you want to replicate. So as Rob was pointing out, you can go ahead and choose your restore point, and that will go ahead and restore your entire application out there, right? So that would include some of the cluster state, as well as all of the data that you might have as a part of your application itself. So I think the key point I'll just make out here and be happy to talk offline in more detail is, your unit of atomicity that you want to try and back up now is actually the applications in this particular Cloud-native world. And that's really what we try and keep as the operational development.

Speaker 6:

I have a question for, Rob. So, is it supported every [inaudible] and can I kind of have a [inaudible]?

Rob Libbert:

Yeah, absolutely. I happen to work for Microsoft. So I'm going to talk about AKS and ARO, but yeah, these guys will be happy for you to run their product on just about any Kubernetes platform that's out there.

Speaker 6:

That's what I thought.

Rob Libbert:

Yeah.

Speaker 6:

We do a lot of AKS [inaudible].

Rob Libbert:

Good man.

Speaker 6:

There are a lot of places you cannot run [inaudible] and I want to make it [inaudible].

Rob Libbert:

Right. That's the thing with a managed solution. So, it's there's pros and cons. The pro is that we take some of that management out of your hands, but some of the cons are, you may not be able to get where you want to do in the management plane.

Speaker 6:

[inaudible]

Rob Libbert:

Right.

Speaker 6:

[inaudible]

Rob Libbert:

Good deal.

Gaurav Rishi:

All right. I think we are past our time, but thank you very much. I know there is a raffle also. That's what I was told and we are both ineligible, Rob.

Speaker 7:

Okay. So what we do after everyone, stick around, we have a raffle. I got some tickets to pull here, and this is for an Apple Air Tag. That's what we're wrapping up here. So I'm pulling out a number. So check your tags. Our winner is, must be present to win this air tag here. 8-9-2-0-1-0. Not here? (silence)...