Tech Field Day 22: Protecting your Cloud with Veeam

The need to protect and recover infrastructure is still a mission-critical task for all IT departments of every sized company. Either service are on-premises or in the cloud, the theme of data availability and disaster recovery is still the challenge for companies like Veeam that besides the continuous improvement of their products and solution are directly involved in the infrastructure and technology evolution (like the introduction of the last generation apps). During TechFieldDay 22, with the delegates, we had the pleasure to discuss with David Hill, Kristen Stoner, Melissa Palmer, and Rick Vanover about the Veeam One, Disaster Recovery, and by the Kasten.io acquisition, the data protection of Kubernetes workload. Let’s see in-depth.

Protecting virtual, physical infrastructures… and the cloud

Veeam, after it’s born in 2006, has confirmed year by year on top of the best availability suites for closest the totality of the workloads available in the world. Experience, technology, and alignment with business needs are the pillars where Veeam’s software solutions like Veeam Backup and Replication, Veeam Availability Suites, Veeam ONE, etc are sitting on and continuously receive improvements that always comes from the customer inputs.

Veeam Availability Suite 11 (soon available in GA) introduces:

Continuous Data Protection: a resiliency feature for the critical workload that introduces a near-zero RPO.
Even More Instant Recovery: a feature that reduces RTO, increasing the speed of instant VM recovery.
Secure Linux Repository
Enhanced Object Storage. What we’ve really seen in Veeam is the ability to protect and use the Public Cloud, covering the protection of on-premises and public cloud objects and at the same time using backup repositories available in both places. With the Enhanced Object Storage, it’s possible to easily scale-out the backup repository into the Public Cloud using its proper features like Azure blob and Archive Storage. Following the DEMO guided by Rick Vanover

Data lifecycle is the key to ensure backup and recovery and to have clear visibility of what is going on in your workload, what is inside of your workload, and what could be predictive of your workload. Veeam, near the celeb Backup and Replication, has invested in Veeam One: the tool to handle and report data, make capacity planning, automate, and diagnose… Comprehensive monitoring for the entire IT environment.

During TechFieldDay 22 Melissa Palmer and Kristen Stoner have shown by a live DEMO three cool features:

The Intelligent Diagnosing and Automatic Remediation
Visibility into Cloud Backup Policies
Extended Visibility for Scale-Out Backup Repositories

Kasten: the Veeam answer to Kubernetes protection

Seemed yesterday that Veeam’s team launched the first backup for Virtual Machines, and now the focus on data protection is really moved on containers, functions, and data geographically distributed. In a few words: as a customer of a new generation data center, the application protection in its forms like Kubernetes elements is the new must-to-have. For this reason, Veeam with the acquisition of Kasten is writing another important chapter in the story of data protection.

Now the real question is: what means protecting cloud-native application? In Kubernetes, an application is a mix of container descriptors, services, stateful elements, configurations, secrets, etc… all standard or custom “Kind” are elements to protect. Kasten saves all elements around the application realizing two kinds of snapshots: component snapshot and application snapshot. In this way, it’s possible to bring all of this stuff into separate storage ready for recovery or transfer into another Kubernetes cluster.

As a Cloud-Native application lover, I couldn’t simply watch, write and comment on what I’ve seen… I must test it! So taking the advantage of my lab and the deployment I have done with Rancher, I tested Kasten functionalities in an environment composed of Gitlab and Jenkins deployments and relative data.

The installation is really straightforward and seems proven for a ready test experience without wasting time configuring items. I suggest preparing your environment with:

Helm 3 (available for all platforms)
A CSI compliant storage with snapshot feature enabled
MinIO the famous S3 compatible object storage (obviously you can use AWS S3)

Kasten installation steps are composed of these four commands:

helm repo add kasten https://charts.kasten.io/
kubectl create namespace kasten-io
curl https://docs.kasten.io/tools/k10_primer.sh | bash
helm install k10 kasten/k10 --namespace=kasten-io

1

2

3

4

helm repo add kasten https://charts.kasten.io/

kubectl create namespace kasten-io

curl https://docs.kasten.io/tools/k10_primer.sh | bash

helm install k10 kasten/k10 --namespace=kasten-io

(Source: https://docs.kasten.io/install/index.html )

After a couple of minutes (when all containers are ready), I configured an L7 load balancer to enable an HTTP proxy with the gateway service. With Rancher is easily possible to associate the xip.io resolution with IP associated with the service:

Then using the URL associated with the service it is possible to access the Kasten console and complete the configuration defining:

Location (The cloud credentials and the bucket.. in my case the private IP of my MinIO installation)
Infrastructure (The underline virtual infrastructure used by the source Kubernetes cluster)
K10 Disaster recovery (If enabled creates a policy that snapshot Kasten datastore and export to cloud using Location definition)

For further info and scenario check the official documentation here: https://docs.kasten.io/usage/usage.html

In order to start protecting your Kube applications, it’s necessary to create one or more policies based on Applications automatically discovered by the Kasten services. Then you can simply wait for scheduling or manually run the first backup.

The data protection scenarios around Kasten are very interesting: from the “simple” application protection to a migration and disaster recovery tool for cloud-native applications. For this reason, knowing the things that Veeam is already able to do, I’m curious to see how this powerful feature will be integrated into the console.

Once again Veeam demonstrates the reliability to take care of data lifecycle across infrastructures, cloud, and last generation platform that are holding new services. Version 11 is going to be released soon. Stay tuned and don’t forget to follow the “Launch Date” here: https://go.veeam.com/v11?ad=hp-news-bar