iSTOCK/GETTY IMAGES

Understanding and managing data protection for Kubernetes

Find out more about the three pillars of end-to-end data protection in Kubernetes in this analyst report from GigaOm. Your download awaits.

Over the last year we have moved past the initial enthusiasm and adoption phases of Kubernetes. Enterprises are moving their applications to production, and that means that every single application now has the same characteristics of any other enterprise application, including:

  • Service Level Agreement (SLA)
  • User expectations to satisfy
  • Data protection and management

At the end of the day, the adoption of Kubernetes in production environments creates new organizational and operational challenges around data that can’t be solved by traditional data protection methods. From this point of view, a new innovative approach is necessary. It has to bridge the gap between modern applications deployed on Kubernetes and traditional enterprise data storage practices and processes.

Red Hat, a leader in enterprise Kubernetes thanks to Red Hat OpenShift, has developed the right set of tools to face these challenges and respond to the most demanding business needs related to data protection for Kubernetes environments. Red Hat’s end-to-end approach to Kubernetes and data management enables users to protect data across multiple environments while providing a consistent set of enterprise-grade data services to accelerate data mobility, migrations, and disaster recovery.

The Challenge
In traditional environments, data protection methods are focused on protecting physical or virtual machines (VM), their OS, and the application installed in them. The VM is the atomic unit, and the entire environment is very static. Most applications are deployed in one monolithic VM or a few of them, separating the application at the macroscopic level (for instance, a three-tier application with web frontend, application server, and database back-end). For Kubernetes, it is the exact opposite. Applications are organized as microservices, deployed in containers, with new container instances spun up and down continuously, depending on the needs of the moment.

That said, the concept of “cattle vs. pets” can’t be applied to the enterprise. Data must be consistently protected whether the applications are installed in the cloud or on-premises, and data and applications must live together in the same environment. In fact, not all containers are the same. Some are stateless while others have data volumes attached to them; hence they become stateful. What’s more, some applications will remain hybrid with a mix of microservices interacting with VMs.

With this premise, it is clear that protecting Kubernetes applications with standard methods is impractical and not scalable.

  • Automation is impossible and the risk of getting a partial view of what to protect is high.
  • Data restore is another big challenge, especially when the target environment is different from the source.
  • Business continuity is another area to take into account.
  • Last but not least, ease of use is a priority.

The Solution
Complete end-to-end Kubernetes data protection should always be designed around three pillars:

  • Application awareness
  • Integration and data services
  • Operations and ease of use

To get a full picture of the application and its data, it is necessary to understand:

  • Initial configuration (declarative state)
  • Current state (runtime state)
  • Additional information stored in external repositories and necessary for the correct functioning of the application including parts of the etcd database, CRDs, and other resources. 

Red Hat OpenShift and Data Protection
Red Hat OpenShift is a unique solution in the market. Yes, it is synonymous with enterprise Kubernetes for many users, but OpenShift is more than that. It provides a comprehensive platform that includes storage and data services, among many other things. The result is a consistent user experience, whether OpenShift is consumed on-premises or in the cloud.

Red Hat OpenShift limits the disruption of Kubernetes adoption in traditional enterprise environments by providing functionality that is similar to those of enterprise storage systems already in place. The end-to-end approach and deep integration between Kubernetes and the storage components provides:

  • Simplified transition to Kubernetes in production: Makes it more adaptable to data protection policies already accepted by the technical and business organizations.
  • Operational continuity: Enables applications that have been moved to Kubernetes through a liftand-shift migration but are not yet ready to work in a full Kubernetes-native fashion. This also helps to migrate and preserve existing data protection policies, meeting the required levels of service.
  • Steep learning curve: System administrator and data center operators don’t need extensive retraining thanks to the easy-to-use UI and familiar concepts used in the product.
  • Developer-friendly: Developers can quickly take snapshots and build clones for test and development purposes through API, CLI and OpenShift Console UI.

In general, enterprises moving from a development phase to production for Kubernetes should always think about data protection. Traditional data protection solutions and storage systems are not up to the task, and many Kubernetes-native solutions are not designed to work well with traditional enterprise approaches.

Red Hat brings decades of experience engaging enterprise customers and environments, which has informed its effort to create data services with OpenShift Container Storage. This approach enables enterprise organizations to move critical applications into production quickly and efficiently, while backed by the proper level of data protection and without disrupting existing processes around data management and protection. At the same time, its ease of use enables IT organizations to simplify operations and give access to the data protection tools to existing system administration and DevOps teams.

Red Hat OpenShift today is already in a leading position. The addition of storage and data services to the solution stack will serve to further improve the ROI and TCO that organizations can expect to see over the medium and long term.

Learn more about Understanding and managing data protection for Kubernetes at here.

Article 2 of 5

Dig Deeper on Data center ops, monitoring and management