To avoid application downtime and data loss during Kubernetes cluster outages, platform and application operators need to utilize backups for recovery. These backups should contain both the application’s persistent data alongside its configurations, which can be restored to the same or a different cluster to get back into production more quickly. Today, the VMware Tanzu Mission Control team is announcing Kubernetes application data protection supporting multi-cloud backup and cross-cluster restore, so that our customers can improve application resiliency and remain flexible.
Move applications between any cluster and run on any cloud or on-premises data center
The Kubernetes ecosystem has evolved over time, and the use of stateful applications in production is on the rise. Business-critical applications need high availability, and loss of the application state is not acceptable. To ensure that Kubernetes operators adopt automated backup and recovery processes, they should plan where to store their backups. Then, when the need arises—such as application misconfiguration or data loss due to human error, hardware failure, security breaches, or natural disasters—they will have a cluster ready where they can restore. Even if the application does not use persistent volume for data, it may still have a state in Kubernetes resources that need to be backed up and restored. Also, beyond your applications, Kubernetes maintains its own operational state by storing it in the cluster itself. This includes resources such as configuration maps, custom resource definitions, and secrets stored in the Kubernetes control plane. Just like application data, these resources are critical to cluster operations, so protecting them is essential.
Although Kubernetes clusters can be self-healing and automatically rebuilt, it is not easy to manually move application configurations and data to clusters running on other infrastructure types outside the original target infrastructure. Additionally, in today’s cloud-first world, increasing infrastructure choices and improving application portability can offer benefits (e.g., the ability to move applications across production/development environments for troubleshooting, migrate applications between different public cloud vendor deployments to avoid vendor lock-in, and flexibility to move applications across on-premises and public cloud providers).
With this announcement of cross-cluster backup and restore capabilities in Tanzu Mission Control, Kubernetes-based applications can become infrastructure and distribution agnostic. Tanzu Mission Control will help you pre-configure your application backup to flexible storage locations in advance, and provides the ability to restore backups to any infrastructure and any Kubernetes distribution so that you always remain adaptable. Tanzu Mission Control enables cluster portability by easily restoring Kubernetes resources from one cluster to another with persistent volumes.
Change management is also an important use case for restore-to-a-different cluster capabilities offered by Tanzu Mission Control. Customers avoid risking current ongoing operations during major upgrades to your Kubernetes version, especially when it’s difficult to predict how those upgrades will impact your cluster and the applications that live on them. We advise customers to create a backup prior to making any major updates to a cluster. That way, if a Kubernetes cluster update is not successful, or if the update impacts the application layer adversely, you can roll back the update and apply the backup. Alternatively, you can create a standby cluster and restore backup to reduce downtime.
Tanzu Mission Control’s cross-cluster restore feature can be used as a site recovery solution for application portability, which can be extremely useful during crisis situations when your cluster goes into an unrecoverable state. Although Tanzu Mission Control does not provide synchronous data replication, it does allow you to schedule the backup of your cloud native applications running on any Cloud Native Computing Foundation (CNCF)-conformant Kubernetes cluster on an object store (e.g., Amazon Simple Storage Service [S3] including S3-compatible object stores and Azure Blob Storage). In the event of a crisis situation, administrators can restore your application configuration and its data from the backup that is taken as frequently as every 15 minutes. You can avoid prolonged downtimes and recovery periods while ensuring developers remain productive. Application portability can also be a method for recovering accidental deletions or misconfigurations by restoring to a previous “good state” if needed.
Tanzu Mission Control utilizes upstream, open source data protection software
Tanzu Mission Control leverages Velero under the hood for data protection capabilities. Velero is constrained to a single cluster and uses the Kubernetes API to capture the state of cluster resources. Persistent data then gets backed up using either the storage platform’s native snapshot capability or an integrated file-level backup tool called Restic. With enterprises running hundreds of clusters across public and private clouds, installing, configuring, and running Velero for backup and restore at each cluster is a daunting task. Tanzu Mission Control centrally manages the entire lifecycle of Velero across your cluster fleet, which drastically reduces the amount of toil involved.
Users can take advantage of data protection features on any CNCF-conformant cluster under management, regardless of whether it was provisioned by Tanzu Mission Control or is just attached. Tanzu Mission Control allows administrators to provide data protection to their cluster fleet from a central UI console, CLI, and API. Tanzu Mission Control data protection allows you to capture entire clusters or subsets of your cluster’s associated resources (filtering by namespace or by using Kubernetes label selectors), which provides a high degree of flexibility around what’s backed up and restored. With the capability to restore a backup to the same namespace in the same cluster, an alternate namespace in the same cluster, or recover to an alternate cluster, Tanzu Mission Control is a valuable solution for handling data protection as well as migration scenarios for your cloud native applications across a fleet of cross-cloud clusters. Tanzu Mission Control is never in possession of your application data, as backups go directly from clusters in your environment to backup storage controlled by you.
Designed to tackle the multicluster and multi-cloud challenges of running and managing Kubernetes today, Tanzu Mission Control offers enterprises the best data protection solution. Go to the VMware documentation on Tanzu Mission Control to learn more about data protection capabilities.
Please join us at VMware Explore for the Ask the Experts Session on Delivering Enterprise Stateful Kubernetes.
About the AuthorMore Content by Pradeep Kumar Chaturvedi