Unlike static environments, capturing the full context of a container-based application running in Kubernetes requires a multifaceted approach. Effective backup and recovery solutions must record more than just persistent volumes (PVs) in use by an application (Figure 1). Backup orchestration must first define all components of the application, including Kubernetes namespaces, resources, internal images, and persistent volume data. Resources must then be extracted and saved to a reliable backup target, either inside or outside the cluster. Restoration must then reliably reverse that process to a cluster of the organization’s choosing. To support business continuity and disaster recovery requirements, application state must be preserved throughout the process.
Capturing the context for cluster resources and state requires API-enabled data protection management applications that can work with Red Hat OpenShift Container Platform and OpenShift Data Foundation. These API-enabled backup applications capture complete application data and metadata, providing application-granular and cluster-consistent backup and recovery (Figure 2).
- Data protection management applications handle backup policy management, backup scheduling, retention and restore management, and data movement. These applications provide full stack protection with application awareness.
- APIs collect cluster resources and metadata such as Backup, Restore, Scheduling, BackupStorageLocation, and VolumeSnapshotLocation. While these APIs are typically built into Kubernetes-native data protection applications, Red Hat provides an optional OpenShift APIs for data protection operator.2 The data protection operator enables namespace or label-scoped backups with all cluster resources and application data (PVs).
- OpenShift Data Foundation provides efficient incremental PV snapshots via the Container Storage Interface (CSI). Backups of persistent volumes are performed through standard CSI interfaces. Ceph®- CSI snapshots can be used with or without OpenShift APIs for data protection.
Data protection management solutions for Kubernetes
Organizations now have a choice of advanced data management solutions for backup and recovery. A number of popular choices are described in the sections that follow.
IBM Spectrum Protect Plus
IBM Spectrum Protect Plus is a modern data protection solution that provides recovery, replication, retention, and reuse for virtual machines (VMs), databases, applications, file systems, Software-as-aService (SaaS) workloads, and containers in hybrid cloud environments. When coupled with Red Hat OpenShift and OpenShift Data Foundation, the solution is deployed as a virtual appliance or as a container application. With support for Kubernetes, IBM Spectrum Protect Plus lets organizations protect, back up, and restore complete containerized applications, including persistent volumes, namespaces, resources, and metadata for disaster recovery or development and testing operations.
Kasten K10 by Veeam
The Kasten K10 data management platform works with Red Hat OpenShift and OpenShift Data Foundation to offer backup, restore, and disaster recovery support. With a Red Hat-certified K10 operator available in the Red Hat OpenShift OperatorHub, organizations can back up and restore all the components of an application without time-consuming guesswork. Combined with Red Hat OpenShift Data Foundation, Kasten K10 provides snapshots and cloning of persistent volumes and application metadata to one or more namespaces for backup or to multiple Red Hat Openshift clusters for backup or disaster recovery.
TrilioVault for Kubernetes
TrilioVault for Kubernetes protects application data and metadata—including pods, persistent volumes, secrets, configuration maps, and other Kubernetes resources. With Red Hat OpenShift operator certification, TrilioVault for Kubernetes protects both application data and metadata for Red Hat OpenShift applications using CSI snapshots. Namespace users can restore applications on demand. The intuitive, click-driven user interface provides discovery, monitoring, operations visibility, and management. Monitoring and metering is supported with Prometheus and Grafana, with logging and tracing supported by Fluentd.
Bacula Enterprise is a broad enterprise backup and recovery solution that offers advanced and automated backup for Red Hat OpenShift applications. Bacula lets organizations protect container deployments and other IT infrastructure with a single backup and recovery solution. Ideal for hybrid cloud environments, Bacula Enterprise can help modernize your enterprise datacenter backup strategy, increase enterprise data backup software efficiency, and significantly reduce costs. Native hybrid cloud integration includes support for Amazon Web Services (AWS) Simple Storage Service (S3), Microsoft Azure, Google Cloud, Oracle Cloud, and Glacier.
Building in data resilience
Achieving stringent service-level objectives requires true data resilience. Red Hat realizes that business continuity and effective disaster recovery for Kubernetes applications requires a committed and comprehensive approach. Red Hat innovates and develops technologies that help organizations move toward zero or near-zero recovery time objectives (RTO) and recovery point objectives (RPO), allowing them to recover from:
- Localized failures. Backup and recovery using CSI snapshots and API-enabled backup and recovery applications is the first step in recovering from localized failures.
- Regional disasters. Asynchronous mirroring and site failover and failback automation can provide resilience from regional disasters.
- Metro site failures. Stretch clusters with arbitration can provide resilience and true-zero RPO and RTO in the face of larger-scale failures and disasters
With many of the foundational elements already in place, these technology approaches and others remain an ongoing focus for providing even greater data resilience in upcoming versions of Red Hat OpenShift Data Foundation.
Red Hat OpenShift Data Foundation, paired with third-party data protection management solutions, provides robust data services for production container-based applications running in Red Hat OpenShift. Open and standard technologies like Ceph-CSI snapshots help provide portability across clusters and clouds, as well as version independence, while giving developers and administrators tools for cloning, backing up, and restoring their apps and associated data. Multiple third-party backup and recovery solutions now support API-enabled applications running under Kubernetes. Organizations can use their favorite backup and recovery solution as they move to containers, gaining consistency across multiple deployment environments, whether physical, virtual, or in a hybrid cloud.