Skip to Content
17:41 Video

It's a Brave New World: Demystifying Data Protection for Kubernetes

Containers can't be backed up the same way as other applications. Discover why as we dive into the elements of a Kubernetes-native data protection solution.
Click to View Transcript
00:08
Michael Ferranti: Hello, everyone, thanks for joining, really excited to be here with you today virtually. Looking forward to week two, when we can be together in person. I want to talk to you today about demystifying data protection for Kubernetes. It is indeed a brave new world. My name is Michael
00:29
Ferranti, Sr. Director of Product Marketing at Portworx by Pure Storage. And the only thing that we do, what works is help customers succeed running data rich applications on Kubernetes. So we think a lot about data protection, and what's needed from a capability perspective. And from an experience
00:51
perspective, and I want to share some of that knowledge with you today. In terms of what I want to talk about, it's four basic things. One, what is the research say about container backup? What's different? What's the same? Two?
01:08
Why do we need a new approach for container data protection? Because gonna I'm gonna, I'm going to give away the punchline, we do need a new approach. What does that approach looks like, look like? What are the essential elements of a Kubernetes native backup solution? And how can you get
01:28
started? How can you try PX backup, which is simply the easiest way to get started protecting your mission critical production applications running on containers and Kubernetes? So let's dive in. So what does the research say? Well, luckily, ESG put together a really comprehensive survey of IT
01:54
professionals about the state of container adoption, and how those organizations are thinking about the key topic of data protection. And there are a couple of stats that jumped out at me in this report, the first group, it really looks at what is the state of market adoption of containers, right? If If
02:16
hardly anybody's using containers, then what a container native approach or a Kubernetes native approach looks like? It's really an academic exercise, right? It's something that's going to be interesting, two or three or four years from now, but right now, right? You've got a lot of great
02:31
sessions to choose from, at accelerate, why are you going to come to this session? Right? But if if containers are mainstream, then we really need to figure out how do we protect our applications running in these new environments. And it turns out that containers are mainstream, two thirds of
02:50
respondents reported not just running containers, but running containers in production. Now, what that looks like today is there's still more VMs in our environments than there are containers. But in 24 months, respondents expect that they'll actually have more containers running than they do VMs. Now,
03:15
many of those containers will probably be running themselves in virtual machines. But we'll look in a little bit about why VM optimized data protection is still not a good fit for our containerized applications. And the next point that I think is really relevant for when we start to say, What's different
03:36
about containers is that containers run across multiple environments, they don't only run in the cloud, they don't only run on prem, they run in both of these environments was 71% of respondents saying that they plan to deploy containers across cloud and on premises. Now, this next stat is is really
04:00
a wake up call on and I thought that there was going to be a misperception in the market around what a backup solution can do for containers because this is an early market, right? And we're all learning. But the level of misperception is, I think, quite alarming, because unfortunately, it's going to
04:25
expose customers to a number of risks that we'll talk about here in a minute. Okay, enough drama. What are we saying? Well, ESG asked, Do you believe container based applications can be backed up the same way individual applications are backed up, right? Yes, 300 people this? and 75% of respondents said yes,
04:48
essentially, we can back up our container infrastructure and our containerized applications. The same way we're backing up the rest of our applications and that is categorically not The case there are some specific attributes of containerization and how containerize applications are run with
05:08
something like Kubernetes that that make for a mismatch between our existing tooling. And what we need for these new modern environments. Now GigaOm. Another analyst firm who's written widely on this topic on they actually put together what they call a GigaOm Radar Report for Kubernetes data protection,
05:30
looking at the market and all of the various solutions for Kubernetes in that market, and then kind of ranking people in what is essentially their version of the Gartner Magic Quadrant. And Portworx is a leader in that really proud of of that position.
05:45
But what they said about the market in general, is that without container granular backup options for Kubernetes, enterprises are exposed to data loss, downtime, and lost customer loyalty. Why is that? Well, it's because existing data
06:04
protection solutions don't work, or at best are not optimized for container environments. And so so why is that? Why do containers require a different approach? The answer is threefold. Okay, so
06:22
first, traditional backup tends to be machine focused. So we we backup the server, we migrate the server, we set up DR for the server. And that works well, when an application one application is running on one server. So if we want, if we want to back up the app, we can take a snapshot of the server
06:45
and these these concepts essentially is a one to one mapping, that breaks down in a containerized environment where we're running, our application is made up of multiple containers, and those multiple containers are running across a fleet of servers, or they're running across a cluster. The
07:04
second point is that traditional backup doesn't speak the language of Kubernetes. So not only is it not container granular. But it also doesn't understand key management concepts like namespaces, within
07:18
Kubernetes, things that make our applicate make managing our applications much more efficient within a containerized environment. And they don't understand how a big part of what makes a Kubernetes application is its configuration. Right. And I'm going to talk more about that in
07:34
a minute. And the last point, and I think this one is just as critical as the first two is that traditional backup is centrally managed. What I mean by that, I mean that is managed by a backup administrator. And so when I need to create a backup, when I need to restore a backup, I'm going to go to a
07:51
person in the organization whose job it is to manage this process. Within Kubernetes. Everything is self service, individual delt developers, individual DevOps teams are themselves managing their applications. And so we need to enable them with data protection. Okay, the ability to
08:08
create those protection policies, and the ability to restore applications based on those policies for a self service experience. Okay, so so that's why we need a different solution. So So what does a native solution for containers and Kubernetes look like? Well, it looks like this, right? It's
08:31
five elements, that when you bring them together, give you the same level of resiliency and data protection and security, as you're used to with your traditional applications, but optimized for Kubernetes, optimized for microservices and optimized for a self service experience. So let's look at
08:52
each of these elements in turn. The first element is container granularity, right? So if we're talking about Kubernetes, and we're talking about containers, this makes sense. What I mean by this is that we can't we can no longer take machine based backups, we need to be the backup individual containers.
09:12
Right. And as you can see in this diagram, right, this this this metaphorical cluster of servers with two different applications running one is purple. One is one is green, that the purple app is running across multiple servers. But it's also composed of multiple containers running across those
09:33
servers. So when I backup this app, I actually need to backup this container and this container and this container and this container. I can't just back up the server. The next element is that we need to be Kubernetes namespace aware. Okay? What I mean by that is Kubernetes is a massively
09:56
powerful way to run large scale out applications. It is also not known for being simple. But the levels of abstraction that Kubernetes introduces, like namespaces are really useful when you are running large, complex applications. And so if you don't understand how to take advantage of the, the
10:23
granularity that Kubernetes provides, right, if you can only backup an individual container, but you can't back up groups of containers that are organized within a namespace, right and backup everything in that namespace, then you're going to be at a disadvantage, right, you're going to have to do
10:38
things manually. And when you do things manually, you open yourself up to risk. So your your backup solution needs to speak the language of Kubernetes, including this concept of namespaces. Next, your, your backup solution needs to be truly application consistent. So in a Kubernetes
11:00
environment, um, you know, we run dozens of different microservices that that what Kubernetes is all about, it's about decomposing our monolithic applications into a series of micro services that can be independently managed, deployed, updated. And increasingly, each of those micro services is
11:19
backed by a different data service, I might have Elasticsearch for my search experience on my website, I might have Cassandra for transactions, I might have Kafka for moving data between various micro services. Okay, so I have these different data services that are that I'm using. And
11:37
increasingly, these data services are themselves distributed systems just as as Kubernetes is a distributed system. And so if I want to backup Cassandra, I actually need to take a snapshot of this distributed database that's running across multiple servers, and I can't just take a series
11:56
of points in time snapshots and have something that I can actually recover. If I need to restore my application, I need to be able to take that backup at the application level, I need to go into Cassandra, okay, I need to query the database, I need to flush any pending writes to disk,
12:13
I need to take my snapshot. And they need to unlock everything and run kind of a repair process to resync. Anything that came in in the meantime. Okay. That's what it means to take an application consistent snapshot of a distributed database. But the process is different for different databases is different
12:30
for Mongo. It's different for Kafka, it's different from Elastic Search, and how can you as an opera operator, as a platform architect, or as a storage administrator, provide that consistent experience for your end users, regardless of the type of data service that they're running? Well, you need
12:50
a backup and recovery service that understands the differences between these types of modern applications and can provide application consistent backups. The next point is also critical. You need to be able to backup not just data, right? And a lot of what I've talked about assumed data, right? We're
13:12
talking about data services, we're talking about databases, queues, key value stores, things like this. So of course, we need to backup our data. But the data only is a small part of an A Kubernetes application, a big part of the application is stored in configuration files, Kubernetes objects, and we need
13:32
to be able to backup this state as well. So on things like pvcs, controllers, service accounts, custom resource definitions, crds, also known as operators, all of this state, is absolutely critical for our ability to deploy a Kubernetes application. And so what are we gonna want to what do we want to do with our
13:57
Kubernetes app backup? Well, if we need or if we need it, we want to be able to deploy it. How do we deploy what we deploy with Kubernetes objects we deploy with configuration, right, that points to resources like volumes. So if that configuration is missing, our ability to recover application
14:15
is dramatically reduced. And we're starting to start talking about long manual restore processes that can lead to customer downtime to loss, customer loyalty, all of the things that get pointed out in a few slides. Okay, so so the next thing and ESG pointed this out, is that all of this needs to be
14:38
optimized for a multi cloud world, right? Where do we run? Do we run the Amazon? You were running Google, do we run on prem? Do we run an Azure? Yes, that's the modern reality, which is that containerized applications run in more than one environment that is not the exception, that is the norm. And
14:57
so if you have a data protection A solution that's optimized for on prem? Well, you're going to have to have a different solution in the cloud. And vice versa. If you have a solution that works for you in the cloud, but it doesn't work on prem, then you need to be able to figure out how to manage that
15:11
you need a consistent backup and recovery experience, regardless of the infrastructure that you are running on. That's what PX backup is all about. px backup provides a consistent experience for backup and recovery, regardless of the infrastructure that you are running on. It is it contains all five of those
15:38
elements. It is container granular. It is Kubernetes namespace aware, it allows you to take application consistent backups that include all of your Kubernetes configuration, as well as your data. And it's optimized for a multi cloud, multi cluster world. You can try it for free, just go to
16:00
portworx.com you can get a free 30 day trial. And if you want to learn more, we have a lot of resources for you. We have demo videos we have. We have live tutorials that you can go through where you can actually set up how to how to run PX backup, we've got white papers and solution briefs. And a lot
16:23
of these materials will be available for you as part of accelerate. So we encourage you think about what is my data protection strategy for containers. And understand that while it may be complex to build a Kubernetes native solution, like PX backup, it's very easy to consume one, right? It's a
16:45
service, you sign up for it. And you set up your your backup policies, you set up your backup location, and now your applications are protected. And your developers have a self service experience that they that they love, while giving you the ability to
17:04
to ensure kind of your own compliance guidelines. Write your own security in your own data protection guidelines at a corporate level. That's what PX is all about. We're in we're at zero compromise, right? You can have your cake and eat it too.
17:20
So with that, thank you so much for joining me. I hope you're enjoying accelerate. I've been watching some sessions and I'm learning a lot. So so thank you have a great day.
  • Portworx
  • Containers
  • Enterprise Data Protection

Demand for containers isn't just on the rise, mainstream market adoption of containers in production is already mainstream. An ESG Survey of IT professionals found that two thirds of of respondents were running contaners in production, and 71% of respondents plan to deploy containers across cloud and on premises environments. And while 75% of enterprises think they can get away with conventional backup and data protection strategies, the truth is that containers operating both on-premises and in the cloud come with a host of unique risks that need to be addressed.

In this presentation Michael Ferranti, Sr. Director of Product Marketing, Pure Storage walks us through the reasons you need to modernise your data protection strategies for your containerized apps, and how Portworx (PX) Backups can help you protect your mission critical Kubernetes workloads.

12/2024
Portworx on Red Hat OpenShift Bare Metal Reference Architecture
A validated architecture and design model to deploy Portworx® on Red Hat OpenShift running on bare metal hosts for use with OpenShift Virtualization.
Reference Architecture
33 pages
Continue Watching
We hope you found this preview valuable. To continue watching this video please provide your information below.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Your Browser Is No Longer Supported!

Older browsers often represent security risks. In order to deliver the best possible experience when using our site, please update to any of these latest browsers.