Kubernetes Backup with Commvault – New full cluster and etcd protection
As more organizations migrate business-critical applications to run on modern containerized infrastructure, Kubernetes is the defacto choice for container orchestration. However, it also means that businesses that may not have a disaster recovery strategy for Kubernetes and their containerized infrastructure must have the right tools for data protection on-premises and in the cloud to ensure their Kubernetes environment, containers, persistent volumes, and other resources are protected. Commvault recently announced they have expanded protection for Kubernetes workloads. Let’s look at Kubernetes backup with Commvault and the specifics of the announcement and features provided.
What is Kubernetes?
What is Kubernetes? Kubernetes has become the de facto standard for container orchestration. Containers in themselves are not resilient, provide high availability, or scale automatically. These missing features are where Kubernetes comes in.
Are organizations moving to containerized workloads running on Kubernetes? Organizations are increasingly adopting Kubernetes to modernize their environments and accelerate the migration of applications to the cloud. According to Gartner, by 2025, 85% of global enterprises will be running containerized applications in production.
Note the following Kubernetes-specific components and terminology you may have seen:
Provides many features and capabilities
While they are not technically the same, we can liken many of the features Kubernetes provides to the capabilities modern hypervisors provide with their high availability and scheduling features to VMs. They ensure virtual machines are resilient to failure and run efficiently. Kubernetes performs many of the same functions.
API server resources
If a Kubernetes host fails, it ensures containers are respun on healthy Kubernetes nodes. The Kubernetes API server provides API resources allowing developers and DevOps professionals to interact with the Kubernetes API server and the workloads running within the K8s cluster.
On-premises and cloud options
There are many ways to run Kubernetes. Many organizations run Kubernetes on-prem or in their own private cloud data centers. Others may use Amazon ECS or Azure Kubernetes Service to run their workloads and data in cloud Kubernetes offerings.
Kubernetes cluster backup challenges
As businesses delve into running modern workloads in Kubernetes environments, traditional backup solutions are not suited to provide data protection for modern Kubernetes workloads for backup and recovery.
Organizations may struggle to protect persistent storage via a container storage interface CSI or have the ability to provide application backups for critical container applications like MySQL or others running as container-based workloads.
Commvault Metallic VM and Kubernetes backup
Many may already be familiar with the Commvault Metallic VM and Kubernetes backup solution. It is a single solution to protect workloads in hybrid virtual environments. It can protect on-premises VMs running in Microsoft Hyper-V or VMware vSphere to cloud-native workloads running inside an Azure VM. The solution is a full Backup-as-a-Service (BaaS) solution alleviating the day-to-day management tasks of backup infrastructure.
Extended Kubernetes Backup features with Commvault
On October 25, 2022, Commvault has announced enhanced Kubernetes protection with complete protection for the entire data protection estate. What do these latest Kubernetes protection capabilities include?
Full cluster protection
Full Kubernetes cluster protection
This feature provides the “easy button” for K8s and backup admins to protect everything on their Kubernetes cluster. When Commvault says they protect everything, this includes details such as cluster-scoped resources, namespaces (even those freshly discovered during backup), and other relevant resources.
Admins no longer have to worry about selecting individual namespaces or applications within a specific namespace to provide full protection and resilience to cloud-native applications, ensuring optimal performance.
What if you want more granular namespace protection? In addition to the full cluster backups, Commvault Kubernetes backup provides namespace-level protection to protect namespaces, applications, and specific resources. It will even grab unreferenced resources within the namespace that Commvault calls “orphans.”
K8s admins understand how important etcd is to Kubernetes. It is the distributed, replicated database that Kubernetes uses to store the cluster configuration. So, data in etcd it needs to be protected as part of critical backup operations.
etcd backups are a required element to recover self-hosted, self-managed Kubernetes clusters
If you lose all control plane nodes, you would require etcd state and critical information to recover
Simplified recovery for etcd data is critical for streamlined, efficient operations
The architecture of the Commvault Command Center etcd backup and restore:
It is a simple toggle button to setup protection for etcd:
Commvault Components for Kubernetes Backup
Note the following Commvault components for Kubernetes Backup:
Access node – VSA Access node components are outside the Kubernetes cluster
Virtual Server Agent – You can deploy the Virtual Server Agent (VSA) software on one or more machines to protect virtual infrastructure. A machine with the VSA package acts as a dedicated access node (called a VSA proxy) to start and manage backups and recovery
Kubernetes backup new features with Commvault FAQs:
Can Commvault only protect certain Kubernetes cluster components? With the new enhancements, Commvault can now protect entire Kubernetes clusters and their resources, including the etcd database.
Can you still perform granular backup and restores of Kubernetes clusters if you choose? Commvault allows granular restores at namespace, persistent volume claim, and individual resource levels.
Do you have to install components inside the Kubernetes cluster with Commvault data protection? No, Commvault has no permanent footprint within the cluster. All Kubernetes cluster communication takes place using the Kubernetes API endpoint only.
The new Kubernetes backup features found in the Commvault Kubernetes backup enhancements in their portfolio are excellent. It will give administrators the “easy button” to protect their modern workloads running inside Kubernetes. Protecting critical components such as etcd easily will provide the time machine needed for administrators to fully recover a lost cluster, i.e., all control plane nodes are lost.
Check out the following Commvault resources for further details on the latest enhancements with Kubernetes backup: