Virtualization Technology News and Information
Making Your Kubernetes Backups Work for You - They are not just for recovery anymore!
By Bob Adair, Product Manager, CloudCasa by Catalogic

Kubernetes is well known for its complexity, and properly protecting Kubernetes can be as complex as managing it. Backing it up is more complicated than backing up your other systems because of the multiple layers involved. The underlying worker nodes are often ephemeral, or at least expendable. But the configuration of Kubernetes itself, the Kubernetes resources which are typically stored in etcd, and the data stored in persistent volumes all need to be protected. If you are using managed cloud-based Kubernetes services such as EKS, AKS, or GKE, the configuration for them is stored in your cloud provider, and that should be preserved as well.

There are key factors to consider when deciding what parts of your Kubernetes infrastructure need to be protected, deciding what sort of protection they need, and choosing a protection solution. When evaluating Kubernetes backup solutions, remember that backups can be used for much more than just simple in-place recovery scenarios. While in-place recovery may be the most important use to which you will put your backups, it is likely that you will use them more frequently for other purposes. It is important to keep these other use cases in mind when choosing a backup solution and deciding which of your clusters to protect and how to protect them.

Disaster Recovery

First, consider your DR requirements. What would you need to do to recover in the event of a disaster? This could be the loss of an office or company datacenter, or it could be loss of access to a cloud provider account, region, or availability zone. Keep in mind that the need for DR may be triggered by events other than actual disasters. Cyber-attacks, outages, and even billing or legal disputes with service providers may call for activation of a DR plan. If you have lost an office or datacenter, you may want to restore to the cloud. If you have lost access to a cloud provider account, availability zone, or region, you may want to restore to a different account or region, or even a different cloud provider. In most of these use cases, the underlying infrastructure you are restoring to will be different from that which you backed up from. And any backups or snapshots stored locally may be destroyed or inaccessible.

Archive for Compliance and Legal

Next, consider your compliance and legal requirements. Developers and DevOps teams may be unfamiliar with the requirements imposed on them and their data by various laws and regulations. Unlike corporate IT operations teams, they may not yet have experienced the legal discovery process and various compliance audits. But like taxes, they are out there waiting for the initiated and unsuspecting alike. In today's increasingly litigious environment, even teams that are not in highly regulated industries like finance and health care are likely to have requirements imposed on them by their company legal departments. Backups may need to be taken at certain intervals and retained for certain periods. In these use cases, they also must not be retained beyond certain periods. In other uses cases, they may need to be unalterable. Consistent adherence and proof of adherence to policies is important. So is the security of the backups, and in many countries, the location of the backups, due to privacy and data sovereignty requirements. And of course, most important of all is the ability to reliably restore the state of your application on a specific day or time when needed.

Migration and Cloud Mobility

Another important use for Kubernetes backup solutions is migration. A good solution can make it easy to move a whole cluster or a single application or namespace from one location to another. This may be to a new cluster, a new cloud account, a new region, or a new cloud provider. This is not always straightforward since configuration data such as storage classes may need to be remapped from one cluster or type of cluster to another. Look for a solution that automates this as much as possible.


Finally, a backup solution can be useful for replicating production Kubernetes environments for development and test. The requirements for this are like those for migration, but with important additions. First, it can be useful to trigger both backup and restore jobs either on a schedule or programmatically via an API or CLI. This can allow for scripted deployments, or deployments automatically triggered in your CI/CD pipelines. Second, you will often want to use different configurations for your dev/test cluster than you do for staging and production. If your solution can auto-create clusters for you in the cloud, it should also allow size and scaling-related parameters to be changed on restore. Third, you should make sure your solution provides a way to cleanly overwrite your dev/test environment with production data when restoring to an existing cluster.

Try Before You Buy

Think carefully about the ways in which you may want to use your Kubernetes backups before choosing a backup solution. A solution that may seem fine for simple restores may turn out to not be what you really need for more advance use cases. If in doubt, be sure to talk to the solution vendors and do proof-of-concept (POC) tests to try solutions out for yourself. SaaS solutions can make a great starting point for POCs, since there is no software to install or infrastructure to set up. At CloudCasa by Catalogic, we are always happy to talk to users and share our insights and experience, even if it is just to help crystallize their requirements!


To hear more about cloud native topics, join the Cloud Native Computing Foundation and the cloud native community at KubeCon + CloudNativeCon North America 2022 in Detroit (and virtual) from October 24-28. 


Bob Adair, Product Manager, CloudCasa by Catalogic


Bob Adair is the product manager for CloudCasa at Catalogic Software. Bob has 30 years of experience in the IT, storage, and data protection industries. Since beginning his career in IT on Wall Street, he has held senior positions in engineering and product development at companies including Storage Networks, Veritas, Symantec, Savvis, EMC, and Dell.

Published Thursday, October 13, 2022 7:31 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<October 2022>