Getting Started with Portworx Backup-as-a-Service

Following the release of PX-Backup 2.2, Portworx has introduced Portworx Backup-as-a-Service (PX BaaS) to make protecting your Kubernetes applications and data even easier. PX-Backup has historically provided full application and Kubernetes component and volume backup and restore, cross-cloud migration, and application portability, and PX BaaS builds on top of these features to provide the following from a single, centralized pane of glass:

• Component installation for on-premise or cloud-based Kubernetes clusters
• Support for Amazon EKS, Google Cloud Platform, Azure Kubernetes Service, and IBM Cloud Kubernetes Service clusters
• Auto-detection and onboarding of Amazon EKS clusters
• Provisioning of multiple instances of PX BaaS and management of RBAC access for your organizations users

In this blog, we’ll see just how easy it is to sign up for PX BaaS, automatically onboard some Amazon EKS clusters and add our S3 buckets, and begin quickly protecting our data on those clusters.

PX BaaS Setup and Configuration

PX BaaS is enabled through PX-Central – if you have used the manual installation process for PX-Backup previously or use Portworx Enterprise, you’ll be familiar with PX-Central already! You can see that instead of simply allowing a spec generation for PX-Backup, there is now a BaaS radio button available for PX-Backup in addition to the On-prem option – simply select it, and click the Continue button:

Next, you can choose to either try PX-BaaS with a 30-day trial sandbox instance, or you can contact sales to purchase a PX BaaS Enterprise license. Don’t worry – if you select the 30-day sandbox trial, and you love it (which we think you will), you can always upgrade your trial instance to a PX BaaS Enterprise license! For our purposes in this blog, we are going to create a sandbox 30-day trial, name it “my-trial-instance”, agree to the EULA, and click submit:

Our PX BaaS instance is now being provisioned in the cloud – we’ll wait for it to provision, and once it is shown as “Active” in our list of PX BaaS instances, we’ll click on it and this is where the rubber hits the road!

PX BaaS Amazon EKS Cluster Auto-Discovery and S3 Target Addition

We’ve already provisioned two Amazon EKS clusters in the us-east-1 region, and have also configured two S3 buckets – one for standard backup/restore procedures, and one for ransomware protection that has object-lock enabled with a 7-day retention period. Automatically detecting these resources in AWS for PX BaaS to protect and use is super simple – from our trial instance in PX BaaS, we simply click the “Add Cluster” button in the top right of the UI, and start the Add Cluster wizard. You can see we’ve selected AWS and are entering our AWS cloud credentials that are associated with the EKS clusters and S3 buckets in the us-east-1 region:

Once we click the “Discover Cluster” button, our Amazon EKS clusters in our region that our credentials have access to will show up in the “Select Discovered Clusters” screen – we simply select the clusters we want to protect, and click the “Add Clusters” button to finish the auto-discovery!

We now have our Amazon EKS clusters auto-detected, and now just need to add our S3 buckets –  then we can get to backing up everything we need within our Kubernetes clusters to protect our apps! To add our S3 bucket backup locations, we simply select “Cloud Settings” from the Settings drop-down menu:

We’ll then click on the “Add” button for Backup Locations, provide a name for the location, select our already configured cloud credentials we previously created for cluster auto-discovery, and enter the S3 bucket name we want to add – we’ll repeat this process for each S3 bucket we want to add. Once finished, we have two S3 backup locations created, one for normal backup/restore operations, and another for ransomware protection that has object-lock enabled (note the lock icon for the object-lock enabled bucket):

From this point on, backup and restore operations are just like we have used previously with on-prem versions of PX-Backup. Since PX BaaS inherits all PX-Backup 2.2 features, we can now backup to object-lock enabled S3 buckets for additional ransomware protection of our Kubernetes applications and data. All that is needed to run a ransomware protection backup is to select the object-lock enabled S3 bucket during backup creation:

Using PX BaaS through PX-Central is a great way to quickly and easily backup your Kubernetes applications, volumes, and components, all without having to install PX-Backup onto your target Kubernetes clusters. Go ahead and head over to PX-Central, sign up for the free 30-day trial, and get started today!

For an in-depth demo of creating your first PX BaaS instance, auto-discovering Amazon EKS clusters, and backup/restore of a simple application, check out the YouTube video below.