Essential Capabilities for Kubernetes Backup and Recovery

Enterprises are quickly moving Kubernetes into production. In fact, in a recent survey, 78% of enterprises said they were using Kubernetes in production. So a question that inevitably arises is how do you backup your Kubernetes cluster? Backup and recovery, business continuity, and disaster recovery procedures are essential for any mission-critical applications running on Kubernetes infrastructures in production. Notably, Kubernetes falls short in the enterprise when it comes to disaster recovery and other business continuity techniques such as backup and restore. It is a common misconception that applications on Kubernetes don’t need backup and restore because applications are “stateless and transient” or “distributed” and have “built-in failover.” This misconception puts your most valuable resources, data, and ultimately your businesses at risk. This is where the Portworx Storage Platform for Kubernetes  comes in, as it was specifically designed to solve the major operational challenges of running Kubernetes applications in production, including simplifying data protection, security, and infrastructure management such as Backup and Restore. 

The PX-Backup product installs into Kubernetes clusters just like Portworx does today, and this makes the addition of the backup and restore service completely Kubernetes-native for the end user. Once the PX-Backup pods come online, you are ready to start backing up applications and data. PX-Backup is a superior backup and restore service for Kubernetes clusters that includes tightly integrated multi-tenancy, data governance, policies, schedules, and multi-cluster and multi-cloud support for Kubernetes data protection needs.

Let’s dig in: Why running Kubernetes alone isn’t enough to protect your business and data.

Kubernetes is the leading orchestration system for containerized and cloud-native workloads, driving major adoption and use cases in today’s industry and enabling teams to move and innovate fast. However, those applications running in Kubernetes do not have a lot of protection built in when it comes to disasters or major failures. Kubernetes does, in fact, have built-in high-availability for individual container or node failures; this is the purpose of replicas and the scheduler that Kubernetes provides. But what if you need to backup entire applications from Kubernetes to somewhere offsite in order to protect from system failure or to complete a compliance checklist for your application? 

Without a data management platform that understands the abstractions needed to perform container granular backup and restore for Kubernetes, you’re out of luck.

Portworx and its backup and restore service target these exact challenges. It focuses on both stateful and stateless applications and data for a complete backup solution for Kubernetes. It is important to note, however, that backup and restore of PVCs is often not enough. Consider the following questions:

• How do I backup ALL Kubernetes applications?
• How can I backup Kubernetes applications, metadata, and application data for an entire tenant?
• How do I target only one Kubernetes resource out of a namespace for a backup?
• How can I restore an application or namespace to another Kubernetes Cluster?
• How can I restore applications and their data to a cluster in another Cloud or Region?
• Can I have a single pane of glass to manage my clusters, backups and restores?
  

These issues are not always easy to resolve. 

With PX-Backup, admins and users can target specific applications, objects, or namespaces from a central management point. It’s important to keep in mind that “applications” in Kubernetes may consist of many objects as well as data the application has written to a persistent volume. PX-Backup will allow users to capture all or some of this state in a backup that is completely controlled by them. To give you an idea of some of the objects that should be backed up for Kubernetes applications to be restored successfully, here is a list of objects that PX-Backup can target:

• Namespaces
• PVs
• PVCs
• Deployments
• StatefulSets
• ConfigMaps
• Services
• Secrets
• DaemonSets
• ServiceAccounts
• Roles
• RoleBindings
• ClusterRoles
• ClusterRoleBindings
• Ingress
• Certain CRDs

If you aren’t familiar with the complexity of applications in Kubernetes, you should know that Kubernetes is a distributed system, which means an application and copies of that application are spread out over a set of nodes, sometimes in multiple physical locations. Within these nodes, pats of the application run in containers within Pods that connect to other resources across the cluster. 

Let’s say you wanted to target a backup for an entire application within a namespace. All of the supported objects inside that namespace across all nodes in the Kubernetes cluster would automatically be backed up. This means that the application objects and application data will be grouped inside the backup that targets the namespace. Below is a visual example of objects that would be part of a basic application. The check marks represent everything you would need to target for a backup. As mentioned, this example is actually quite basic, but imagine you have thousands of applications that are more complex.

PX-Backup doest doesn’t stop there. Portworx will enable users to control their backups via CLI or YAML, and this is very useful. However, backup administrators often want to manage these workflows from a seamless UI for all of their applications, tenants, clusters, and clouds. PX-Backup comes with exactly this capability, a management layer for PX-Backup which is accessible through PX-Central where you can manage multiple clusters across clouds as well as create backup targets, backups, backup schedules, restores, and more. Here are a few screenshots of some of these workflows.

Admins can manage Kubernetes clusters as well as backups and restores for applications within those clusters all from a single pane of glass.

Applications may need backups to occur on a specific cadence for compliance or data protection purposes. PX-Backup schedules can be created, managed, and associated to applications and their backups.

Governance and retention means being able to lookup the timeline of your backups and data quickly. PX-Backup lets you search through the timeline of your application backups where you can see data such as which namespace they belong to and how many volumes and application resources that belong to the backups.

In summary, Kubernetes falls short in the enterprise today when it comes to backup and restore of applications and their data across the many complex configurations they may have. Kubernetes needs a data management layer that can provide these types of services for data and application objects alike, and PX-Backup can enable this.