Kubernetes Automated Data Protection with Portworx Backup
Kubernetes Automated Data Protection with Portworx Backup
March 15, 2023
Automated data protection solutions in Kubernetes simplify the backup process, increase productivity, and reduce the risk of data loss. Portworx Backup has been helping customers automate the backup process, eliminating the need for manual intervention and reducing the chances of human error. Read this article about how one of the largest financial institutions uses Portworx Backup to protect their data on Kubernetes.
Beginning with Portworx Backup 2.4.0, we have added another level of automation to the existing scheduled backup. With this feature, DevOp administrators can just add an associated label to any namespace, and Portworx Backup will automatically backup the namespace from the next scheduled backup. Customers can manage their Kubernetes applications at scale and enable application developers to create and manage their own application namespaces while ensuring that they are properly protected, meeting their organization’s backup SLA requirements, and maintaining compliance. The diagram below shows an overview of how this namespace labeled automated backup works.
To use this automated data protection, create backup Schedule Policies based on SLA requirements first.
Next, to test this, you can label at least one target namespace to start.
Then create this automated backup with the associated namespace label and a Schedule Policy.
As the diagram shows above, each time the scheduled backup initiates, it will scan all the namespaces and compile a list of all the namespaces with the label specified. This process will automatically include newly created labeled namespaces to the backup list. It also removes any namespaces from the backup list once the associated label is removed from the namespace.
Finally, all the namespaces and resources contained in the backup list are backed up.
Repeat Step 4 and 5 again when the scheduled backups get triggered.
If you don’t want to backup the entire namespace, you can use resource labels to define more granular backup policies. You can find how to do this later in this article.
Configure Automated Backup with Namespace Labels
This section shows how to set up automated data protection with namespace labels. Once you log into Portworx Central, navigate to the Portworx Backup dashboard and select your Kubernetes cluster. Before you start to filter your namespaces with labels, you need to add labels to your target namespaces. You can use following command:
In the Add Namespace label field, as shown below, enter backup=auto and click the “+” button. This filters all the namespaces with backup=auto label. Now click the Backup button to create a backup.
The following Create Backup window will appear. Enter a name for this backup job. In this example, we entered auto-backup1. Since we are creating an automated scheduled backup, select the On a schedule radio button and select a Schedule Policy from the dropdown menu. In this case, we have created a scheduled policy that triggers backup jobs every 15 minutes. To read about how to create a backup schedule policy, click here.
Now, let’s create a new namespace called mysql1 and add the same label as highlighted below. A MySQL container will be deployed right after this.
In our test, the MySQL container and all the related resources under the namespace mysql1 were automatically backed up with the scheduled policy within 15 minutes.
We can view more details by clicking into one of the backups. The mysql1 namespace showed up in the NAMESPACES section, and a total of two volumes are in the backup now.
Specify Resources within the Namespace for More Granular Automated Backup
To automatically backup only certain resources within the namespace, you can add Resource Labels. For example, if you want to backup only PostgreSQL containers, you can assign a label such as app=postgres, as shown in the example below. (In this case, this app=postgres label had already been added in the deployment YAML file.)
As shown here, in the Portworx Backup cluster page, keep the namespace label on the left side and add the resource labels on the right side. In this example, we added an app=postgres label. Click the Backup button to create an automated backup.
In the Create Backup window, your resource label is listed in the RESOURCE LABEL SELECTOR section. Provide a backup name, such as auto-backup-postgres, and select a Schedule Policy. In the NAMESPACES LIST, mysql1 is also listed. This is because both namespaces use the same label, backup=auto, as shown from the previous example. However, if no resources are labeled as app=postgres within the mysql1 namespace, then nothing from mysql1 namespace will be backed up. Click the Create button to create the scheduled backup.
Next, let’s deploy another PostgreSQL app in a new namespace called postgres2 and add the same label, backup=auto, to the namespace. We used a postgres-db.yaml file to deploy the PostgreSQL container, which has the app=postgres label assigned to it already.
In our test, this newly created PostgreSQL container was automatically backed up successfully after 15 minutes. The screenshot below shows that the auto-backup-postgres backup initially had one volume and three resources. On the second backup, it automatically picked up new deployment and backed up two volumes and six resources.
The Backup Details window shows the newly added namespace postgres2 and that an additional volume was added to the backup
You can go to the Schedules tab to view the list of scheduled backups and their associated labels. Again, in this example, we have the following:
Auto-backup1 with namespace label backup=auto to automatically backup everything in the namespaces every 15 minutes
Auto-backup-postgres with namespace label backup=auto and resource label app=postgres to automatically backup only PostgreSQL apps in the namespaces every 15 minutes
This automated data protection feature can significantly reduce the time and effort required to define the backup policies if you are running Kubernetes clusters at scale. To learn more about how Portworx automates data protection on thousands of Kubernetes clusters for a major credit card service company, make sure to read the article below.