As we wrap up the 2021 VMblog Mega Series Q&A series, we speak with Sathya Sankaran,
Chief Operating Officer at Catalogic Software, and we're diving into the topic of Kubernetes and containers.
VMblog: Provide
a little backgrounder information on the company. What does your company look like in 2022?
Sathya Sankaran: Catalogic
Software had been in the data protection business for over 25 years. In
November 2020, we launched CloudCasa, a new Kubernetes backup-as-a-service
offering with a free service for Kubernetes developers. In May 2021, we sold our
enterprise copy data management business to our strategic partner IBM,
providing the capital for us to accelerate our entry into this new and exciting
cloud-native data protection market. We have quickly caught up with the early
market leaders and recently CloudCasa was recognized as a fast mover and
emerging leader in the GigaOm Radar for Kubernetes Data Protection report.
In 2022,
we will expand our enterprise multi-platform, multi-cloud, and multi-team capabilities and deliver new cyber resiliency features and continue to offer
great value to developers and DevOps teams with our free service plan. And we look forward to meeting people in
person at the KubeCon + CloudNativeCon conferences in Europe in May and in
North America in September.
VMblog: We are here to talk about Containers and Kubernetes.
How does your company define it and look at it?
Sankaran: Containers are at the core of many digital transformation
initiatives where a top business driver is to speed up the development and
delivery of applications in cloud environments. Containers are a natural
evolution from virtual machines to a more granular and portable application
environment in clouds. Kubernetes has emerged as the de facto, open source
platform for managing containers, including automating deployment, scaling, and
operations of containers across clusters of hosts.
The opportunity we see with containers and
Kubernetes is to address the services not provide by Kubernetes including data
protection and disaster recovery across multiple Kubernetes and cloud environments.
VMblog: What
are some of the benefits of Containers and Kubernetes that people should be
aware of?
Sankaran: Enterprises are always trying to do more
with less and containers are the latest computing abstraction and efficiency
framework for cloud computing and cloud applications. Containers reduce the
footprint of applications and make them more computationally efficient, and in
addition, they make your code portable to many different platforms at once.
VMblog: For
the less-technically knowledgeable business user, how do you describe
containers and Kubernetes and why they are important?
Sankaran: Here's an analogy - most of us drive to a
grocery store in a car. A car is a framework for orchestrating a million
discrete parts (the microservices) that work in conjunction in the car to get
you to the grocery store. Similarly, containers are the discrete parts (the
microservices) that make up an application. Kubernetes is the car orchestration
framework that provides granular control of the microservices, to make sure the
containers are all working in sync and allowing the application to scale up or
down when you press on the gas or brakes.
VMblog: Are
there any drawbacks to containers that people should be aware of?
Sankaran: While containers and Kubernetes give you
plenty of granularity and flexibility, the skillsets needed today are higher than
compared to maintaining virtualized applications. Also, think back to when
organizations started projects to transition to VMware, but there was a
shortage of people and experience on how best to operate in a virtualized
environment. We currently have a similar shortage of DevOps and Kubernetes
skills and experience.
VMblog: What
are the top challenges of DevOps implementations?
Sankaran: In some ways the challenges of the DevOps model are related to its strengths. DevOps
is intended to make the enterprise nimbler by decreasing the time it takes to deliver
new applications or iterate on existing ones. It does this by breaking down
some traditional organizational barriers. The DevOps team is empowered to make
rapid application changes and bring them to production, along with whatever
infrastructure changes are necessary to support them. This is very effective,
because the development team typically has the best understanding of the
application and what it needs to run. However, they don't always have the deep
understanding that specialist IT teams have of ancillary areas like data
protection, security, networking, monitoring, etc. And due to the velocity that
DevOps teams can operate at, sometime these topics don't get the attention they
need.
VMblog: What
are the current Kubernetes and Container trends your company is seeing in the
market?
Sankaran: Trends are often nothing but our collective
reaction to customer demands.
Trend 1: Multi-cloud applications
Portability is great, but I want simultaneous interoperability in a multi-cloud
environment. As we see more cloud outages as we have seen with AWS, there will
be a tremendous opportunity to build solutions that work seamlessly across different
cloud environments.
Trend 2: Cyber Resilience
We write code once; it can run anywhere, but is it malware? All kidding aside, security
is a joint responsibility when it comes to cloud environments. We see cyber
resilience becoming a prime design consideration when it comes to Kubernetes
environments.
Trend 3: Skills Shortage
Where are the Kubernetes experts at? Over
100,000 people registered for Kubernetes certification courses in the last year
alone. The industry is adding skills at a rate that is comparable to the rise
of VMware 15 years ago. Learn or be left behind.
VMblog: What
role does a Kubernetes software platform play in the public cloud?
Sankaran: Kubernetes has become the de facto standard platform for how new applications
are deployed into the public cloud. We see three types of applications in public
cloud:
-
Cloud-native - Applications that are born in the
cloud. These tend to be containerized more often than not, and Kubernetes is
already the de facto standard here for AWS, Azure and Google.
-
Cloud-migrated - Applications that have been
lifted and shifted to the cloud. This is often due to someone's vision to rely
on cloud computing rather than expanding a datacenter footprint.
-
Cloud-transformed - Applications that were
migrated but are now being re-platformed to optimize for cloud resources. Much
of Kubernetes' initial growth will come from this bucket of application.
Adoption will not be a problem because it can show tremendous cost savings when
transformed.
VMblog: What
are the major challenges that enterprises face when using containers at scale?Sankaran:
In addition to the growing need for skillset, we see 3 main challenges:
- Security - More moving parts in
the open can imply more holes to take advantage of. Do you want your clusters
mining crypto for someone else at your expense?
- Governance- Multi-cloud
operations, data protection, multi-tenancy are all challenges that the
ecosystem is fast addressing.
- Observability - The eventual
success of Kubernetes will be when people can understand and manage their
operations and see that they have it under control.
VMblog: What
are key best practices that enterprises leverage to help mitigate management
challenges of large-scale container usage?
Sankaran: Based on the above challenges, here
are some corresponding best practices:
- Security - It is important to
design applications with security in mind. Start with a security posture review
that spans across your Kubernetes environments as well as your cloud environment. Keep in mind that Security is a layered concept,
and it is not a discrete state. The more layers (configuration, container, and
network scans) you add to protect your environment, the harder it is for a
cyber attacker to find vulnerabilities to exploit.
- Governance - Go back to your
basics. In our line of business, it is both fascinating and frustrating to see
people choose to not do backups because of misconceptions such as "containers
don't persist state" and "our cloud provider takes care of backups."
- Observability - If you are using
Kubernetes and not using an open source monitoring tool like Prometheus, you
are doing it all wrong. By the way, don't forget to backup your Prometheus configuration
and data as well.
VMblog: Data
security and governance, especially with the emergence of the cloud, are top
concerns of modern enterprises. Do containerized applications pose the same
risk to data?
Sankaran: In many ways, the risks are the
same, but new security solutions are needed. We think of Security in two ways:
-
Protecting your data from unauthorized access: Containers have isolation built into their namespaces framework to limit
unauthorized interactions. But runtime security becomes extremely important to
make sure containers are doing what you want them to do.
-
Protecting you from uninterrupted operations: Locking someone out of your car is easier than protecting your side
mirrors, exhaust, and tires from tampering. Containers have more layers and
more dynamism, and that requires more protection. Cloud providers help, but
enterprises need to do their part with purpose built vulnerability management
tools and services.
VMblog: Where
does your company and product lines fit within the Container and Kubernetes space?
Sankaran: At Catalogic, we've built a cloud native
(born in Kubernetes in the cloud) backup service called CloudCasa that is
focused on protecting container and cloud native workloads. We are educating
users every day that containers generate persistent data more and more and that
data needs to be backed with retention polices for compliance. We are also
helping them understand that the public cloud provider, or your IT team if
self-hosting Kubernetes, cannot restore your Kubernetes environment in case of
data loss if you don't backup your Kubernetes resources and your application
data. This is like the early days of
VMware when restoring a server or a volume snapshot did not restore the VMware
environment, and VM backup specialists like Veeam arose.
VMblog: Finally, how
are you different from your competitors?
Why would someone prefer your offerings to those provided by others in
the industry?
Sankaran:
- CloudCasa is a SaaS application that was built
with Kubernetes for Kubernetes environments. DevOps and developers are already managing
a million moving parts that are constantly changing underneath them. CloudCasa
does all the work for them to protect and recover their applications and data. And as a SaaS application, there is no software to install and patch and
no need to manage a backup environment or even to monitor the backups, given
CloudCasa does that for you also.
- CloudCasa is cloud-aware. Sounds kind of obvious to say that, but as an
application built with Kubernetes to support all distributions and clouds, and
that runs in multiple cloud environments, we really understand Kubernetes and
the differences between public clouds, so we can hide all that complexity.
- Catalogic is proactive with security: As your data
insurance policy, we are also motivated to help ensure that your data and your
Kubernetes and cloud environments are secure. Therefore, we have built in
security scans for your Kubernetes and Cloud environments that warn you ahead of
what you need to do to be cyber resilient and prevent data loss and
interruptions.
- Free Service Plan - CloudCasa is free forever if
you just want to protect your data with snapshots. The free plan supports an unlimited number of
worker nodes and clusters across multiple distributions and cloud providers,
even on-premises. We only charges users
when they want to make backup copies with retention policies in addition to managing
snapshots.
##