Kubernetes applications need data protection because, regardless of the platform, all applications need data protection. It’s a lesson companies have learned the hard way with server virtualization, cloud, and SaaS applications. With Kubernetes, you have an opportunity to protect the environment before you suffer from a critical outage, cyber-attack, or failed audit.
Stateful Kubernetes in the mainstream
Kubernetes is not just a tool for developers building stateless applications anymore. Containerization experiments have graduated to become business-critical production applications. Furthermore, since real applications read and write data, your Kubernetes infrastructure is now storing information about your customers, business, and intellectual property.
In addition to new applications, organizations are also moving legacy applications to Kubernetes because it’s the cleanest path to the cloud. It is too expensive to run applications via “lift and shift” and too expensive to convert applications to “re-architect to be cloud native.” Migrating to Kubernetes is easier than re-writing the application, and its dynamic scalability optimizes cloud costs. Of course, when the legacy applications move, so does their data.
As Kubernetes becomes part of the modern enterprise architecture, application teams will develop stateful applications. The applications and their data must be protected.
New environment, existing challenges
With every new technology comes the hope (and the hype) that the “unpleasant” work is finally eradicated. Soon after, people face the despair that the new technology often renders those traditional jobs even more difficult.
Customers protect their data because bad things happen and bad people do bad things. Running applications on Kubernetes does not eliminate the possibility of: storage hardware failures, user and administrator errors that corrupt data, or site outages. In fact, increased virtualization means people are more likely to make mistakes. Meanwhile, cyber-attackers target Kubernetes applications because the additional complexity makes misconfigurations more likely. Organizations must protect the data in their Kubernetes environment, even if the data is distributed inside and outside the cluster.
Businesses monitor for IT resources because, if left unchecked, application teams will spend as much as possible. Kubernetes can help optimize your application environment, or it can bankrupt you. The extra layers of virtualization can make it difficult to understand what resources are underutilized and which applications are consuming your money. Businesses must track the resource utilization in their Kubernetes clusters, even if microservices makes that more difficult to accomplish.
Finally, applications that handle data must meet basic internal and external requirements. These may be as simple as the “3-2-1 rule” – 3 copies on 2 types of media, with 1 being offsite – or as complex as a federal regulation can specify. Auditors and regulators do not care if the application is running in Kubernetes. It doesn’t matter how dynamic the application is; the rules are the same.
Kubernetes data management – best practices
Successful organizations follow some basic principles for running their Kubernetes environments. Everything begins with basic IT practices: people, process, and technology.
On the people side, it is critical to understand organizational structure. Application teams and Kubernetes experts need the freedom to deliver value to the business, but the central team needs to manage the overall environment. The challenge is to balance the two so the application teams don’t adopt Shadow IT.
As for process, it can be tempting to build the world’s largest Kubernetes cluster. Don’t. The business impact of a failure or cyber-attack on a massive cluster is devastating. Of course, running thousands of clusters defeats the purpose of central management. We find customers are happiest with dozens of clusters with tens to hundreds of nodes.
The tools should support your organizational structure and process. Does a tool help you manage a large number of clusters? Does it help you support your users without being intrusive? Is it truly integrated with Kubernetes, or is it just an add-on?
Learn more about Kubernetes data management
Of course, this is just a teaser. We’ve got a lot more best practices to share, with concrete examples that we’ve learned the hard way – e.g. unexpected bills because we forgot to shut down clusters, data loss from mismanaging CSI snapshots, and more.
Remember, join our session at VMworld and stay tuned for even more. If you ever want to discuss Kubernetes protection, contact us at any time. We’re happy to help guide you through your Kubernetes challenges, whether it’s your first cluster or your hundredth.
Kubernetes is part of our world, so let’s make sure your data and applications are protected.